urlscan.io logo urlscan.io
SecurityTrails logo

www.theonion.com Open in urlscan Pro
151.101.66.166  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Effective URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Submission: On June 24 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 8 countries across 111 domains to perform 371 HTTP transactions. The main IP is 151.101.66.166, located in United States and belongs to FASTLY, US. The main domain is www.theonion.com. The Cisco Umbrella rank of the primary domain is 114820.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on July 21st 2021. Valid for: a year.
This is the only time www.theonion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 76 151.101.66.166 54113 (FASTLY)
1 14 23.34.248.177 16625 (AKAMAI-AS)
2 6 184.29.133.6 16625 (AKAMAI-AS)
1 151.101.66.217 54113 (FASTLY)
4 172.217.165.130 15169 (GOOGLE)
5 99.84.208.37 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 199.232.198.217 54113 (FASTLY)
4 99.84.210.121 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 34.120.253.250 15169 (GOOGLE)
1 3 52.85.151.63 16509 (AMAZON-02)
12 13 35.71.131.137 16509 (AMAZON-02)
15 27 142.250.176.194 15169 (GOOGLE)
7 9 69.173.151.100 26667 (RUBICONPR...)
3 12 104.18.18.126 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:208... 16509 (AMAZON-02)
1 3.219.23.242 14618 (AMAZON-AES)
1 34.120.155.137 396982 (GOOGLE-CL...)
1 34.198.184.125 14618 (AMAZON-AES)
1 3 2620:100:a001::c 19750 (AS-CRITEO)
7 23.41.168.23 16625 (AKAMAI-AS)
1 23.34.59.26 20940 (AKAMAI-ASN1)
4 34.107.136.65 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
13 2607:f8b0:400... 15169 (GOOGLE)
2 34.98.72.95 15169 (GOOGLE)
1 34.239.59.172 14618 (AMAZON-AES)
2 34.107.148.139 15169 (GOOGLE)
1 3 3.82.180.220 14618 (AMAZON-AES)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.64.102 15169 (GOOGLE)
1 52.85.132.54 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2602:803:c002... 26667 (RUBICONPR...)
2 4 34.98.64.218 15169 (GOOGLE)
4 34.236.83.94 14618 (AMAZON-AES)
1 74.119.119.129 19750 (AS-CRITEO)
1 35.211.165.199 19527 (GOOGLE-2)
1 52.72.91.74 14618 (AMAZON-AES)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 167.99.21.53 14061 (DIGITALOC...)
8 11 68.67.179.87 29990 (ASN-APPNEX)
1 130.211.23.194 15169 (GOOGLE)
2 13 52.46.130.91 16509 (AMAZON-02)
1 34.117.175.218 396982 (GOOGLE-CL...)
1 34.120.234.209 15169 (GOOGLE)
1 34.149.148.173 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 99.84.208.120 16509 (AMAZON-02)
7 34.111.8.32 15169 (GOOGLE)
5 184.29.132.212 16625 (AKAMAI-AS)
1 54.171.206.228 16509 (AMAZON-02)
7 3.86.123.228 14618 (AMAZON-AES)
4 104.127.172.242 16625 (AKAMAI-AS)
2 2 52.45.33.138 14618 (AMAZON-AES)
4 5 35.71.139.29 16509 (AMAZON-02)
1 34.107.191.194 15169 (GOOGLE)
2 3 35.207.10.239 15169 (GOOGLE)
14 15 35.211.178.172 15169 (GOOGLE)
2 3 35.170.174.103 14618 (AMAZON-AES)
3 104.36.115.113 62713 (AS-PUBMATIC)
4 4 108.168.159.145 36351 (SOFTLAYER)
3 3 54.225.93.213 14618 (AMAZON-AES)
2 2 2600:1f18:1c9... 14618 (AMAZON-AES)
3 4 2600:1f18:4e9... 14618 (AMAZON-AES)
1 1 34.102.163.6 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
2 2 51.178.20.140 16276 (OVH)
4 4 104.127.64.185 16625 (AKAMAI-AS)
1 104.18.19.126 13335 (CLOUDFLAR...)
3 4 2606:4700:440... 13335 (CLOUDFLAR...)
2 104.36.115.114 62713 (AS-PUBMATIC)
2 3 185.167.164.39 198622 (ADFORM)
3 3 151.101.130.49 54113 (FASTLY)
4 22 104.36.115.109 62713 (AS-PUBMATIC)
2 2 74.121.140.14 30419 (MEDIAMATH...)
6 6 54.243.191.164 14618 (AMAZON-AES)
1 1 199.187.193.166 47043 (SMARTADSE...)
1 1 198.148.27.139 19189 (PULSEPOINT)
2 2 193.122.130.38 31898 (ORACLE-BM...)
9 8.28.7.83 62713 (AS-PUBMATIC)
1 169.197.150.7 398989 (DEEPINTENT)
4 4 178.250.0.163 44788 (ASN-CRITE...)
2 4 74.119.119.150 19750 (AS-CRITEO)
2 2 173.231.178.77 29791 (VOXEL-DOT...)
4 4 199.127.204.142 26120 (RHYTHMONE)
1 1 69.90.254.78 13768 (COGECO-PEER1)
3 3 3.209.99.106 14618 (AMAZON-AES)
2 4 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
2 8.28.7.84 62713 (AS-PUBMATIC)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 44.196.141.245 14618 (AMAZON-AES)
1 1 3.94.241.28 14618 (AMAZON-AES)
4 4 2606:ae80:147... 26762 (CNVR-US-EAST)
1 1 2620:116:800b... 14618 (AMAZON-AES)
2 2 207.198.113.86 13768 (COGECO-PEER1)
3 3 35.207.24.140 15169 (GOOGLE)
1 2 4.78.226.233 3356 (LEVEL3)
1 1 45.35.192.162 40676 (AS40676)
2 34.204.59.188 14618 (AMAZON-AES)
1 34.149.130.207 15169 (GOOGLE)
2 2620:100:a001::4 19750 (AS-CRITEO)
1 2607:f8b0:400... 15169 (GOOGLE)
2 23.22.255.185 14618 (AMAZON-AES)
1 2600:9000:207... 16509 (AMAZON-02)
7 104.244.36.20 7415 (ADSAFE-1)
7 99.84.222.80 16509 (AMAZON-02)
1 1 204.2.255.224 2914 (NTT-LTD-2914)
2 2 64.202.112.127 22075 (AS-OUTBRAIN)
1 1 199.38.167.129 54312 (ROCKETFUEL)
10 52.85.132.100 16509 (AMAZON-02)
4 174.129.154.195 14618 (AMAZON-AES)
1 99.84.103.191 16509 (AMAZON-02)
1 74.119.119.139 19750 (AS-CRITEO)
1 1 23.57.136.222 16625 (AKAMAI-AS)
2 2 52.54.42.45 14618 (AMAZON-AES)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 52.95.119.178 16509 (AMAZON-02)
1 99.84.208.19 16509 (AMAZON-02)
1 99.86.224.108 16509 (AMAZON-02)
2 3 162.248.18.11 62713 (AS-PUBMATIC)
1 1 34.102.253.54 15169 (GOOGLE)
1 1 68.67.179.133 29990 (ASN-APPNEX)
1 1 159.65.197.210 14061 (DIGITALOC...)
3 3 35.190.90.30 15169 (GOOGLE)
2 2 107.178.246.49 15169 (GOOGLE)
1 2 99.84.108.20 16509 (AMAZON-02)
2 3 23.209.184.224 16625 (AKAMAI-AS)
1 1 2a04:4e42::300 54113 (FASTLY)
1 151.101.65.44 54113 (FASTLY)
1 1 172.105.221.240 ()
1 5.161.54.172 213230 (HETZNER-C...)
1 195.5.165.20 ()
1 1 23.88.75.189 ()
1 1 104.45.178.220 8075 (MICROSOFT...)
3 3 38.27.122.126 174 (COGENT-174)
6 6 15.235.15.221 16276 (OVH)
2 2 52.4.54.89 14618 (AMAZON-AES)
2 2 52.0.156.250 ()
1 1 76.13.32.147 ()
2 2 35.201.96.126 15169 (GOOGLE)
1 162.248.18.10 62713 (AS-PUBMATIC)
1 2 50.57.31.206 19994 (RACKSPACE)
1 18.233.244.171 14618 (AMAZON-AES)
371 109
76    151.101.66.166 (United States)

ASN54113 (FASTLY, US)
theonion.com
www.theonion.com
f.kinja-static.com
kinja.com
i.kinja-img.com
x.kinja-static.com
vid.kinja.com
14    23.34.248.177 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-248-177.deploy.static.akamaitechnologies.com
hbx.media.net
hblg.media.net
pb-logs.media.net
cs.media.net
6    184.29.133.6 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-133-6.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
1    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
4    172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f2.1e100.net
securepubads.g.doubleclick.net
5    99.84.208.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-208-37.iad79.r.cloudfront.net
tagan.adlightning.com
1    2607:f8b0:4006:823::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2607:f8b0:4006:821::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4006:817::200a (New York, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2607:f8b0:4006:81d::200e (New York, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    199.232.198.217 (United States)

ASN54113 (FASTLY, US)
static.scroll.com
4    99.84.210.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-210-121.iad79.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:2199:6800:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2606:4700:20::ac43:4acf (United States)

ASN13335 (CLOUDFLARENET, US)
kinja-com.videoplayerhub.com
1    2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
3    52.85.151.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-63.iad89.r.cloudfront.net
sb.scorecardresearch.com
13    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
27    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
cm.g.doubleclick.net
9    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
12    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
htlb.casalemedia.com
2    2607:f8b0:4006:81f::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
ampcid.google.ca
1    2600:9000:208f:e200:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-magiclinks.trackonomics.net
1    3.219.23.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-23-242.compute-1.amazonaws.com
id.sv.rkdms.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
1    34.198.184.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-184-125.compute-1.amazonaws.com
idx.liadm.com
3    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
7    23.41.168.23 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    23.34.59.26 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-34-59-26.deploy.static.akamaitechnologies.com
s.mnet-ad.net
4    34.107.136.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.136.107.34.bc.googleusercontent.com
xch.media.net
2    2607:f8b0:4006:81c::2006 (New York, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
13    2607:f8b0:4006:821::2002 (New York, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
2    34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
1    34.239.59.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-59-172.compute-1.amazonaws.com
ping.chartbeat.net
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
3    3.82.180.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-180-220.compute-1.amazonaws.com
pixel.adsafeprotected.com
fw.adsafeprotected.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.64.102 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f6.1e100.net
ad.doubleclick.net
1    52.85.132.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-54.iad50.r.cloudfront.net
ats.rlcdn.com
3    2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2602:803:c002:200::42 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
fusion-media-group-d.openx.net
us-u.openx.net
4    34.236.83.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-94.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
1    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
1    35.211.165.199 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 199.165.211.35.bc.googleusercontent.com
grid.bidswitch.net
1    52.72.91.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-91-74.compute-1.amazonaws.com
tlx.3lift.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    167.99.21.53 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
ads.resetsrv.com
11    68.67.179.87 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
13    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.117.175.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.175.117.34.bc.googleusercontent.com
data.cdnbasket.net
1    34.120.234.209 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 209.234.120.34.bc.googleusercontent.com
page.cdnbasket.net
1    34.149.148.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.148.149.34.bc.googleusercontent.com
view.cdnbasket.net
4    2607:f8b0:4006:80b::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:80c::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    99.84.208.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-208-120.iad79.r.cloudfront.net
geo.privacymanager.io
7    34.111.8.32 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
events.bouncex.net
dfp.bouncex.net
5    184.29.132.212 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-132-212.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    54.171.206.228 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-206-228.eu-west-1.compute.amazonaws.com
sync-amz.ads.yieldmo.com
7    3.86.123.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-86-123-228.compute-1.amazonaws.com
sync.bfmio.com
4    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
5    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    34.107.191.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.191.107.34.bc.googleusercontent.com
ids.cdnwidget.com
3    35.207.10.239 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 239.10.207.35.bc.googleusercontent.com
ssp.behave.com
15    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    35.170.174.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-174-103.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
3    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    108.168.159.145 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 91.9f.a86c.ip4.static.sl-reverse.com
um.simpli.fi
3    54.225.93.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-93-213.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    2600:1f18:1c96:4102:49f3:ecb9:1797:d45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.tidaltv.com
4    2600:1f18:4e9:5a02:7048:1629:7931:e6d0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    2607:f8b0:4006:806::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.fr
1    2607:f8b0:4006:817::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
9    2607:f8b0:4006:824::2001 (New York, United States)

ASN15169 (GOOGLE, US)
ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
tpc.googlesyndication.com
2    51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu
gu.dyntrk.com
4    104.127.64.185 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-64-185.deploy.static.akamaitechnologies.com
px.owneriq.net
1    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
4    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
3    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
22    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    54.243.191.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-191-164.compute-1.amazonaws.com
match.prod.bidr.io
1    199.187.193.166 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
9    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
4    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
2    173.231.178.77 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
4    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
3    3.209.99.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-99-106.compute-1.amazonaws.com
pm.w55c.net
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    44.196.141.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-141-245.compute-1.amazonaws.com
rtb.adentifi.com
1    3.94.241.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-241-28.compute-1.amazonaws.com
sync.ipredictive.com
4    2606:ae80:1471:15::440 (United States)

ASN26762 (CNVR-US-EAST, US)
pubmatic-match.dotomi.com
medianet-match.dotomi.com
1    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
2    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    4.78.226.233 (Irving, United States)

ASN3356 (LEVEL3, US)
pmp.mxptint.net
1    45.35.192.162 (United States)

ASN40676 (AS40676, US)
sync.resetdigital.co
2    34.204.59.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-59-188.compute-1.amazonaws.com
ads.yieldmo.com
1    34.149.130.207 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 207.130.149.34.bc.googleusercontent.com
idr.cdnwidget.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    2607:f8b0:4006:80c::2002 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    23.22.255.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-255-185.compute-1.amazonaws.com
as.jivox.com
1    2600:9000:2073:f000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
7    104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com
dt.adsafeprotected.com
7    99.84.222.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-222-80.iad79.r.cloudfront.net
playercdn.jivox.com
cdn.jivox.com
1    204.2.255.224 (Fort Lauderdale, United States)

ASN2914 (NTT-LTD-2914, US)
aep.mxptint.net
2    64.202.112.127 (Harrodsburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    199.38.167.129 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
10    52.85.132.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-100.iad50.r.cloudfront.net
assets.jivox.com
4    174.129.154.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-154-195.compute-1.amazonaws.com
evs.jivox.com
1    99.84.103.191 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-103-191.iad79.r.cloudfront.net
cdn-as.jivox.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    23.57.136.222 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-136-222.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    52.54.42.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-42-45.compute-1.amazonaws.com
cs.emxdgt.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.95.119.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    99.84.208.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-208-19.iad79.r.cloudfront.net
fr-actions.trackonomics.net
1    99.86.224.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-224-108.iad79.r.cloudfront.net
trx-hub.com
3    162.248.18.11 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    68.67.179.133 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
3    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
2    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
2    99.84.108.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-20.iad79.r.cloudfront.net
aa.agkn.com
3    23.209.184.224 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-184-224.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    172.105.221.240 (None, )

ASN- ()
gocm.c.appier.net
1    5.161.54.172 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    23.88.75.189 (None, )

ASN- ()
csync.loopme.me
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
3    38.27.122.126 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
6    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
2    52.4.54.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-54-89.compute-1.amazonaws.com
sync.crwdcntrl.net
2    52.0.156.250 (None, )

ASN- ()
loada.exelator.com
1    76.13.32.147 (None, )

ASN- ()
cms.analytics.yahoo.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    162.248.18.10 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
1    18.233.244.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-244-171.compute-1.amazonaws.com
rtb.gumgum.com
Apex Domain
Subdomains		 Transfer
48 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 520
ads.pubmatic.com — Cisco Umbrella Rank: 488
image6.pubmatic.com — Cisco Umbrella Rank: 629
simage4.pubmatic.com — Cisco Umbrella Rank: 1202
simage2.pubmatic.com — Cisco Umbrella Rank: 611
image2.pubmatic.com — Cisco Umbrella Rank: 865
image4.pubmatic.com — Cisco Umbrella Rank: 882
image8.pubmatic.com — Cisco Umbrella Rank: 590
aud.pubmatic.com — Cisco Umbrella Rank: 5409
53 KB
37 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
ad.doubleclick.net — Cisco Umbrella Rank: 189
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
186 KB
28 theonion.com
theonion.com — Cisco Umbrella Rank: 111747
www.theonion.com — Cisco Umbrella Rank: 114820
271 KB
27 media.net
hbx.media.net — Cisco Umbrella Rank: 1351
contextual.media.net — Cisco Umbrella Rank: 529
xch.media.net — Cisco Umbrella Rank: 9803
prebid.media.net — Cisco Umbrella Rank: 1342
hblg.media.net — Cisco Umbrella Rank: 1467
pb-logs.media.net — Cisco Umbrella Rank: 15630
cs.media.net — Cisco Umbrella Rank: 1523
165 KB
25 kinja-static.com
f.kinja-static.com — Cisco Umbrella Rank: 26767
x.kinja-static.com — Cisco Umbrella Rank: 26621
787 KB
24 jivox.com
as.jivox.com — Cisco Umbrella Rank: 3191
playercdn.jivox.com — Cisco Umbrella Rank: 4064
assets.jivox.com — Cisco Umbrella Rank: 3604
evs.jivox.com — Cisco Umbrella Rank: 3454
cdn-as.jivox.com — Cisco Umbrella Rank: 6050
cdn.jivox.com — Cisco Umbrella Rank: 4771
2 MB
21 kinja-img.com
i.kinja-img.com — Cisco Umbrella Rank: 21941
388 KB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
99 KB
18 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608
as-sec.casalemedia.com — Cisco Umbrella Rank: 1361
htlb.casalemedia.com — Cisco Umbrella Rank: 542
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576
dsum.casalemedia.com — Cisco Umbrella Rank: 1295
17 KB
18 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 327
s.amazon-adsystem.com — Cisco Umbrella Rank: 286
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1274
55 KB
16 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1251
x.bidswitch.net — Cisco Umbrella Rank: 290
8 KB
15 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
fastlane.rubiconproject.com — Cisco Umbrella Rank: 528
eus.rubiconproject.com — Cisco Umbrella Rank: 573
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1036
token.rubiconproject.com — Cisco Umbrella Rank: 711
28 KB
13 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 391
bidder.criteo.com — Cisco Umbrella Rank: 744
dis.criteo.com — Cisco Umbrella Rank: 717
widget.us.criteo.com — Cisco Umbrella Rank: 16628
mug.criteo.com — Cisco Umbrella Rank: 2727
11 KB
13 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 594
match.adsrvr.org — Cisco Umbrella Rank: 367
8 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
secure.adnxs.com — Cisco Umbrella Rank: 408
11 KB
11 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1020
ups.analytics.yahoo.com — Cisco Umbrella Rank: 299
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 479
cms.analytics.yahoo.com
7 KB
11 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 536
fw.adsafeprotected.com — Cisco Umbrella Rank: 771
static.adsafeprotected.com — Cisco Umbrella Rank: 562
dt.adsafeprotected.com — Cisco Umbrella Rank: 481
99 KB
7 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1281
4 KB
6 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3729
3 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 474
3 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 641
eb2.3lift.com — Cisco Umbrella Rank: 410
2 KB
6 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 856
ats.rlcdn.com — Cisco Umbrella Rank: 1392
idsync.rlcdn.com — Cisco Umbrella Rank: 321
id.rlcdn.com — Cisco Umbrella Rank: 635
39 KB
6 google.com
ampcid.google.com — Cisco Umbrella Rank: 1722
www.google.com — Cisco Umbrella Rank: 8
adservice.google.com — Cisco Umbrella Rank: 92
2 KB
5 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 2162
dfp.bouncex.net — Cisco Umbrella Rank: 3840
611 B
5 bounceexchange.com
tag.bounceexchange.com — Cisco Umbrella Rank: 2791
assets.bounceexchange.com — Cisco Umbrella Rank: 2390
api.bounceexchange.com — Cisco Umbrella Rank: 2697
168 KB
5 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1703
110 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3635
medianet-match.dotomi.com — Cisco Umbrella Rank: 9723
1 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2209
2 KB
4 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1004
3 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 851
2 KB
4 openx.net
fusion-media-group-d.openx.net — Cisco Umbrella Rank: 39467
us-u.openx.net — Cisco Umbrella Rank: 387
974 B
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
3 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1970
2 KB
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 494
tags.bluekai.com
2 KB
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 907
806 B
3 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 5558
aep.mxptint.net — Cisco Umbrella Rank: 6157
2 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 901
1 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 790
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 540
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 612
1 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 753
1 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1398
1002 B
3 behave.com
ssp.behave.com — Cisco Umbrella Rank: 3695
1 KB
3 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 6197
ads.yieldmo.com — Cisco Umbrella Rank: 670
2 KB
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 6109
page.cdnbasket.net — Cisco Umbrella Rank: 6116
view.cdnbasket.net — Cisco Umbrella Rank: 6114
1014 B
3 google.ca
ampcid.google.ca — Cisco Umbrella Rank: 80131
www.google.ca — Cisco Umbrella Rank: 7301
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 134
3 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1128
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4768
623 B
2 exelator.com
loada.exelator.com
2 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 716
902 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 672
match.taboola.com — Cisco Umbrella Rank: 2357
654 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 445
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 444
628 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 950
765 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 534
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 606
56 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 587
946 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 809
716 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1459
1 KB
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1161
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
mathid.mathtag.com Failed
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1269
1 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1140
623 B
2 cdnwidget.com
ids.cdnwidget.com — Cisco Umbrella Rank: 4561
idr.cdnwidget.com — Cisco Umbrella Rank: 5119
908 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1324
1 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
56 KB
2 trackonomics.net
cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 6182
fr-actions.trackonomics.net — Cisco Umbrella Rank: 10450
28 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1196
api.btloader.com — Cisco Umbrella Rank: 1311
6 KB
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 425
329 KB
2 kinja.com
kinja.com — Cisco Umbrella Rank: 25121
vid.kinja.com — Cisco Umbrella Rank: 31883
1 KB
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1247
209 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4123
348 B
1 loopme.me
csync.loopme.me
224 B
1 iprom.net
core.iprom.net
277 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6426
1 appier.net
gocm.c.appier.net
395 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2661
534 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4081
466 B
1 trx-hub.com
trx-hub.com — Cisco Umbrella Rank: 6443
445 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 395
572 B
1 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 3055
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
43 KB
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2597
485 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 443
541 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1030
522 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1200
35 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 801
518 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3984
391 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1301
674 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1121
633 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 922
222 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 556
821 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 653
768 B
1 google.fr
adservice.google.fr — Cisco Umbrella Rank: 25125
792 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2554
241 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1461
595 B
1 resetsrv.com
ads.resetsrv.com — Cisco Umbrella Rank: 11229
382 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1095
201 B
1 mnet-ad.net
s.mnet-ad.net — Cisco Umbrella Rank: 54215
192 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 4925
490 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 4089
623 B
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1355
37 KB
1 videoplayerhub.com
kinja-com.videoplayerhub.com — Cisco Umbrella Rank: 32604
532 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1217
15 KB
1 scroll.com
static.scroll.com — Cisco Umbrella Rank: 5598
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
39 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 5954
7 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 671
16 KB
0 britepool.com Failed
px.britepool.com Failed
api.britepool.com Failed
371 111
Domain Requested by
27 cm.g.doubleclick.net 15 redirects sync-amz.ads.yieldmo.com
googleads.g.doubleclick.net
ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
27 www.theonion.com www.theonion.com
x.kinja-static.com
22 simage2.pubmatic.com 4 redirects ads.pubmatic.com
21 i.kinja-img.com www.theonion.com
20 x.kinja-static.com www.theonion.com
tagan.adlightning.com
15 x.bidswitch.net 14 redirects
13 s.amazon-adsystem.com 2 redirects tagan.adlightning.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
sync-amz.ads.yieldmo.com
simage4.pubmatic.com
hbx.media.net
12 match.adsrvr.org 11 redirects js-sec.indexww.com
11 ib.adnxs.com 8 redirects x.kinja-static.com
sync-amz.ads.yieldmo.com
googleads.g.doubleclick.net
11 pagead2.googlesyndication.com www.theonion.com
ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
tagan.adlightning.com
tpc.googlesyndication.com
x.kinja-static.com
www.googletagservices.com
11 dsum-sec.casalemedia.com 3 redirects www.theonion.com
ssum-sec.casalemedia.com
googleads.g.doubleclick.net
10 assets.jivox.com playercdn.jivox.com
as.jivox.com
assets.jivox.com
9 image2.pubmatic.com ads.pubmatic.com
7 dt.adsafeprotected.com ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
7 tpc.googlesyndication.com ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
tagan.adlightning.com
7 sync.bfmio.com s.amazon-adsystem.com
sync.bfmio.com
7 contextual.media.net hbx.media.net
www.theonion.com
eus.rubiconproject.com
6 pixel.onaudience.com 6 redirects
6 cs.media.net 1 redirects hbx.media.net
6 match.prod.bidr.io 6 redirects
6 hbx.media.net www.theonion.com
hbx.media.net
ads.pubmatic.com
5 eb2.3lift.com 4 redirects
5 ads.pubmatic.com s.amazon-adsystem.com
tagan.adlightning.com
ads.pubmatic.com
simage4.pubmatic.com
hbx.media.net
5 pixel.rubiconproject.com 3 redirects hbx.media.net
5 tagan.adlightning.com www.theonion.com
tagan.adlightning.com
ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
5 f.kinja-static.com www.theonion.com
4 token.rubiconproject.com 4 redirects
4 cdn.jivox.com as.jivox.com
4 evs.jivox.com ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
4 widget.us.criteo.com 2 redirects ads.pubmatic.com
sync-amz.ads.yieldmo.com
4 dis.criteo.com 4 redirects
4 px.owneriq.net 4 redirects
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 um.simpli.fi 4 redirects
4 events.bouncex.net www.theonion.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
hbx.media.net
4 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
4 www.google.com www.theonion.com
ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
tagan.adlightning.com
4 c2shb.ssp.yahoo.com x.kinja-static.com
4 xch.media.net www.theonion.com
4 c.amazon-adsystem.com www.theonion.com
x.kinja-static.com
4 www.google-analytics.com www.theonion.com
x.kinja-static.com
4 securepubads.g.doubleclick.net www.theonion.com
tagan.adlightning.com
securepubads.g.doubleclick.net
x.kinja-static.com
3 match.bnmla.com 3 redirects
3 odr.mookie1.com 3 redirects
3 image8.pubmatic.com 2 redirects
3 us-u.openx.net 2 redirects
3 playercdn.jivox.com as.jivox.com
3 rtb.mfadsrvr.com 3 redirects
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 pm.w55c.net 3 redirects
3 sync.1rx.io 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 sync.srv.stackadapt.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 ssp.behave.com 2 redirects www.theonion.com
3 stats.g.doubleclick.net x.kinja-static.com
3 gum.criteo.com 1 redirects hbx.media.net
tagan.adlightning.com
3 sb.scorecardresearch.com 1 redirects tagan.adlightning.com
www.theonion.com
2 uipglob.semasio.net 1 redirects
2 visitor.fiftyt.com 2 redirects
2 tags.bluekai.com 1 redirects
2 loada.exelator.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 medianet-match.dotomi.com 2 redirects
2 aa.agkn.com 1 redirects
2 pixel.tapad.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 as.jivox.com ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
tagan.adlightning.com
2 googleads.g.doubleclick.net ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
tagan.adlightning.com
2 fw.adsafeprotected.com 1 redirects ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
2 static.criteo.net x.kinja-static.com
2 ads.yieldmo.com sync-amz.ads.yieldmo.com
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pixel-sync.sitescout.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 cm.adgrx.com 2 redirects
2 sync.technoratimedia.com 2 redirects
2 sync.mathtag.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 s.tribalfusion.com 1 redirects ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
2 sync.tidaltv.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 api.bounceexchange.com tagan.adlightning.com
2 www.google.ca www.theonion.com
2 ad-delivery.net www.theonion.com
2 prebid.media.net x.kinja-static.com
2 assets.bounceexchange.com tagan.adlightning.com
2 s0.2mdn.net imasdk.googleapis.com
as.jivox.com
2 imasdk.googleapis.com tagan.adlightning.com
1 rtb.gumgum.com
1 aud.pubmatic.com
1 cms.analytics.yahoo.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 csync.loopme.me 1 redirects
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 trx-hub.com
1 fr-actions.trackonomics.net x.kinja-static.com
1 aax-eu.amazon-adsystem.com hbx.media.net
1 px.ads.linkedin.com
1 id.rlcdn.com hbx.media.net
1 secure-assets.rubiconproject.com 1 redirects
1 mug.criteo.com
1 cdn-as.jivox.com as.jivox.com
1 a.rfihub.com 1 redirects
1 aep.mxptint.net 1 redirects
1 static.adsafeprotected.com tagan.adlightning.com
1 dfp.bouncex.net x.kinja-static.com
1 www.googletagservices.com ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
1 idr.cdnwidget.com www.theonion.com
1 sync.resetdigital.co 1 redirects
1 pixel.quantserve.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 rtb.adentifi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 adservice.google.com tagan.adlightning.com
1 adservice.google.fr tagan.adlightning.com
1 pb-logs.media.net www.theonion.com
1 ad.mrtnsvr.com 1 redirects
1 ids.cdnwidget.com x.kinja-static.com
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 geo.privacymanager.io x.kinja-static.com
1 view.cdnbasket.net x.kinja-static.com
1 page.cdnbasket.net x.kinja-static.com
1 data.cdnbasket.net x.kinja-static.com
1 api.btloader.com x.kinja-static.com
1 ads.resetsrv.com x.kinja-static.com
1 hbopenbid.pubmatic.com x.kinja-static.com
1 tlx.3lift.com x.kinja-static.com
1 htlb.casalemedia.com x.kinja-static.com
1 grid.bidswitch.net x.kinja-static.com
1 bidder.criteo.com x.kinja-static.com
1 fusion-media-group-d.openx.net x.kinja-static.com
1 fastlane.rubiconproject.com x.kinja-static.com
1 ats.rlcdn.com tagan.adlightning.com
1 ad.doubleclick.net www.theonion.com
1 hblg.media.net www.theonion.com
1 pixel.adsafeprotected.com x.kinja-static.com
1 ping.chartbeat.net www.theonion.com
1 as-sec.casalemedia.com x.kinja-static.com
1 ampcid.google.ca x.kinja-static.com
1 s.mnet-ad.net www.theonion.com
1 idx.liadm.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 cdn-magiclinks.trackonomics.net tagan.adlightning.com
1 www.googleoptimize.com www.googletagmanager.com
1 insight.adsrvr.org 1 redirects
1 tag.bounceexchange.com tagan.adlightning.com
1 btloader.com www.theonion.com
1 kinja-com.videoplayerhub.com 1 redirects
1 static.chartbeat.com tagan.adlightning.com
1 static.scroll.com tagan.adlightning.com
1 ampcid.google.com www.google-analytics.com
1 vid.kinja.com www.theonion.com
1 www.googletagmanager.com www.theonion.com
1 kinja.com www.theonion.com
1 cdn.speedcurve.com www.theonion.com
1 js-sec.indexww.com www.theonion.com
1 theonion.com 1 redirects
0 api.britepool.com Failed x.kinja-static.com
0 mathid.mathtag.com Failed ads.pubmatic.com
0 px.britepool.com Failed www.theonion.com
371 186
Subject Issuer Validity Valid
*.avclub.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-07-21 -
2022-08-22		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-12 -
2022-11-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.adlightning.com
Amazon		 2022-06-09 -
2023-07-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.scroll.com
R3		 2022-04-27 -
2022-07-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
tag.bounceexchange.com
R3		 2022-05-22 -
2022-08-20		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.trackonomics.net
Go Daddy Secure Certificate Authority - G2		 2021-12-22 -
2023-01-23		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.liadm.com
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
s.mnet-ad.net
R3		 2022-05-18 -
2022-08-16		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2022-06-10 -
2022-09-08		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-21 -
2023-03-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
resetsrv.com
E1		 2022-06-20 -
2022-09-18		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2022-06-22 -
2022-09-20		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.cdnbasket.net
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-09-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.wunderkind.co
R3		 2022-06-14 -
2022-09-12		 3 months crt.sh
*.ads.yieldmo.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.bfmio.com
Amazon		 2022-04-16 -
2023-05-15		 a year crt.sh
ids.cdnwidget.com
R3		 2022-06-06 -
2022-09-04		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-25 -
2022-08-19		 3 months crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
idr.cdnwidget.com
R3		 2022-05-13 -
2022-08-11		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.adsafeprotected.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-18 -
2023-06-18		 a year crt.sh
*.jivox.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-13 -
2023-06-13		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-06-16 -
2023-06-15		 a year crt.sh
*.trx-hub.com
Amazon		 2022-02-20 -
2023-03-21		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
truffle.bid
R3		 2022-06-13 -
2022-09-11		 3 months crt.sh
*.iprom.net
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh

This page contains 54 frames:

Primary Page: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Frame ID: 6E28636E2E10E9899EEAEBAF8EDD8115
Requests: 189 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.519.0_en.html
Frame ID: 6F527A48871DCB3299952A638D7E5B13
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&dcc=t
Frame ID: 2B86843739E5B61A3F34EF98FB91C225
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 5FF7BC163D990166638EB5B7B368127B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: FF641ADA00C3FD9CDF58ACFDAA53C6D9
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 20B862B2C7949B78D94F24E7F307F476
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 539DD199203400E8F41AF124B021CCB2
Requests: 2 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 3CA5B80CEA6AE178C9EB5A71AFCCC89E
Requests: 7 HTTP requests in this frame

Frame: https://sync.bfmio.com/syncb?pid=137
Frame ID: FAC5EB811409416D5D91273C1569CF87
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: B8A4646B42743DB63D2D2E4467C37A8F
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS15bFh3Mnl0RTJ1SzRYazZHRW1KaU90ZG50OU1rckNmLn5B
Frame ID: 9ABFC5CE2814223F85745B1AEBD4109D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=780750410301151874&ex=appnexus.com
Frame ID: 2B8B230FF213DC335237E949DDFFBCAA
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2361227759780991366806
Frame ID: E13A12D4C3319EF66B916E4E413EF0CB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: 18FFE816E8531202F4D5F81E8A0ACCA4
Requests: 23 HTTP requests in this frame

Frame: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7C0BBBB5F9ECF7A6D6782537144E24AA
Requests: 1 HTTP requests in this frame

Frame: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=3A240AA5-6332-48CC-8B2D-B1DF4F8202BF&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: B4D5ECBB6582F34FAACD3C270734520A
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C3E08DA9-D324-4D66-8134-C7493E27E7EA
Frame ID: 7EBDEA617CB37DFEA2A787C50331E5D5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YrUkeQALNGCGIgAo&gdpr=0&gdpr_consent=&_test=YrUkeQALNGCGIgAo
Frame ID: DB5AB940D602311F55CCD8090ED442DD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:336c62b5-2479-4900-8f51-fe240806a828&gdpr=0&gdpr_consent=
Frame ID: D2A347BB53E3638644AF6F9243304639
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAExok7FakkAABNibS4wiw
Frame ID: 634E23B8FBE338D7BD57BBAAE5C9AF22
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: BB948A6664BF200B1D31686AEEF04B1A
Requests: 1 HTTP requests in this frame

Frame: https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E68B7278F3FDB712A80637F468F8F6B7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=399eca3c-f367-11ec-a45c-682258f0f1c1
Frame ID: 56E7727F0FADB35C42337862B35F0A58
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=AWg5cj5ITCdLPbpd0n52l5U4mbs
Frame ID: DBB835891D10FA22C3D5EF8C798EBD46
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a167cf8e-0812-4e52-9531-20fe6ac77d25-005
Frame ID: 7AFC030545F510798824FD5476F3A66D
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C3E08DA9-D324-4D66-8134-C7493E27E7EA
Frame ID: 37322B3850402B75AF7781C5BCE328E7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=676902280705
Frame ID: 2CAFC70C0230D8F832E3E27606762477
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:SRwRaWKO1O4zgJ5&gdpr=0&gdpr_consent=
Frame ID: A99945195B0828D0EBDDC117AD401E80
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 7B16F432B6231D471F38DE77FD2F7932
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7093249211328985151
Frame ID: 2794E1B80120381F1A26AB68D760F8E5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D3A240AA5-6332-48CC-8B2D-B1DF4F8202BF%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
Frame ID: 30A882956D8305AEBF22FAEF8F4DD9D4
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=3A240AA5-6332-48CC-8B2D-B1DF4F8202BF&ex=pubmatic.com
Frame ID: 8556654B7852E110D9EF437FC02C8FB1
Requests: 1 HTTP requests in this frame

Frame: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1B6A2D001851F22DAC914971AA3A42C1
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLL7uQEQp_XsmAIYmPqjzAEwAQ&v=APEucNWdC_1rqtUmCvGIJ9gsx4czp8UNdrlV7Hj8gZ1ZI1SU3qt0-lv-F1ggplfvW7koPN60-ETccEGrkt-pSnT31b1-LKymJw
Frame ID: 59182CF8FBEB3B22CEE3AAEDFFBB4E3B
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 42BCD3B2B1EFA8A09614F237CAF66D1B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 78784BC33B14279CACF03F2E7405F31F
Requests: 3 HTTP requests in this frame

Frame: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Frame ID: 30FF935EEBDA71203C43DC145DE23126
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A3588371B6AF4AB0EC2305BF7A603DA7
Requests: 9 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=3018%2C3017%2C201%2C3%2C229%2C23%2C96%2C97%2C3012%2C147%2C178%2C175%2C2027%2C3016%2C203%2C226%2C29%2C117%2C77%2C145%2C106%2C132%2C236%2C2025%2C3007%2C2030%2C251%2C159%2C339%2C141%2C222%2C228%2C108%2C2034%2C59%2C172%2C220%2C246%2C126%2C326%2C2026&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 4A5060B5A18DF9D279DF958A5C2F816E
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com
Frame ID: 16E7270569A7A4CA7F5754ECC4D656A0
Requests: 2 HTTP requests in this frame

Frame: https://assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/index.css
Frame ID: FCD4217D3C7FA205640C54281B917117
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 12028374B861B7D66006251F02669AFF
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Dpba%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3DPM_UID
Frame ID: A55FC6F60E10F142A9D7739065C92113
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D6A6189E4DB58E882D4F2BCB7EC9844
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 653D45949E6E96ED77C83292CCBC9480
Requests: 2 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2c2c22e6-f211-4326-adaa-bcf6cad9fe58-tuct9aea9fe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 4C93AE5DF19C3191120724F3691E701C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Y2S-UUj4DH65VKuKfyS1Yg
Frame ID: A354423156DCB8C158B0DF269E670512
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: CE8715FE7F6C8AED5C8376204F50A060
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 2099BD99168368EA674C3CDDD46D82E6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 04591180069675C827F67AD36D5E404A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=029468b7-a675-40c2-9cbd-9b918352fd63
Frame ID: A84758E4E6A682FFB37140617B0E4087
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=8e783a0e-e239-41df-b2da-e8ca6774fae6
Frame ID: 164DAD978B7D5B93FC64B6F45CF4E644
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D5A0BE942A9C49B4926EBA7851290645
Frame ID: 7296B10F80FB4DEE829B1A098762C29F
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/cksync.php?cs=1&vsid=2990401231455503000V10&type=pba&refUrl=&vid=60385234032990401231455503000V10&ovsid=C3E08DA9-D324-4D66-8134-C7493E27E7EA
Frame ID: 5A65EDE2A1B4C9255C53BD8A290952BA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Onion | America's Finest News Source.

Page URL History Show full URLs

  1. http://theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011 HTTP 307
    https://theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011 HTTP 301
    https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

371
Requests

78 %
HTTPS

20 %
IPv6

111
Domains

186
Subdomains

109
IPs

8
Countries

5563 kB
Transfer

13952 kB
Size

226
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011 HTTP 307
    https://theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011 HTTP 301
    https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84
  • https://kinja-com.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=kinja-com&upapi=true
Request Chain 87
  • https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzQyNTI5YjctYmEwYy00ODBjLTk5ZDYtY2YxNWE3YjUyNjNl&gdpr=0&gdpr_consent=&ttd_tdid=342529b7-ba0c-480c-99d6-cf15a7b5263e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=MzQyNTI5YjctYmEwYy00ODBjLTk5ZDYtY2YxNWE3YjUyNjNl&gdpr=0&gdpr_consent=&ttd_tdid=342529b7-ba0c-480c-99d6-cf15a7b5263e&google_tc= HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=342529b7-ba0c-480c-99d6-cf15a7b5263e&google_gid=CAESENilx0F5VvL7PFtWj1bSFHg&google_cver=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=342529b7-ba0c-480c-99d6-cf15a7b5263e&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=342529b7-ba0c-480c-99d6-cf15a7b5263e&expiration=1658630520&gdpr=0&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=342529b7-ba0c-480c-99d6-cf15a7b5263e&expiration=1658630520&gdpr=0&gdpr_consent=&C=1
Request Chain 114
  • https://sb.scorecardresearch.com/b?c1=2&c2=6770184&cs_it=b3&cv=3.8.0.210223&ns__t=1656038520663&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&c8=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&cs_it=b3&cv=3.8.0.210223&ns__t=1656038520663&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&c8=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&c9=
Request Chain 150
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&dcc=t
Request Chain 162
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 167
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS15bFh3Mnl0RTJ1SzRYazZHRW1KaU90ZG50OU1rckNmLn5B
Request Chain 168
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=780750410301151874&ex=appnexus.com
Request Chain 169
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2361227759780991366806
Request Chain 174
  • https://ssp.behave.com/push_sync HTTP 302
  • https://ssp.behave.com/ul_cb/push_sync HTTP 302
  • https://x.bidswitch.net/sync?ssp=bouncex HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=bouncex HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=bouncex&bsw_custom_parameter=abbb20c6-a377-431a-8a32-714fe18ade85 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=f695d2b3-56c5-450f-b5f3-85ab36eefe0a&ssp=bouncex&bsw_param=abbb20c6-a377-431a-8a32-714fe18ade85 HTTP 302
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=ecba0b5f-e39d-49d2-9913-8b700ad86555
Request Chain 178
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=342529b7-ba0c-480c-99d6-cf15a7b5263e
Request Chain 179
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=E36B116FBE05449ABC9F1AE439C7B336
Request Chain 180
  • https://sync.srv.stackadapt.com/sync?nid=157 HTTP 302
  • https://sync.bfmio.com/sync?pid=172&uid=AWg5cj5ITCdLPbpd0n52l5U4mbs
Request Chain 181
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=2953 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=2953&s_h=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=102&uid=f9bfc24c-3361-4f92-a49f-f70a21125137
Request Chain 182
  • https://pr-bh.ybp.yahoo.com/sync/beachfront/c334011c120be70a2e28390eca78a765f8b81356 HTTP 302
  • https://sync.bfmio.com/sync?pid=157&uid=y-LTEXGwVE2pITFyu.AhGFB_Fq.Wmbekre6oxkUaaNCA--~A
Request Chain 183
  • https://ad.mrtnsvr.com/sync/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=187&uid=55zv2Ey4M
Request Chain 189
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=342529b7-ba0c-480c-99d6-cf15a7b5263e&expiration=1658630521&gdpr=0&gdpr_consent=
Request Chain 190
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YrUkeQSJC6Pugzxy.maICAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAH3ntPgd5bcuUElEnYTWh4&google_cver=1&google_hm=2
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YrUkeVkHPcCZNgR3LL12ZQAABNgAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFK7PTacZ11XBd4rrcCR9t8&google_cver=1
Request Chain 193
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030001_62b52479b51e9&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_62b52479b51e9
Request Chain 194
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7093249211678081055&uid=Q7093249211678081055&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7093249211678081055
Request Chain 195
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=780750410301151874
Request Chain 196
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YrUkeVkHPcCZNgR3LL12ZQAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YrUkeVkHPcCZNgR3LL12ZQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662296952328896
Request Chain 199
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C3E08DA9-D324-4D66-8134-C7493E27E7EA HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C3E08DA9-D324-4D66-8134-C7493E27E7EA
Request Chain 200
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YrUkeQALNGCGIgAo HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YrUkeQALNGCGIgAo&gdpr=0&gdpr_consent=&_test=YrUkeQALNGCGIgAo
Request Chain 201
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:336c62b5-2479-4900-8f51-fe240806a828&gdpr=0&gdpr_consent=
Request Chain 202
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFeG9rN0Zha2tBQUJOaWJTNHdpdw&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAExok7FakkAABNibS4wiw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4053307272047313424 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAExok7FakkAABNibS4wiw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D4053307272047313424%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=4053307272047313424&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAExok7FakkAABNibS4wiw&pid=558502&do=add HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAExok7FakkAABNibS4wiw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D4053307272047313424%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?userid=4053307272047313424&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAExok7FakkAABNibS4wiw
Request Chain 204
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Request Chain 205
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=399eca3c-f367-11ec-a45c-682258f0f1c1
Request Chain 206
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=AWg5cj5ITCdLPbpd0n52l5U4mbs
Request Chain 207
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1656038521642 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8585394149 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/342529b7-ba0c-480c-99d6-cf15a7b5263e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a167cf8e-0812-4e52-9531-20fe6ac77d25-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-a167cf8e-0812-4e52-9531-20fe6ac77d25-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a167cf8e-0812-4e52-9531-20fe6ac77d25-005
Request Chain 208
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=8983dd6b-5fb6-4ea6-a359-0becfb9184a9&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C3E08DA9-D324-4D66-8134-C7493E27E7EA
Request Chain 209
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=676902280705
Request Chain 210
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:SRwRaWKO1O4zgJ5&gdpr=0&gdpr_consent=
Request Chain 211
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 212
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7093249211328985151&uid=Q7093249211328985151&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7093249211328985151
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w-CNqdMkTWaBNMdJPifn6g%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 214
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C3E08DA9-D324-4D66-8134-C7493E27E7EA HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEMzRTA4REE5LUQzMjQtNEQ2Ni04MTM0LUM3NDkzRTI3RTdFQRAAGg0I-cjUlQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=1dd08ca02368c7ac01b0a0616deaaa9edd87f2e18b13bb955ce01896538dd5d5791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAxZGQwOGNhMDIzNjhjN2FjMDFiMGEwNjE2ZGVhYWE5ZWRkODdmMmUxOGIxM2JiOTU1Y2UwMTg5NjUzOGRkNWQ1NzkxNDI2YjU0MTdkY2UyMRAAGgwI-cjUlQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAxZGQwOGNhMDIzNjhjN2FjMDFiMGEwNjE2ZGVhYWE5ZWRkODdmMmUxOGIxM2JiOTU1Y2UwMTg5NjUzOGRkNWQ1NzkxNDI2YjU0MTdkY2UyMRAAGgwI-cjUlQYSBAgCEABCAEoA&google_gid=CAESEHWCVJAVZTIEmx2CDgJXD_k&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=04bf5ffd-5a5d-408d-b3c6-f7080cc45f98
Request Chain 215
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f9ce62b5-2479-4000-b35c-bb97eafdbcd5
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzNFMDhEQTktRDMyNC00RDY2LTgxMzQtQzc0OTNFMjdFN0VB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELXgho7LkbPJvk8WLUFuWhk&google_cver=1
Request Chain 218
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D5A0BE942A9C49B4926EBA7851290645
Request Chain 219
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7574025732850242011&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 220
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=342529b7-ba0c-480c-99d6-cf15a7b5263e
Request Chain 222
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4wBQwsRE2uWi6DLh5mSBZVE3tHzPNKM-~A&gdpr=0&gdpr_consent=
Request Chain 224
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=39a888a0-f367-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
Request Chain 225
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=304b2942501308e3&is_secure=true&networkId=17100&version=1&nuid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADKPnsxfsBYwNulAmVAAAAAAA&expiration=1656124921&nuid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 226
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=780750410301151874&gdpr=0&gdpr_consent=
Request Chain 227
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2JFT-9yXBvfDmgf-25ccq9qQVP7DmwiriMbocvpT
Request Chain 228
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=96c38ccf-16ea-4d04-ae14-fc854472ccca-62b52479-4341&gdpr=0&gdpr_consent=
Request Chain 229
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=ecba0b5f-e39d-49d2-9913-8b700ad86555 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=ecba0b5f-e39d-49d2-9913-8b700ad86555 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=0a6afd2a-e49e-4039-9bfb-d64208c198bc&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ecba0b5f-e39d-49d2-9913-8b700ad86555&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 230
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_F1F3B21D_67407FE6&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 231
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8249113497166911165
Request Chain 232
  • https://sync.resetdigital.co:10001/csync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000B614CBA3D3
Request Chain 234
  • https://sync.srv.stackadapt.com/sync?&nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=AWg5cj5ITCdLPbpd0n52l5U4mbs&gdpr=&gdpr_consent=
Request Chain 235
  • https://x.bidswitch.net/sync?&ssp=yieldmo HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?&ssp=yieldmo HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=yieldmo&ssp_user_id=ecba0b5f-e39d-49d2-9913-8b700ad86555&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171119953&expires=5&ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?userid=ecba0b5f-e39d-49d2-9913-8b700ad86555&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Request Chain 236
  • https://dis.criteo.com/dis/usersync.aspx?&r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://widget.us.criteo.com/dis/usersync.aspx?&r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
Request Chain 238
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=780750410301151874&pn_id=an
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAH3ntPgd5bcuUElEnYTWh4&google_cver=1
Request Chain 259
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YrUkeQSJC6Pugzxy.maICAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAH3ntPgd5bcuUElEnYTWh4&google_cver=1&google_hm=2
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIMef7V0gWXhsvJGiR2ZXj0&google_cver=1
Request Chain 261
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgwNzUwNDEwMzAxMTUxODc0
Request Chain 264
  • https://fw.adsafeprotected.com/rfw/as.jivox.com/937172/63662186/unit/unit_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=${US_PRIVACY}&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https://www.theonion.com/&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&ias_dspID=3&ias_campId=25417540&ias_pubId=pub-9268440883448925&ias_chanId=1&ias_placementId=15447686141&bidurl=https://www.theonion.com/&ias_dealId=549644393848240971&adsafe_par&ias_impId=v4~~ABAjH0heAg73qw9wQFrgJuhZnFhs&adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:3059e981-e3b7-5a33-6948-e4a8d475c020,c:gq4fqi,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74d8c6bddc-6b2hw,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:t9DGSbZ+11%7C12%7C1311%7C131211%7C131212%7C1313%7C1314%7C1315%7C1316%7C1317%7C1318%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C159%7C15a%7C15b%7C15c%7C15d%7C15e%7C16%7C17%7C18*.937172-63662186%7C181,idMap:18*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:28,oid:3a079859-f367-11ec-aa57-2a60923162d7,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://as.jivox.com/unit/unit_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=${US_PRIVACY}&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https://www.theonion.com/&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559
Request Chain 277
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEJoMEsVcxSSoA0HceUYWH8M&google_cver=1&google_push=ARnp8GAEYAvkbVbaGomGT3gx7jTtiE1fl1lRhiudknx7y111xoKfQY0FeaaB3oaWEHRrQEXcfCzDI5umjcTw0AQWlZrwPoxb74J_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ARnp8GAEYAvkbVbaGomGT3gx7jTtiE1fl1lRhiudknx7y111xoKfQY0FeaaB3oaWEHRrQEXcfCzDI5umjcTw0AQWlZrwPoxb74J_&google_hm=UjFCMzMwX0YxRjNCMjFEXzY3NDA3RkU2
Request Chain 278
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGIHkXODVBErJqrNKpmNlK4&google_cver=1&google_push=ARnp8GClY_OWTmPhbbKeWkZoUU1oQf2U_2C9ZoKZ1zd6Nfb5hhUQ61lKzjkMob7R6R-4f328nY8bfCj3oddkkz8i2_3RGgk1evmK_Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXJVa2VRQUxOR0NHSWdBbw==&google_gid=CAESEGIHkXODVBErJqrNKpmNlK4&google_cver=1&google_push=ARnp8GClY_OWTmPhbbKeWkZoUU1oQf2U_2C9ZoKZ1zd6Nfb5hhUQ61lKzjkMob7R6R-4f328nY8bfCj3oddkkz8i2_3RGgk1evmK_Q
Request Chain 279
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGdiq2IO-E-ELKJf3W31JoM&google_cver=1&google_push=ARnp8GAnUzLLD41CFGsSLavHvjzzbSDHThB1EQPaivgYk0mf8zAXoU8V_VosEJlcM5USczCIeXKIGJAzVAUNTRc1IgJV3MymioaBIA HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGdiq2IO-E-ELKJf3W31JoM&google_push=ARnp8GAnUzLLD41CFGsSLavHvjzzbSDHThB1EQPaivgYk0mf8zAXoU8V_VosEJlcM5USczCIeXKIGJAzVAUNTRc1IgJV3MymioaBIA&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ARnp8GAnUzLLD41CFGsSLavHvjzzbSDHThB1EQPaivgYk0mf8zAXoU8V_VosEJlcM5USczCIeXKIGJAzVAUNTRc1IgJV3MymioaBIA&google_hm=VnRucEZHXy1XeTlmNXFZd2RjbnM=
Request Chain 280
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFK7PTacZ11XBd4rrcCR9t8&google_cver=1&google_push=ARnp8GB2Oy6rzRaU70eoIyAK594Yhb9ouonnpIL8tROOXB6XAu18APKjgfPCuiODBZW0cYNJIBBa6rWADLl8Crb_uJJUROlCzd2q0A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrUkeQSJC6Pugzxy-maICAAABNgAAAAB&google_cver=1&google_push=ARnp8GB2Oy6rzRaU70eoIyAK594Yhb9ouonnpIL8tROOXB6XAu18APKjgfPCuiODBZW0cYNJIBBa6rWADLl8Crb_uJJUROlCzd2q0A&google_gid=CAESEFK7PTacZ11XBd4rrcCR9t8
Request Chain 281
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHhLmU5ZJrnMy8xmlwSGeH4&google_cver=1&google_push=ARnp8GA9LxZ3iGuWV8yN30RaWOyWK6T-XAVh8gLpcIeTaM2RO-cxkiH80W-LhUDjNVnYW4LZQ-trbQSrz29lNGJrZqg7wW20XFoY7Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM2MTIyNzc1OTc4MDk5MTM2NjgwNg%3D%3D&google_push=ARnp8GA9LxZ3iGuWV8yN30RaWOyWK6T-XAVh8gLpcIeTaM2RO-cxkiH80W-LhUDjNVnYW4LZQ-trbQSrz29lNGJrZqg7wW20XFoY7Q
Request Chain 282
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEA387QpprvH9er-QDeqf7gI&google_cver=1&google_push=ARnp8GDhGQBRywOJHBl4tAuxi70jP31RkUyvJSXM1ljgO-NQ9lByYUVCQtmxdSxlnIERHTBVvz7MS3rnbF2WMGfXoy3Nf7y23u6wF1k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=Cmr9KuSeQDmb-9ZCCMGYvA==&no_redirect=1&google_push=ARnp8GDhGQBRywOJHBl4tAuxi70jP31RkUyvJSXM1ljgO-NQ9lByYUVCQtmxdSxlnIERHTBVvz7MS3rnbF2WMGfXoy3Nf7y23u6wF1k
Request Chain 283
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEIc6_8IiAqkwHIyNT_zcRgc&google_cver=1&google_push=ARnp8GD-51vRTsfuseyZumu1QqrYumhBSpgXsIiKLLbWu6PXPI0-ePzwooX5yCUc2XpxYcsUHBYdlCuo27qtWJikHLHgukI1z5rpH9Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ARnp8GD-51vRTsfuseyZumu1QqrYumhBSpgXsIiKLLbWu6PXPI0-ePzwooX5yCUc2XpxYcsUHBYdlCuo27qtWJikHLHgukI1z5rpH9Q&google_hm=ODA0MTQ1Njc0OTcyMzIwNzQ5Mg==
Request Chain 306
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=D0bJznxNUEYxRXRvYTZXbGQrR3FvWU40c25NdG9WMldsVHhPeENaNkwvOTJndVZuemN3ejdzK1VIdWFDM2JiNEtobEg4aUppODh0MEtyakhHdy9NQUJqcFlHUmJlMEJRV0ZSRm81WlA1ZkpxMnJQT2hMME1vcHA2aytMZkhzOHVQaGI3dlJKaTNMVGlkNkVEUWRSVjZ5YjBOUzI3bjN6RE9jYUNJc0JoSnBjOGxEQ2ZYcHNpRFVKR1U4VUw0L0E5Z0hDMG9hWHJVemxqbHBRekNUTVpCeUtWbXdqS2JyQlQwYTRDb0RPSURCZmhIMm9Jb1lXVVZldGhpdHRCT24zdCtGc0xVRXRLWDYrL090UTBuWEt2UEVVb3o4QT09fA&cppv=2
Request Chain 314
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 316
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://widget.us.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5a6aa517-4a2e-4510-942b-60d59c9c26e1
Request Chain 317
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Dapx%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3D%24UID HTTP 302
  • https://hbx.media.net/cksync.php?cs=1&vsid=2990401231455503000V10&type=apx&refUrl=&vid=60385234032990401231455503000V10&ovsid=780750410301151874
Request Chain 318
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=ecba0b5f-e39d-49d2-9913-8b700ad86555&google_hm=ZWNiYTBiNWYtZTM5ZC00OWQyLTk5MTMtOGI3MDBhZDg2NTU1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFxohwKUYmQtPXMcgFnOymA&google_cver=1&ssp=medianet&bsw_param=ecba0b5f-e39d-49d2-9913-8b700ad86555 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ecba0b5f-e39d-49d2-9913-8b700ad86555&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 319
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fhbx.media.net%2Fcksync.html%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Dopx%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3D HTTP 302
  • https://hbx.media.net/cksync.html?cs=1&vsid=2990401231455503000V10&type=opx&refUrl=&vid=60385234032990401231455503000V10&ovsid=8db0b5ef-ca5f-06e8-3072-7939789e8963
Request Chain 320
  • https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Demx%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Demx%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9oYngubWVkaWEubmV0L2Nrc3luYy5waHA/Y3M9MSZ2c2lkPTI5OTA0MDEyMzE0NTU1MDMwMDBWMTAmdHlwZT1lbXgmcmVmVXJsPSZ2aWQ9NjAzODUyMzQwMzI5OTA0MDEyMzE0NTU1MDMwMDBWMTAmb3ZzaWQ9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=780750410301151874&redirect=https://hbx.media.net/cksync.php?cs=1&vsid=2990401231455503000V10&type=emx&refUrl=&vid=60385234032990401231455503000V10&ovsid=$EMXUID&b64_redirect=aHR0cHM6Ly9oYngubWVkaWEubmV0L2Nrc3luYy5waHA/Y3M9MSZ2c2lkPTI5OTA0MDEyMzE0NTU1MDMwMDBWMTAmdHlwZT1lbXgmcmVmVXJsPSZ2aWQ9NjAzODUyMzQwMzI5OTA0MDEyMzE0NTU1MDMwMDBWMTAmb3ZzaWQ9JEVNWFVJRA== HTTP 302
  • https://hbx.media.net/cksync.php?cs=1&vsid=2990401231455503000V10&type=emx&refUrl=&vid=60385234032990401231455503000V10&ovsid=780750410301151874brt77741656038523514390a2
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?cs=1&google_nid=media&google_cm=1&google_hm=Mjk5MDQwMTIzMTQ1NTUwMzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=1&google_gid=CAESEK1cZragodmp-DP2br-sSoo&google_cver=1
Request Chain 322
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=342529b7-ba0c-480c-99d6-cf15a7b5263e
Request Chain 323
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D2990401231455503000V10 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2990401231455503000V10
Request Chain 330
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L4RUKSUD-1G-536O HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L4RUKSUD-1G-536O
Request Chain 332
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/-CvY-xYhkPEsFU31QfTfecn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3666170280197444616
Request Chain 333
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRSVUtTVUQtMUctNTM2Tw==
Request Chain 334
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYxMzYxZmE4NGNiOWM1ZjgxNWYxOTE4MTQ4NzczY2JmY2IwZTA1OQ
Request Chain 335
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0GQ__g1dTQqRzJu9qdd8EA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0GQ__g1dTQqRzJu9qdd8EA
Request Chain 337
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4RUKSUD-1G-536O
Request Chain 338
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=342529b7-ba0c-480c-99d6-cf15a7b5263e&gdpr=0&gdpr_consent=&expires=30
Request Chain 347
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://widget.us.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5a6aa517-4a2e-4510-942b-60d59c9c26e1
Request Chain 348
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161204 HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=780750410301151874 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e204589d-15fe-4de9-8d49-1bba08760a86&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 349
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=SRwRaWKO1O4zgJ5
Request Chain 350
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ecba0b5f-e39d-49d2-9913-8b700ad86555&ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10626665533280943343&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10626665533280943343&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=fdc21428-de9d-410c-b112-7aecc9791d28&ssp=medianet&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10626665533280943343&ssp=medianet&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213020604192002097966&ssp=medianet&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10626665533280943343&ssp=medianet&gdpr=&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ecba0b5f-e39d-49d2-9913-8b700ad86555&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 351
  • https://us-u.openx.net/w/1.0/pd?plm=6&ph=76539a53-5c43-4ed5-9383-0170d0baf4f8&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJC1nof6QbgT5kNMAs9_JsM&google_cver=1
Request Chain 352
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=1b66d938d4908e5&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID HTTP 302
  • https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAADKVTf1pOetAMPafGRAAAAAAA&expiration=1656124924&is_secure=true
Request Chain 353
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=342529b7-ba0c-480c-99d6-cf15a7b5263e&dongle=0cfd
Request Chain 355
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://stags.bluekai.com/site/92145?id=ecba0b5f-e39d-49d2-9913-8b700ad86555&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D452%26ssp%3Dthemediagrid%26user_id%3D&limit=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
Request Chain 359
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2c2c22e6-f211-4326-adaa-bcf6cad9fe58-tuct9aea9fe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 360
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Y2S-UUj4DH65VKuKfyS1Yg
Request Chain 363
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 364
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=029468b7-a675-40c2-9cbd-9b918352fd63
Request Chain 365
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=D5A0BE942A9C49B4926EBA7851290645 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D HTTP 307
  • https://match.bnmla.com/usersync?dspid=170&uuid=1EE0E30D482248EBB9B906EB91C1C2E6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=8e783a0e-e239-41df-b2da-e8ca6774fae6
Request Chain 366
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D5A0BE942A9C49B4926EBA7851290645
Request Chain 368
  • https://pixel.onaudience.com/?partner=214&mapped=C3E08DA9-D324-4D66-8134-C7493E27E7EA HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=5311e75cf60d0770/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=5311e75cf60d0770/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=23a0d924fe86424d61b43fedab1bdeff&gdpr=0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=c605488fe408cf48f52b6b646ca73582&gdpr=0 HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=252&mapped=y-qNqCl51E2pQRgxofR.kca.oy_2Pu7JHeog--~A&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=342529b7-ba0c-480c-99d6-cf15a7b5263e&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=9290d09f8d805d0c HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=342529b7-ba0c-480c-99d6-cf15a7b5263e&gdpr=0&gdpr_consent=
Request Chain 369
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&addseg=12,35,41
Request Chain 370
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C3E08DA9-D324-4D66-8134-C7493E27E7EA&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C3E08DA9-D324-4D66-8134-C7493E27E7EA&sInitiator=external&gdpr=0&gdpr_consent=

371 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.theonion.com/
Redirect Chain
  • http://theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
  • https://theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
  • https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
508 KB
69 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
e781beb642740f7aa7395c523d722f2df0811526898f9871867ca49608bea019
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
161
cache-control
stale-if-error=86400, stale-while-revalidate=300
content-encoding
gzip
content-length
66819
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 24 Jun 2022 02:41:58 GMT
etag
W/"7f01a-HJI1wpXhKm2zMNMJRv0WWJP04qo"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-WelcomeAdLoadedV1, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-Kinja-GDPR, X-Kinja-CCPA, Authorization
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
1, 1
x-cdn-fetch
mantle-default
x-content-type-options
nosniff
x-googlenews-bot
false
x-kinja
kinja-magma-kube03-5fdf545c8-mggls #3259
x-kinja-build
3259
x-kinja-revision
6bd8262e0882921eecc1189e40136b2c05b4e455
x-kinja-server
kinja-magma-kube03-5fdf545c8-mggls
x-powered-by
Express
x-served-by
cache-iad-kiad7000178-IAD, cache-yul12830-YUL
x-timer
S1656038519.883670,VS0,VE1
x-ua-device
desktop
x-xss-protection
1; mode=block

Redirect headers

accept-ranges
bytes
age
0
cache-control
stale-if-error=86400, stale-while-revalidate=300
content-length
106
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 24 Jun 2022 02:41:58 GMT
location
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-WelcomeAdLoadedV1, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-Kinja-GDPR, X-Kinja-CCPA, Accept, Authorization
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-cdn-fetch
mantle-default
x-content-type-options
nosniff
x-googlenews-bot
false
x-kinja
kinja-magma-kube02-56fd756d75-x7bxv #3259
x-kinja-build
3259
x-kinja-removed-qs
_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
x-kinja-revision
6bd8262e0882921eecc1189e40136b2c05b4e455
x-kinja-server
kinja-magma-kube02-56fd756d75-x7bxv
x-powered-by
Express
x-served-by
cache-iad-kjyo7100081-IAD, cache-yul12830-YUL
x-timer
S1656038519.808112,VS0,VE42
x-ua-device
desktop
x-xss-protection
1; mode=block
proxima_nova_cond_reg-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg-webfont.woff2?08252015
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
78
x-cache
HIT
content-length
28044
x-amz-id-2
eTLVqXPREnvmn8d1/g4mg6uS4XAM9HxysoutqxbFuX26qvDUZqguAw0dSetwmasWexknAwcTTXI=
x-served-by
cache-yul12826-YUL
last-modified
Mon, 09 May 2022 15:36:17 GMT
server
AmazonS3
x-timer
S1656038519.007659,VS0,VE0
etag
"94cbaf403b2922fd6858c812dae091fb"
x-amz-request-id
ZMB281BMCVFMCZHB
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
binary/octet-stream
x-cache-hits
4
proxima_nova_cond_reg_it-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg_it-webfont.woff2?08252015
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d764be1388f0488c90be29ca58c3ad082f9d954ece8448448779bb79e3ca7a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
78
x-cache
HIT
content-length
30416
x-amz-id-2
0bq+SHmN6lwGY+RVKnFit05Sv04KBouuqjREubLtCtyuiblGvMpLWSLkMFgkluHAFkV/vDG+Wsk=
x-served-by
cache-yul12826-YUL
last-modified
Thu, 14 Apr 2022 06:20:36 GMT
server
AmazonS3
x-timer
S1656038519.007647,VS0,VE0
etag
"bea38ea36d2aba1d5da6e8f842425e40"
x-amz-request-id
033S9HWB592NBQET
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
binary/octet-stream
x-cache-hits
4
proxima_nova_cond_sbold-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold-webfont.woff2?08252015
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
119
x-cache
HIT
content-length
28136
x-amz-id-2
hsfWGUmaE0PK00K8rRP/xLcho2EOKAj+m4APgIhTqd1GcdpF2MRhgDxudM+gYgD41+3O1yYWXMY=
x-served-by
cache-yul12826-YUL
last-modified
Mon, 06 Jun 2022 20:29:07 GMT
server
AmazonS3
x-timer
S1656038519.008023,VS0,VE0
etag
"7ac1e4b7ab03f256e831e00e3b5618a6"
x-amz-request-id
RZ31SRBWNREMG57Z
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
binary/octet-stream
x-cache-hits
7
proxima_nova_cond_sbold_it-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold_it-webfont.woff2?08252015
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8d2c867ae480b6b318900eb4168d5645f635420bdb1626976c9c0af71c45eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
78
x-cache
HIT
content-length
30232
x-amz-id-2
NlSLBbOdV+T+L38CrVpfPitFfqNrGQaTBCqRzL8ZmelZBBk3L/1KJgIHDBd9pRIxnTWm9BGmiqg=
x-served-by
cache-yul12826-YUL
last-modified
Mon, 06 Jun 2022 20:29:07 GMT
server
AmazonS3
x-timer
S1656038519.007972,VS0,VE0
etag
"6d0ce198b25710fd5d0a2c0fb863b22c"
x-amz-request-id
TR5ZMJ0Y1H92JJ1V
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
binary/octet-stream
x-cache-hits
4
bidexchange.js
hbx.media.net/ 		559 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=www.theonion.com
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
26301956e39ac9265de361fbca1ff6e8ba27c3b4095b384c5537f1556424130d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
timing-allow-origin
*
expires
Fri, 24 Jun 2022 03:11:59 GMT
183957-47751755686051.js
js-sec.indexww.com/ht/p/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 02:41:59 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jun 2022 02:41:02 GMT
Server
Apache
ETag
"762271-bde7-5e2288047644b"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
15802
Expires
Fri, 24 Jun 2022 03:41:59 GMT
lux.js
cdn.speedcurve.com/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=527761496
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
fcf7264e8bbdb639f80a0983b493218d51fe9cc8b3f19e6291a1cc8e51d6e905

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
via
1.1 vegur, 1.1 varnish
age
7580
x-cache
HIT
x-cache-hits
103
content-encoding
gzip
content-length
6553
x-served-by
cache-yul12822-YUL
last-modified
Fri, 24 Jun 2022 00:35:39 GMT
server
Apache
x-timer
S1656038519.036144,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Jul 2022 00:35:39 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
sffe /
Resource Hash
ff73bad095a970753de1f9ab5e9bc4864af2738b951b44c8ffa952a5b2b9cb17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28093
x-xss-protection
0
server
sffe
etag
"1254 / 776 of 1000 / last-modified: 1656021990"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 24 Jun 2022 02:41:59 GMT
op.js
tagan.adlightning.com/gomedia/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/op.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-37.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f54a755b9dad94a917f22670875f3e77e6bcc69ab1039d2a6415069ab0c0026

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 01:55:18 GMT
content-encoding
gzip
age
2801
x-cache
Hit from cloudfront
content-length
19524
x-amz-meta-git_commit
92ee7c4
last-modified
Sat, 14 May 2022 09:32:28 GMT
server
AmazonS3
etag
"2eb24da1be4f5db1a3707ac7109744e6"
x-amz-version-id
aBNwfnaWVsO7LhSbLSq0BxZ8yzdDGE50
via
1.1 6ba47df044361b708e00c6d6274556cc.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
IAD79-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
yspSZdzerGYun1BEhCsV6W1QZ1aFKiGocm1DgZTKuUPV7alb9VYuUg==
runtime~adManager.6de61666f5537e3c4a1f.js
www.theonion.com/x-kinja-static/assets/new-client/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.6de61666f5537e3c4a1f.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3737e1bae07e1b14fc5c974e1410ea6cbac8575d8f29137077098c300fafddeb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
679616
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
1368
x-amz-id-2
lePI5sZIldspKrwG73aE4Q9C7uvn3hquVIBNjHoI6WSJLAl9+0vlar5ALcAEWQ2AH5epIbTvmL4=
x-served-by
cache-yul12820-YUL, cache-yul12830-YUL
last-modified
Wed, 15 Jun 2022 21:39:59 GMT
server
AmazonS3
x-timer
S1656038519.892374,VS0,VE0
etag
"6e7e1eccab4ab04bc17f3797b20c5904"
vary
Accept-Encoding, Authorization
x-amz-request-id
C302PQ2ZK58NWYB9
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0, 2
vendors~adEditor~adManager~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityP~54ed6840.b2bbdaf74f24097581de.js
www.theonion.com/x-kinja-static/assets/new-client/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendors~adEditor~adManager~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityP~54ed6840.b2bbdaf74f24097581de.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ca5004175d26f368904237be2f30babc58c218aa7481a39dbe45fd4d9496401
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
679616
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
2296
x-amz-id-2
tuEjYDu4FOBvFdzL4bdYBjQkKfVDdHjfoMuPiewuqvq9sSkXaFz9zboT+tgzt8PkA07kvrpY6ok=
x-served-by
cache-yul12820-YUL, cache-yul12830-YUL
last-modified
Wed, 15 Jun 2022 21:40:00 GMT
server
AmazonS3
x-timer
S1656038519.892871,VS0,VE0
etag
"2633c65e931ee5a8d3e15eff546dadb1"
vary
Accept-Encoding, Authorization
x-amz-request-id
69N21F86RWSGX0JR
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0, 2
vendors~adManager.de98ed1698e8201c7f30.js
www.theonion.com/x-kinja-static/assets/new-client/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendors~adManager.de98ed1698e8201c7f30.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8fa353f71e74d48c21c91bffcda604c38aa4213921ce24014fda75b1aedc6f45
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
2609585
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
4102
x-amz-id-2
fprD/mW084lMgb2UzlPET1UrrmzBrOdfLlv9NTYqMpBcgeI/3Rzb9H0uBYpW/KRzQh5pfuiYR+o=
x-served-by
cache-yul12831-YUL, cache-yul12830-YUL
last-modified
Tue, 24 May 2022 21:46:18 GMT
server
AmazonS3
x-timer
S1656038519.892382,VS0,VE0
etag
"e1f3f7101db89168f1e2831cb8fe5ab8"
vary
Accept-Encoding, Authorization
x-amz-request-id
RCQJQV3814GK0ZRH
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 2
adManager~trackers.9b7157680340a4968877.js
www.theonion.com/x-kinja-static/assets/new-client/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adManager~trackers.9b7157680340a4968877.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
415ba7668eb39df545178584a30aa5787d99267e4ca6083df9653b5bb4f5254d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
849583
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
2747
x-amz-id-2
9D8Rh45e6elrwrv9LE3PDZ2fGo7roLjixaGtmxPAbglBitO8ZknCrwM67T7Ed3LTrebqfwKAVPQ=
x-served-by
cache-yul12827-YUL, cache-yul12830-YUL
last-modified
Mon, 13 Jun 2022 21:24:51 GMT
server
AmazonS3
x-timer
S1656038519.892191,VS0,VE0
etag
"aa816437bb1fd7a44842334c16c0b976"
vary
Accept-Encoding, Authorization
x-amz-request-id
21P7SV1JSXNCVD1N
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0, 2
adManager~videoHtml5.9e12e0efef15aa5f296c.js
www.theonion.com/x-kinja-static/assets/new-client/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adManager~videoHtml5.9e12e0efef15aa5f296c.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
202060db07e37bb7aae11c3a174ca6c047072570c4857e413b5a2a035f197636
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
623403
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
2783
x-amz-id-2
v8nP5Ixh0Cew4PYFua/1Qo0UUHgGl26RnzewTlYf8k0y/zjk/6l/ard4X5EAHRDWJfAF6dJaM5Q=
x-served-by
cache-yul12821-YUL, cache-yul12830-YUL
last-modified
Thu, 16 Jun 2022 21:25:06 GMT
server
AmazonS3
x-timer
S1656038519.892272,VS0,VE0
etag
"43c47d2efcfe5607a3e95348ba2dd2f2"
vary
Accept-Encoding, Authorization
x-amz-request-id
MPVZVG5S6ENBXGKE
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 2
adManager.8d53c99d3d5eeb3e4a29.js
www.theonion.com/x-kinja-static/assets/new-client/ 		56 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adManager.8d53c99d3d5eeb3e4a29.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4fc5f462dd0ea8eb6cad29a793f059946ebb69b7da212fe530f2ddcf3440f14
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
821337
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
14115
x-amz-id-2
S5OpuuTdCmg+DITJ9WQjCua8HhQDe6kAEJe9E+7LsUAzs1T3uFErjDirScdsJjRiQMgz7yQSbrs=
x-served-by
cache-yul12825-YUL, cache-yul12830-YUL
last-modified
Tue, 14 Jun 2022 14:31:06 GMT
server
AmazonS3
x-timer
S1656038519.892100,VS0,VE0
etag
"a45d4465099a34a27de58c77d8e6bc6d"
vary
Accept-Encoding, Authorization
x-amz-request-id
E9BEGE61YV0GDCR6
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
2, 2
video-html5~carGalleryPage~listPage~second-scroll~slideshowPermalinkPage~trackers~videoHtml5.dd11254be9733f55e85b.js
www.theonion.com/x-kinja-static/assets/new-client/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/video-html5~carGalleryPage~listPage~second-scroll~slideshowPermalinkPage~trackers~videoHtml5.dd11254be9733f55e85b.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29e144d7a4e59f6c6a2959cd7f4bb91f9419945f1e106658fc6a0fb4644f168b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
242709
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
769
x-amz-id-2
pmF/JJA+NfG8Cxa5I4HcYvds/nlcVMAmrdqQGHL1QjTFxf3wLmqZGUWL9iapBx3uRVpYYMCDXaE=
x-served-by
cache-yul12830-YUL, cache-yul12830-YUL
last-modified
Mon, 20 Jun 2022 15:09:53 GMT
server
AmazonS3
x-timer
S1656038519.893688,VS0,VE0
etag
"dc58ddeadcfceec42fb2954f506420ce"
vary
Accept-Encoding, Authorization
x-amz-request-id
HYD9T0B8F43SKKGS
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0, 582
vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~a28f82f8.868620e1e850086d5823.js
www.theonion.com/x-kinja-static/assets/new-client/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~a28f82f8.868620e1e850086d5823.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6b4b912bd8becb17141bbe77e6352b2b5e3182ffb41087bec8a958a4f77faec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
679616
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
2510
x-amz-id-2
IGgoG2OOTuHovzCdwVygQeUbFQNKjyk8tVtvUO+Pp4IlunnuKMWDWeQxn4OwjKiTLr+DhLVR1OA=
x-served-by
cache-yul12820-YUL, cache-yul12830-YUL
last-modified
Wed, 15 Jun 2022 21:40:00 GMT
server
AmazonS3
x-timer
S1656038519.893148,VS0,VE0
etag
"5e5c4617f4d7565fbc29b0ecee9de140"
vary
Accept-Encoding, Authorization
x-amz-request-id
HE2V25SXFHFWKV43
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0, 2
video-html5~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~comme~eb8474b5.a14735312493c6d398cc.js
www.theonion.com/x-kinja-static/assets/new-client/ 		1 KB
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/video-html5~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~comme~eb8474b5.a14735312493c6d398cc.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f09fe2c1df1e1241d4a8720cd25c80d03c8aec5bc128be51a1f97d5c3c9a5af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
681046
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
566
x-amz-id-2
rnMJ07dHIPzHEOKnoaps9gwIgsv6Gcjd8NZT1+wpVnoNhZ8ZUqRb7mzfBq9ZxgTM5Fe2qh23ZZI=
x-served-by
cache-yul12824-YUL, cache-yul12830-YUL
last-modified
Wed, 15 Jun 2022 21:40:00 GMT
server
AmazonS3
x-timer
S1656038519.891768,VS0,VE0
etag
"c2244925eb3029d04b111bfaee8e078b"
vary
Accept-Encoding, Authorization
x-amz-request-id
BW0DTYSC9RBG5TXN
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0, 2
vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~5ed22f6a.07671610130cc59a297e.js
www.theonion.com/x-kinja-static/assets/new-client/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~5ed22f6a.07671610130cc59a297e.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6cff26cdfe15ead79e8b3f31783171f6eae4bafb774a7dbd5c8f48ce92ae0b2d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
245519
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
2088
x-amz-id-2
boZcyUkWdb6Sx+Rn6e5if+ATdL0xH3xbp941QQzKZFDz7SmzZ7SxL1KKoswQvNLPOyK5GikTly0=
x-served-by
cache-yul12822-YUL, cache-yul12830-YUL
last-modified
Mon, 20 Jun 2022 15:09:53 GMT
server
AmazonS3
x-timer
S1656038519.891750,VS0,VE0
etag
"e19c25bdaa53d1e7c82f2529b8aa5cad"
vary
Accept-Encoding, Authorization
x-amz-request-id
NZM4YW1GVA2K17H6
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0, 2
runtime~videoHtml5.ce65ab3b56df22d149b4.js
www.theonion.com/x-kinja-static/assets/new-client/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoHtml5.ce65ab3b56df22d149b4.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
438df25b47900f4169b4d8dd19a6041e2cf91a4f4bbb0e45473a475396ef6efb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
241210
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
687
x-amz-id-2
CJIFLxUXLF8ApReF/W61a/BfTyFAbGbHun92qH+mfDAZlW8y001ybEusNhR+hARzRwAZ7SsQ60c=
x-served-by
cache-yul12826-YUL, cache-yul12830-YUL
last-modified
Mon, 20 Jun 2022 15:09:52 GMT
server
AmazonS3
x-timer
S1656038519.891746,VS0,VE0
etag
"0e804276077e9474c75a3bba0c93941d"
vary
Accept-Encoding, Authorization
x-amz-request-id
D3569XYER4B01TCN
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0, 2
video-html5~videoHtml5.4d8707a2df70f1fcacb2.js
www.theonion.com/x-kinja-static/assets/new-client/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/video-html5~videoHtml5.4d8707a2df70f1fcacb2.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66c1200e7395dd9bfc9ef31a69a4d81009a044a8c47e70a73ccaa5a413eecda4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
821632
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
9726
x-amz-id-2
mueMaGfuMLVB3xpIavdB3LlvCQZiznlAYpeZMw0qz9cEs3ka2i8y6pNTwBWFVr8QkZMr9Pwa6hU=
x-served-by
cache-yul12832-YUL, cache-yul12830-YUL
last-modified
Tue, 14 Jun 2022 14:25:30 GMT
server
AmazonS3
x-timer
S1656038519.891709,VS0,VE0
etag
"75560fc2dc5634c56a9a7742ceab559b"
vary
Accept-Encoding, Authorization
x-amz-request-id
HWE9F8FHRG8DT17G
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
6, 2
vendors~videoHtml5.a95a4c819cd00dab678d.js
www.theonion.com/x-kinja-static/assets/new-client/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendors~videoHtml5.a95a4c819cd00dab678d.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e73f726b25754f8c4de789b1057a2bea169997a71412b2b4a404a1e0b80d0f2f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
2568824
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
2134
x-amz-id-2
ohiTxZ1mURN/UvEHKFgzh/H4rfvBGOkjORdITPYP/XPYzy6npik5+RxkcHdcfqFspRHvuCNAlLE=
x-served-by
cache-yul12831-YUL, cache-yul12830-YUL
last-modified
Wed, 25 May 2022 09:05:27 GMT
server
AmazonS3
x-timer
S1656038519.891691,VS0,VE0
etag
"aa2f15400d457d3f01e137bf0dfda70e"
vary
Accept-Encoding, Authorization
x-amz-request-id
KP8YKW5J0JPYWTSG
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 2
videoHtml5.3e0bb6b053a2431ce534.js
www.theonion.com/x-kinja-static/assets/new-client/ 		77 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/videoHtml5.3e0bb6b053a2431ce534.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7114e74aca0863465b98e9d607d1eaf7a47d0d30fbd6299416e92b87cae7e8dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
679616
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
5373
x-amz-id-2
Y+yQAEvvaJnBff5oIOaB0mT/vJ5lzwPyKbGmoOG2UpcfS7MmORmGzGkDo6Ny0HATOLAjlQJ7z7k=
x-served-by
cache-yul12820-YUL, cache-yul12830-YUL
last-modified
Wed, 15 Jun 2022 21:40:00 GMT
server
AmazonS3
x-timer
S1656038519.891692,VS0,VE0
etag
"6fbea13d5c668ec186002f0f1dd7a958"
vary
Accept-Encoding, Authorization
x-amz-request-id
C308JWD8SSNE3MDF
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0, 2
accountwithtoken
kinja.com/api/profile/ 		197 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kinja.com/api/profile/accountwithtoken?jsonp=_fasttoken&newFollows=true
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e5fb2c716bd5857cb276f3cb6ca76b9bc584356d5506067bd22fba52dabfce50
Security Headers
Name Value
Content-Security-Policy default-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-cache
MISS, MISS
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device
desktop
x-cdn-fetch
mantle-setcookie
content-length
195
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000146-IAD, cache-yul12830-YUL
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-timer
S1656038519.982609,VS0,VE28
x-frame-options
DENY
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept-Encoding,Origin
content-type
application/javascript; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache, no-store, private
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-cache-hits
0, 0
gtm.js
www.googletagmanager.com/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TH42LHK
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b871a3915bf2f2ea3125266f109c1f33226304f1fa99ed0cbafa0aee9fb883a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38984
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Jun 2022 02:41:59 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7087
date
Fri, 24 Jun 2022 00:43:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 24 Jun 2022 02:43:52 GMT
no63bw902mddhwxtjtxh.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/no63bw902mddhwxtjtxh.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5fa1b90217bb9ee7ec9bc013916964ddb9e2605d81c01c75242a05083a9ce78

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
multipartBody6855767851325188419asTemporaryFile
via
1.1 varnish, 1.1 varnish
etag
"VYPtQHZ21kthFozg0XzD6acYx23adVuS+kTR5e3Ma9s"
x-amz-meta-cld-interesting
{"eyedea":[]}
age
8628258
accept-ranges
bytes
x-amz-meta-cld-version
1503075550
x-cache
HIT, HIT
fastly-io-info
ifsz=6288 idim=224x224 ifmt=png ofsz=1700 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key
480706910386508392927032937926435373969
fastly-stats
io=1
x-amz-request-id
N9BPMT2Z5AADPPBE
x-amz-id-2
I9fPst3D+4Fmxznp/osRQNHY/ZIhH+5aqxvDiF5O/g+daAXG8zGItWC/UaRymIjiflTokUZqNLI=
x-served-by
cache-iad-kcgs7200085-IAD, cache-yul12830-YUL
x-amz-meta-cld-transformation-id
10000011314925
server
AmazonS3
x-timer
S1656038519.989869,VS0,VE0
date
Fri, 24 Jun 2022 02:41:58 GMT
vary
Accept
x-amz-version-id
null
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length
1700
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
2375, 3152
rnxqtvv6advgidzfs6am.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/rnxqtvv6advgidzfs6am.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
695d18fc0d3253ff18ee97cfc66179c16f4aa1e823820bcee093e9295ca947df

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
multipartBody3013833540755996328asTemporaryFile
via
1.1 varnish, 1.1 varnish
etag
"ML/okACXgHDAAAZMddxnIAac6HCCSFFhJjiXgDSEkWk"
x-amz-meta-cld-interesting
{"eyedea":[]}
age
11987497
accept-ranges
bytes
x-amz-meta-cld-version
1429558706
x-cache
HIT, HIT
fastly-io-info
ifsz=7032 idim=500x500 ifmt=png ofsz=1110 odim=80x80 ofmt=webp
fastly-stats
io=1
x-amz-request-id
Y5EYSA1RCC7NVN8V
x-amz-id-2
2Qy0dShZFFMnKCjaAZR8Lzy9dMUflE07yBwVIgsKmb7jYiMqorfg477mSrH3HyKZ0i6Q6FeU4AE=
x-served-by
cache-iad-kcgs7200084-IAD, cache-yul12830-YUL
x-amz-meta-cld-transformation-id
10000011314925
server
AmazonS3
x-timer
S1656038519.989850,VS0,VE0
date
Fri, 24 Jun 2022 02:41:58 GMT
vary
Accept
x-amz-version-id
null
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length
1110
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
4, 3106
52a29fe0001de9a08e76ea6d559528e9.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 		888 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/52a29fe0001de9a08e76ea6d559528e9.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
794988cdd4276662be72313c3fe92c673a2d64dad47a7b3030423a4feab406d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
sh_6brm4QTuY6IG8MUH9BKryMuYqgH68
via
1.1 varnish, 1.1 varnish
etag
"cA/yrCgVxIfgSmIQi3V2k1rXjktIHyFHxPxVH/AQDoM"
age
13534250
x-cache
HIT, HIT
fastly-io-info
ifsz=597 idim=64x64 ifmt=png ofsz=888 odim=80x80 ofmt=webp
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
888
x-amz-id-2
pZE/lRCY+yfyDTVBPx3IHsuy2/fGcCPYi8t/9Bycx53TYFvrZnZGyMJ+PCJQm+n6sCbKw19oR4M=
x-served-by
cache-iad-kcgs7200025-IAD, cache-yul12830-YUL
server
AmazonS3
x-timer
S1656038519.989883,VS0,VE1
date
Fri, 24 Jun 2022 02:41:58 GMT
vary
Accept
x-amz-request-id
8B8Z97QV7KWQQRRM
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
accept-ranges
bytes
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
226, 3074
aqhdzcldymb9mkltfhxh.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 		1022 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/aqhdzcldymb9mkltfhxh.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6865fdaa619738961b7a2b2ce90803745a2327084d611f55145b09750505f5a0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
multipartBody222051404886864292asTemporaryFile
via
1.1 varnish, 1.1 varnish
etag
"nsDztHNj4GIxLtfgblyZRw1/FXCb5xUznWZFK2Df9eU"
x-amz-meta-cld-interesting
{"eyedea":[]}
age
23656102
accept-ranges
bytes
x-amz-meta-cld-version
1429730049
x-cache
HIT, HIT
fastly-io-info
ifsz=3681 idim=500x500 ifmt=png ofsz=1022 odim=80x80 ofmt=webp
fastly-stats
io=1
x-amz-request-id
C3VDYM62Y1FBTY8W
x-amz-id-2
10FuorTXBrlkf6GLzAoAWh53ayKOjoM4Zt+ipPeYr2Z6Y1u/XdKA61RKWdfqQ+8szbF9Obcjoz4=
x-served-by
cache-bwi5149-BWI, cache-yul12830-YUL
x-amz-meta-cld-transformation-id
10000011314925
server
AmazonS3
x-timer
S1656038519.013473,VS0,VE0
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-version-id
null
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length
1022
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3138
muaaluj2wznfomol9ero.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 		484 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/muaaluj2wznfomol9ero.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5338cf28185a0f0aee716e5ea8592b898b678b6e67925633a13925e4dab253a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
multipartBody3677078627959104967asTemporaryFile
via
1.1 varnish, 1.1 varnish
etag
"vtSmZRVEcBUfvO7ZAqx46XF4EXc1v/0XODZh9iOuDcg"
age
24256248
accept-ranges
bytes
x-amz-meta-cld-version
1602603556
x-cache
HIT, HIT
fastly-io-info
ifsz=8991 idim=512x512 ifmt=png ofsz=484 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key
483978020382689015626380439451237866648
fastly-stats
io=1
x-amz-request-id
90AK9JF2V2F21A6R
x-amz-id-2
3Dv3V0J7U5SBiUvBR3dlESqCURUcPJvuMEeyO7C8Bn+Mrycf/FzJZ35lOlZyFl4RwRA+hSapzrA=
x-served-by
cache-bwi5163-BWI, cache-yul12830-YUL
x-amz-meta-cld-transformation-id
10000011314925
server
AmazonS3
x-timer
S1656038519.014027,VS0,VE0
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-version-id
null
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length
484
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3085
v4sckews2f3bzf0ztbkf.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/v4sckews2f3bzf0ztbkf.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d840f0d6fa9d269bbb3ba942393b71e93c77092408a5cb15d7017bce287174b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
multipartBody1373544057627936484asTemporaryFile
via
1.1 varnish, 1.1 varnish
etag
"guIJo0O57rbmafTXAoEwbE+mpyfjSre0bXYj7lJkt/4"
age
27895539
accept-ranges
bytes
x-amz-meta-cld-version
1561985979
x-cache
HIT, HIT
fastly-io-info
ifsz=5431 idim=200x200 ifmt=png ofsz=1766 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key
468094834964017519943413805555445884312
fastly-stats
io=1
x-amz-request-id
0FQWP1Z5NJXKJNVY
x-amz-id-2
Jr4Yxg6piqT4MgoUHyeweozxZ7Np5pK6TrrFIB4NqRX5xFjx7hXXC+Cumdi4ySiUaKh9eTCGTbU=
x-served-by
cache-bwi5133-BWI, cache-yul12830-YUL
x-amz-meta-cld-transformation-id
10000011314925
server
AmazonS3
x-timer
S1656038519.014168,VS0,VE0
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-version-id
null
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length
1766
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3270
u0939doeuioaqhspkjyc.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 		652 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/u0939doeuioaqhspkjyc.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8adbca7c94a147c083f537865f279f6be4a4fd50bb39e5c4e961f2c76a28292d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
multipartBody830235350765191724asTemporaryFile
via
1.1 varnish, 1.1 varnish
etag
"2fDdZJUddEHtV3hfCHqH0z5efk43ZObTZ28CZl52xqY"
x-amz-meta-cld-interesting
{"eyedea":[]}
age
24264509
accept-ranges
bytes
x-amz-meta-cld-version
1429733475
x-cache
HIT, HIT
fastly-io-info
ifsz=2682 idim=500x500 ifmt=png ofsz=652 odim=80x80 ofmt=webp
fastly-stats
io=1
x-amz-request-id
FDE7WRYS79VTJT0H
x-amz-id-2
8aocDqkZ7DPGcdIFvwyptVDRX+g7zzJ3Nt4rGeQbNiEJXuwlVdHd8oJxBOFeaRi2SfJZ35jbEpM=
x-served-by
cache-bwi5168-BWI, cache-yul12830-YUL
x-amz-meta-cld-transformation-id
10000011314925
server
AmazonS3
x-timer
S1656038519.036946,VS0,VE0
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-version-id
null
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length
652
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3115
f5zr3vuc90hrpnmx0nme.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/f5zr3vuc90hrpnmx0nme.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e14be9e8f91d3649c96f7c89191f211bfd2943687755a6bd5177203c5adb57af

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
multipartBody5089823256283285827asTemporaryFile
via
1.1 varnish, 1.1 varnish
etag
"IFnRqtHuab/D9WewDkH/AkEmOuR0xXmEDeP+0/rfuaQ"
x-amz-meta-cld-interesting
{"eyedea":[]}
age
22454574
accept-ranges
bytes
x-amz-meta-cld-version
1484240451
x-cache
HIT, HIT
fastly-io-info
ifsz=5337 idim=200x200 ifmt=png ofsz=1708 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key
322300280938454116175192213674274011072
fastly-stats
io=1
x-amz-request-id
THPDB395N2PAVP0Q
x-amz-id-2
/tVh5EKMwSJndnQmRioDMt1+lBOsRlRuq48SHBzQtYkT9p7pH+d+tlTCebYZ/EKmSh9SnOV/T/8=
x-served-by
cache-bwi5122-BWI, cache-yul12830-YUL
x-amz-meta-cld-transformation-id
10000011314925
server
AmazonS3
x-timer
S1656038519.037539,VS0,VE0
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-version-id
null
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length
1708
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3059
j59upeyynundqjvbmcwj.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 		942 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/j59upeyynundqjvbmcwj.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a9155f50ff45150c98d3e5e9800022fcf7610f6c348d99e2f988051b9799aaf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
multipartBody5647568388075833577asTemporaryFile
via
1.1 varnish, 1.1 varnish, 1.1 varnish
etag
"g4OUMDqvQ78AwMsFMg11KMdpYejgiVtJWx7bLWcejAw"
x-amz-meta-cld-interesting
{"eyedea":[]}
age
18824751
accept-ranges
bytes
x-amz-meta-cld-version
1510760963
x-cache
HIT, HIT, HIT
fastly-io-info
ifsz=2431 idim=200x200 ifmt=png ofsz=942 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key
545737664738484407205887734951684369634
fastly-stats
io=1
x-amz-request-id
E4898H4M0H1JYPV9
x-amz-id-2
Q9aC/eVOPfPySaQtFPJddsW4dhUc5jePMFj6rIzkSMrW83LsnjtVMlj7L9XecRajl/akyVCNcOc=
x-served-by
cache-bwi5179-BWI, cache-iad-kjyo7100141-IAD, cache-yul12830-YUL
x-amz-meta-cld-transformation-id
10000011314925
server
AmazonS3
x-timer
S1656038519.037478,VS0,VE0
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-version-id
null
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length
942
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1539, 3066
eti2h1r4wg0bqxctxenl.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/eti2h1r4wg0bqxctxenl.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
571bf2874f0d17d36e34dd86a44c881aebd2a741703b7685335d024b10b313b3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
multipartBody9216025664334835932asTemporaryFile
via
1.1 varnish, 1.1 varnish
etag
"g3qBe8yyh7UE/UEH/cpB2h83Z5HxlWs4w+le2UALplU"
x-amz-meta-cld-interesting
{"eyedea":[]}
age
23053969
accept-ranges
bytes
x-amz-meta-cld-version
1507152724
x-cache
HIT, HIT
fastly-io-info
ifsz=9635 idim=200x200 ifmt=png ofsz=3320 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key
242639741913270226995454111658787352621
fastly-stats
io=1
x-amz-request-id
HZAGV7E5Y368M9MJ
x-amz-id-2
eubPsSViBo7AVtWYbXawPMNxvN76kj4Yg8ucw7w69hv4Fl1UPzjaJZaRTDvLw/+96kZUttSdX2o=
x-served-by
cache-bwi5174-BWI, cache-yul12830-YUL
x-amz-meta-cld-transformation-id
10000011314925
server
AmazonS3
x-timer
S1656038519.037489,VS0,VE0
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-version-id
null
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length
3320
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3069
kqnkjlylkf7tymsqmoqr.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/kqnkjlylkf7tymsqmoqr.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd2b62f8b97109b3c256b6907602a2fe4de7999c88050402b0d5efcd94009eb1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
multipartBody2898060715416624274asTemporaryFile
via
1.1 varnish, 1.1 varnish
etag
"capslbw8Mfspc5aYfErSeqmKb4mAWu7ItKqSjAgxNUE"
age
24257892
accept-ranges
bytes
x-amz-meta-cld-version
1526574123
x-cache
HIT, HIT
fastly-io-info
ifsz=7369 idim=200x200 ifmt=png ofsz=2754 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key
308520473166932787693719626034387016602
fastly-stats
io=1
x-amz-request-id
M5HP2FJ7VHG3CBGZ
x-amz-id-2
9AvnB5/wuuoqwlYX5o3cKVXBnQouH+FljfVbGTcoN89uUukKMRStmahy6XWcKFlL16qp73DXEEM=
x-served-by
cache-bwi5153-BWI, cache-yul12830-YUL
x-amz-meta-cld-transformation-id
10000011314925
server
AmazonS3
x-timer
S1656038519.058567,VS0,VE0
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-version-id
null
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length
2754
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3062
a6d57364dc6696c713c35d164cfe5c37.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,pg_1,q_60,w_645/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,pg_1,q_60,w_645/a6d57364dc6696c713c35d164cfe5c37.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d09b273f9858b0cc409dac1ad936d2c56708934debb98da0283c16eb61bab1e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
M5yn4Dzd5G3kzVeU32jFwe6cWARruV6N
via
1.1 varnish, 1.1 varnish
etag
"NVbp8cG3dQqqLJbIz+nTEHzchCInYz2qSMPIHq3kqSQ"
age
37529
x-cache
HIT, HIT
fastly-io-info
ifsz=338425 idim=2000x1125 ifmt=jpeg ofsz=8728 odim=645x362 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
8728
x-amz-id-2
gmmXIY/YAY5cuHo1zlyAVOBAxIZ4TsuZLyjSK9KM93aMmbl2c87Eipl6TG1KGe401qi7gVB9eC4=
x-served-by
cache-iad-kiad7000053-IAD, cache-yul12830-YUL
server
AmazonS3
x-timer
S1656038519.059137,VS0,VE2
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-request-id
BFGEJQ8MDHYBRBKW
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=362&quality=60&width=645
accept-ranges
bytes
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
00b4aa77b064c5277fcb198f60a32cf3.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/00b4aa77b064c5277fcb198f60a32cf3.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d52b68d038913ca950b6971f7fdf46b7fcad9a3d90e7494b23c9234362f9607

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
RD.oPPbkKxPtz51oVk4cbnHFNlQ1pxXd
via
1.1 varnish, 1.1 varnish
etag
"h9+F0x8kDRhMeoqLfcETJTdKPrvziCPKDYLOY2l3X0g"
age
110515
x-cache
HIT, HIT
fastly-io-info
ifsz=997491 idim=2000x1133 ifmt=jpeg ofsz=11516 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
11516
x-amz-id-2
o5YBTAOW11ye6Oz9cQjzDFvD/2+NjecXyincsYrFe7J59fM4tgYdHFxukm8sWvepOCG7BJ1vsN8=
x-served-by
cache-iad-kiad7000075-IAD, cache-yul12830-YUL
server
AmazonS3
x-timer
S1656038519.059125,VS0,VE1
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-request-id
6Y8PQEQF4XCWB0RT
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
accept-ranges
bytes
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
d12f734f42ddba7e3215483739e5729a.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/d12f734f42ddba7e3215483739e5729a.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f746f19a69181dc803ed4b8c9cf041710d0e41e572494315dc383c2097b6e29

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
9abbL3R20Mn7xKy3YquyR7UNMGT9Vb3n
via
1.1 varnish, 1.1 varnish
etag
"WVqp5aUxPjp/l1lLGD8PBMDPMHzztBsBqu2ZJ5gu0N0"
age
37448
x-cache
HIT, HIT
fastly-io-info
ifsz=3882217 idim=2000x1133 ifmt=png ofsz=104722 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
104722
x-amz-id-2
oBgAmXygHVPK31111xbVzW96BEs8XKH1tmrXBcJJICmG0pKuQ4ncTDpYGhP4N3DShxiiolLewEs=
x-served-by
cache-iad-kiad7000088-IAD, cache-yul12830-YUL
server
AmazonS3
x-timer
S1656038519.059117,VS0,VE1
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-request-id
CDHE2QPNWPGKC75J
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=191&quality=60&width=340
accept-ranges
bytes
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
e06a50b7b94b2aa30e0bd5f91d7b4e36.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/e06a50b7b94b2aa30e0bd5f91d7b4e36.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22a5522f73319b262da3aff3beddc419078ee817f7de265c25c8d99c0dfb084b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
Zwmpa3jlag2r0l.BAt4Z.0nheEUOE1ar
via
1.1 varnish, 1.1 varnish
etag
"h121qXhaJEWTYRaPlXHKXe9+P2QXO4ZlJkf2UtWliYE"
age
115051
x-cache
HIT, HIT
fastly-io-info
ifsz=2809364 idim=2400x1350 ifmt=jpeg ofsz=5258 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
5258
x-amz-id-2
Xd+dUDhvh0rzz5CcW38TqYlc8VJztKRCaI2F9G0/7X16rLXTrzBcwPxjfagUDqyDXFV+5OK8CGU=
x-served-by
cache-iad-kcgs7200027-IAD, cache-yul12830-YUL
server
AmazonS3
x-timer
S1656038519.059105,VS0,VE1
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-request-id
YH4SAAW1TSSRC04M
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
accept-ranges
bytes
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
1b2a3106bbe7d08961cd935a4f8cbfbd.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/1b2a3106bbe7d08961cd935a4f8cbfbd.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4caad4842547c6c35284766da0ca71d53fe604e892646808fbf2aaa766d7ae3f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
rc2D6E_fjASrpRE7V3_mxoAG8eIxdlp.
via
1.1 varnish, 1.1 varnish
etag
"lxXnowinsNLuCwxB8r5xf9k7/h5n+IDJDml3M9XAuBA"
age
117239
x-cache
HIT, HIT
fastly-io-info
ifsz=472645 idim=1677x943 ifmt=jpeg ofsz=4594 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
4594
x-amz-id-2
51GPbwGcM1y/kw+HJPPY/yrOtOYX1AwcCp/dWTDaiyjWMl6WfKpfhQj7Q3/Yw1tEwkE+ZUc8tH4=
x-served-by
cache-iad-kcgs7200131-IAD, cache-yul12830-YUL
server
AmazonS3
x-timer
S1656038519.063485,VS0,VE1
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-request-id
E5S2RE59D6YS5PBM
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
accept-ranges
bytes
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
833db21b5300c3c9c8cdbcc28e22bb70.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,pg_1,q_60,w_645/ 		218 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,pg_1,q_60,w_645/833db21b5300c3c9c8cdbcc28e22bb70.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3dcc6bcc1e11c2b659aa18bc697624b73528dedc5ef2356ef96acc7fc0c169a

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
v4sWus1bfEez_N2ALDshpPsznP1mwpjq
via
1.1 varnish, 1.1 varnish
etag
"ZjPZnjwqVYQJZ9nW40XeXxQvbLbQnnn4wOPfhYig9kk"
age
643114
x-cache
HIT, HIT
fastly-io-info
ifsz=2347787 idim=1920x1080 ifmt=png ofsz=223534 odim=645x362 ofmt=webp
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
223534
x-amz-id-2
mSZ9AeJJ5cBH3au6UqupdFb63PJUkMQbNMHgRzHmJWwGgdJ1PjfZ6ZJ9I4CbdLi4BBGEeqr0/LU=
x-served-by
cache-iad-kjyo7100042-IAD, cache-yul12826-YUL
server
AmazonS3
x-timer
S1656038519.086239,VS0,VE0
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-request-id
EWKG3Q2VVZFYAW11
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=362&quality=60&width=645
accept-ranges
bytes
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4132
f6a6f7530499c8e7456146b84371afcf.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/f6a6f7530499c8e7456146b84371afcf.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9fb447aa283d2c4a8e19f86f5d02223797a6e4834731642b5213414d7ad8a744

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
p5gkvNNfV2oJY6f6dBHALO8v89IjBeAy
via
1.1 varnish, 1.1 varnish
etag
"VRG+EHUzoRYps6IuMa2Ni/11HbbBTmxynhjyqzDMbdk"
age
725398
x-cache
HIT, HIT
fastly-io-info
ifsz=5434961 idim=2726x1528 ifmt=png ofsz=4642 odim=340x191 ofmt=webp
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
4642
x-amz-id-2
OvRADM4oGoC+mxSZNqqPaWJ9dvUiF2E/X6JDJUHVHcHPwcnM51Dc6pLGBuXsBEislt3AW8iAl8U=
x-served-by
cache-iad-kjyo7100031-IAD, cache-yul12830-YUL
server
AmazonS3
x-timer
S1656038519.086743,VS0,VE1
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-request-id
37H057CGZ6MW7F0G
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
accept-ranges
bytes
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
c67b0e92d43bf19ad4ec822386177cac.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/c67b0e92d43bf19ad4ec822386177cac.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
355cc61b02b30847958913891715a41352be8e4f45f118e7ad05aec2b09cae19

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
JwF2wjLFUeW7PN81mQ6yPCkRv3ZAbuED
via
1.1 varnish, 1.1 varnish
etag
"VYN4en6AsQOCyNjNbdLxfoLk1rifyL+KZ3xRCu4j5z8"
age
812592
x-cache
HIT, HIT
fastly-io-info
ifsz=4325238 idim=2730x1528 ifmt=png ofsz=1712 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
1712
x-amz-id-2
287t5NOS80WafeX2caevIdj5K3i14YZzzMGfGtDHXnZOEChqNPuyquXC4Xh84nZbS1LZdik2gZc=
x-served-by
cache-iad-kjyo7100138-IAD, cache-yul12830-YUL
server
AmazonS3
x-timer
S1656038519.086942,VS0,VE1
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-request-id
XEH23AFN2MMY7GMT
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
accept-ranges
bytes
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
6c7c326f080da1208792fe11f56057c3.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/6c7c326f080da1208792fe11f56057c3.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e49c8515f0abc0adaea6451f3cae2ba7ae89a5f3ad8322c811dd41ba1c501a7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
GYT0nHQuDyeSyLCpWJsKwJOw3dlNSdNb
via
1.1 varnish, 1.1 varnish
etag
"+BVg3I79JeVGvEGwq4rBxBSnjkXcaMBPj6MBRxv/fBc"
age
1941785
x-cache
HIT, HIT
fastly-io-info
ifsz=1131132 idim=2000x1125 ifmt=jpeg ofsz=4358 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
4358
x-amz-id-2
zfXVsb5hhMEfNtuY1jSXGf+C4W6BKif1+MVLd/h1bds5hSknBeXdHTjQS59lpy2osqHapATAWac=
x-served-by
cache-iad-kcgs7200061-IAD, cache-yul12830-YUL
server
AmazonS3
x-timer
S1656038519.088470,VS0,VE1
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-request-id
5VDZFW7DHX1V1KP0
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
accept-ranges
bytes
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
e3e61a8ac41aa36a3d9a967d12fa2104.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/e3e61a8ac41aa36a3d9a967d12fa2104.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6fa873d38073539d9e87f43fb07e63ed486127a74d7644c4c9be28a1aaac334

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
rpy9dgLL_BH1U8OcHzsjfJLEBMrxeJ1F
via
1.1 varnish, 1.1 varnish
etag
"eaJAoFygVc4Gf8CXDrmgZrVlVdYyADSShfAbxJZ1ARI"
age
1319421
x-cache
HIT, HIT
fastly-io-info
ifsz=4458110 idim=2742x1532 ifmt=png ofsz=2064 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
2064
x-amz-id-2
/7d6Xx6XuqYtuUNhuhg4vpXcFIsGaj1YohUOEy+0X9qp+r2atxNK58XjAIPFiwAKOzOrr8wcWnY=
x-served-by
cache-iad-kiad7000143-IAD, cache-yul12830-YUL
server
AmazonS3
x-timer
S1656038519.088570,VS0,VE1
date
Fri, 24 Jun 2022 02:41:59 GMT
vary
Accept
x-amz-request-id
G4PS3001KM3B2D7Z
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
accept-ranges
bytes
content-type
image/webp
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif
runtime~trackers.e111d427b1dc1aa1103a.js
www.theonion.com/x-kinja-static/assets/new-client/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~trackers.e111d427b1dc1aa1103a.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f5dfc1b13ca46ddc104a9f6abb84bf87cce0ac13141af4e243d36f415caf6d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
4271039
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
1122
x-amz-id-2
kyqKYuRGUfsnI9aH6v7G5Lsbkqf4kGZoX0fPQAqvc82Kd53fH2uaAnIviAWeNYuXLrBS6WROe4I=
x-served-by
cache-yul12832-YUL, cache-yul12830-YUL
last-modified
Thu, 05 May 2022 16:15:32 GMT
server
AmazonS3
x-timer
S1656038519.892168,VS0,VE0
etag
"5e8316fe208f5246fe7214ab06c1b0fb"
vary
Accept-Encoding, Authorization
x-amz-request-id
C8CFP2MAXCYP5JH8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 2
vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~1859238f.dcf326f76f12dfbe1286.js
www.theonion.com/x-kinja-static/assets/new-client/ 		245 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~1859238f.dcf326f76f12dfbe1286.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9179d5714c6872d3b71d91ac30087f3c9751d34fbf044fd91955844e7d0561
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
1862328
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
67886
x-amz-id-2
Jun1vJRvllka6ntYgXj73a8aATDk/6g/YkGpCQTI1rS1sYDdzRQb4CpKh/zT1sqn7NG91eQey44=
x-served-by
cache-yul12833-YUL, cache-yul12830-YUL
last-modified
Thu, 02 Jun 2022 13:21:00 GMT
server
AmazonS3
x-timer
S1656038519.892027,VS0,VE1
etag
"c6b6261dfa1c839a76ed66e9d2836f02"
vary
Accept-Encoding, Authorization
x-amz-request-id
GAWJBF0P2F011Y8K
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3, 381
vendors~carGalleryPage~curatedHomepage~featureSwitchPageClient~featuredPermalinkPage~frontPage~perma~9c380619.629ca8e3c6da403f5011.js
www.theonion.com/x-kinja-static/assets/new-client/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendors~carGalleryPage~curatedHomepage~featureSwitchPageClient~featuredPermalinkPage~frontPage~perma~9c380619.629ca8e3c6da403f5011.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26a044c77387482361a14944149abad392038c2c3994f62dc8ee22cf5794ede2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
679616
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
6344
x-amz-id-2
haJ52Au7Vxxnm4jSoXsT4aZbLWi0m1v1OvAO6X5zCbgwCuD9E5Jwv5So9s7HXi3EYeUsqiWnRMw=
x-served-by
cache-yul12820-YUL, cache-yul12830-YUL
last-modified
Wed, 15 Jun 2022 21:40:00 GMT
server
AmazonS3
x-timer
S1656038519.892660,VS0,VE2
etag
"fdc1edbe8393a96f87c5b1a89802fad6"
vary
Accept-Encoding, Authorization
x-amz-request-id
7E8M307GFJ6D4HX5
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0, 383
vendors~trackers.bc8a247c4090bcf4745b.js
www.theonion.com/x-kinja-static/assets/new-client/ 		105 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendors~trackers.bc8a247c4090bcf4745b.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b901edf234cb849cac6825e7a10c109d7dbef953504ebb47dd8c673bb1a7858
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
3825266
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
34461
x-amz-id-2
jS1qqEruDc2wrBo7HjALx0yKObrUoOFZfXV5+9lTwizsHudYtwv4GJ/AA4cEParwPsVmfYXhwfA=
x-served-by
cache-yul12829-YUL, cache-yul12830-YUL
last-modified
Tue, 10 May 2022 20:05:20 GMT
server
AmazonS3
x-timer
S1656038519.893359,VS0,VE0
etag
"abcb4b3387a074727f6114af9e60d872"
vary
Accept-Encoding, Authorization
x-amz-request-id
814D5XVZ5MWN7B7A
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 2
adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~commerceDashbo~8ebf365d.797047a3b30fbcb19ca5.js
www.theonion.com/x-kinja-static/assets/new-client/ 		111 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~commerceDashbo~8ebf365d.797047a3b30fbcb19ca5.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48d0bd5bb121914636533012598b76ba697a956b792fae1c44051f9120e73cd1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
681046
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
21551
x-amz-id-2
FH0EktsWqBkg2kZnyRXKpXsOcZ75YraOPK0IKXIJSTTGzHXaMnwyqzJHHCgSBxHdlnty5WOb0yo=
x-served-by
cache-yul12824-YUL, cache-yul12830-YUL
last-modified
Wed, 15 Jun 2022 21:39:57 GMT
server
AmazonS3
x-timer
S1656038519.892007,VS0,VE0
etag
"935c5acf981ddc046e48dfabcae1cc8d"
vary
Accept-Encoding, Authorization
x-amz-request-id
BW04QS8SEPX9NNSE
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0, 2
alertsUnsubscribePage~biztoolsPage~carSpecsPage~commerceDashboard~errorPage~featureSwitchPage~newsle~8db3e682.6bd451b0590cfe33d390.js
www.theonion.com/x-kinja-static/assets/new-client/ 		33 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/alertsUnsubscribePage~biztoolsPage~carSpecsPage~commerceDashboard~errorPage~featureSwitchPage~newsle~8db3e682.6bd451b0590cfe33d390.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2927d7462119e316f133f948ddc045aeb2152789468326012a4da3d8525e745b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
680041
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
5448
x-amz-id-2
/2Qz0kFKDlimvA7qmw0M0bzSmavEzY9NBL/PGUe3xCzy5GEuAgHG/wGmkyvm38KyT36KSO3nCi8=
x-served-by
cache-yul12828-YUL, cache-yul12830-YUL
last-modified
Wed, 15 Jun 2022 21:39:57 GMT
server
AmazonS3
x-timer
S1656038519.892005,VS0,VE0
etag
"4d4be75ac3b56739b9c54c1f6e3e192c"
vary
Accept-Encoding, Authorization
x-amz-request-id
HE2V35MF06KDK13B
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0, 2
second-scroll~trackers.42505682ac4fec5d5427.js
www.theonion.com/x-kinja-static/assets/new-client/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/second-scroll~trackers.42505682ac4fec5d5427.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a866ca1136e806e9828e414cc01cb80545d02cec04818a4522e8f56d6fa6f9ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
679616
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
3805
x-amz-id-2
pVd+y/xExD88iJ7cvBDy54oOL9NoA5Umu7dGdN7x9BwEvhzMyLJg1hq9S3oy0Xw5nYvATkGIp44=
x-served-by
cache-yul12820-YUL, cache-yul12830-YUL
last-modified
Wed, 15 Jun 2022 21:39:59 GMT
server
AmazonS3
x-timer
S1656038519.893085,VS0,VE0
etag
"df2da976de479c9e2c443705ffa24b49"
vary
Accept-Encoding, Authorization
x-amz-request-id
C30BYQRKQ1SC4XTB
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0, 2
trackers.5b8f6de4302beba68d06.js
www.theonion.com/x-kinja-static/assets/new-client/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/trackers.5b8f6de4302beba68d06.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc99b40b87c5fab259039ebb6b41e96d80f245956285500219e26b8bb34a546e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
246434
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
5441
x-amz-id-2
BlmUUsvHoffpWKoUAAforRXAMgV8ROmlGBynGC9/URwMyHHYZbzSYQH/9640vo1fJQONOI5Vwd4=
x-served-by
cache-yul12834-YUL, cache-yul12830-YUL
last-modified
Mon, 20 Jun 2022 15:09:52 GMT
server
AmazonS3
x-timer
S1656038519.892730,VS0,VE0
etag
"d636745f5e41d1c05f94ac2fcfb9d832"
vary
Accept-Encoding, Authorization
x-amz-request-id
6JNDZBABH9VPY904
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0, 2
runtime~curatedHomepage.664eae987262edb858e2.js
x.kinja-static.com/assets/new-client/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/runtime~curatedHomepage.664eae987262edb858e2.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
594fdcdb209b6650649d47cae551fac383c03889007602c13dd7a430f0ceb846
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
96
via
1.1 varnish
x-cache
HIT
content-length
2288
x-amz-id-2
ZcaWjG6PoatruzUXQNHDZLozGQXhnEXD3Ld6CytHP4WtYlSrtaRusq+8qwofsKplCmG7xv7/Sks=
x-served-by
cache-yul12830-YUL
last-modified
Tue, 21 Jun 2022 20:00:34 GMT
server
AmazonS3
x-timer
S1656038519.088815,VS0,VE0
etag
"111cf0284e76273af1f424b4fb406fab"
vary
Accept-Encoding
x-amz-request-id
J0B719H6CTBAV67E
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
10
video-html5~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~ch~2e2f81c6.d9fbd9366fac91d28613.js
x.kinja-static.com/assets/new-client/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/video-html5~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~ch~2e2f81c6.d9fbd9366fac91d28613.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2d54a429e2e49810bbb36bd0b7b33a8b94abde8d386a1e2eff7ba09b0aeb553
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
96
via
1.1 varnish
x-cache
HIT
content-length
5429
x-amz-id-2
pv9OeknTt2VfJmATa638g/U6VTwf4ttXKLvZpPOwIxAphwp2cixFrwVjTUNEFuX3eWad2mypTwo=
x-served-by
cache-yul12830-YUL
last-modified
Wed, 15 Jun 2022 21:40:00 GMT
server
AmazonS3
x-timer
S1656038519.097342,VS0,VE0
etag
"4c2dacf8ee315f57cbec65b359bca822"
vary
Accept-Encoding
x-amz-request-id
6G0NNDBGA8V3KNMH
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3
video-html5~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~comme~c6625ffe.77d2b991f2eac975a905.js
x.kinja-static.com/assets/new-client/ 		1 KB
828 B 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/video-html5~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~comme~c6625ffe.77d2b991f2eac975a905.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ffec19432c6a816742224c1b7737ee3557d7e641cd28b6f4d549bd125d38898
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
119
via
1.1 varnish
x-cache
HIT
content-length
603
x-amz-id-2
VmmSxqQX2sR6PeadDDQnJkPXmLXsxnvQFif2xk/AKlZEhnDbj7i5YnIGdraxVp09DgZHsU7N5w0=
x-served-by
cache-yul12830-YUL
last-modified
Mon, 13 Jun 2022 21:24:54 GMT
server
AmazonS3
x-timer
S1656038519.107970,VS0,VE0
etag
"0555f89b869ce62c8c31c557367dacb9"
vary
Accept-Encoding
x-amz-request-id
21PDKS9HV8V30KDZ
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3
vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~eef4b2a4.89b3fa5590d12e464be8.js
x.kinja-static.com/assets/new-client/ 		115 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~eef4b2a4.89b3fa5590d12e464be8.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9de17ab4cd37bb8a6a102cbc9fff239f23204fa786f85574dc77c25508dfd0da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
77
via
1.1 varnish
x-cache
HIT
content-length
32829
x-amz-id-2
rKgVxcNsfRDR2hHbTFifhNzDYPU3OlJ4x25APT+ztixb390VxD+nkPN+TpYZMpjaEkJehxRq1fQ=
x-served-by
cache-yul12830-YUL
last-modified
Mon, 16 May 2022 21:04:34 GMT
server
AmazonS3
x-timer
S1656038519.108518,VS0,VE0
etag
"eb460077f9849983381899aa3d1cf723"
vary
Accept-Encoding
x-amz-request-id
7WRJ6TRXVF9CTAQG
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3
vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~54a4efbf.18a8819ef24e095286be.js
x.kinja-static.com/assets/new-client/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~54a4efbf.18a8819ef24e095286be.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c92569f3bf39abd4418f11d271ea1047662b15c4986a6d708ac3dcccfa49c48c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
77
via
1.1 varnish
x-cache
HIT
content-length
2109
x-amz-id-2
4mIPUjHjQDikObJCTKyDlAImENkeW1vyS2gBmSKFPTHCn9Mahg2GDY3L9nCbks7HIdHeEy2YSdU=
x-served-by
cache-yul12830-YUL
last-modified
Wed, 15 Jun 2022 21:40:00 GMT
server
AmazonS3
x-timer
S1656038519.108496,VS0,VE0
etag
"0d18eff84711aea628d116c32d096dea"
vary
Accept-Encoding
x-amz-request-id
6G0XHKSG2MY7KH7S
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3
vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~d38cfaf5.863d540e0a72dff18914.js
x.kinja-static.com/assets/new-client/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~d38cfaf5.863d540e0a72dff18914.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c8d7341a586646a7352cff98828c3a2b40e11c470a7135f6a8ff35ee038ed56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
96
via
1.1 varnish
x-cache
HIT
content-length
1693
x-amz-id-2
X5Gj7tO+0DPvkLz6Czj3a08rBAXcONlZGL53GCIB1e4ES4hY5AxaJiN0C+f3i9it5zzwMTwEJjg=
x-served-by
cache-yul12830-YUL
last-modified
Wed, 15 Jun 2022 21:40:00 GMT
server
AmazonS3
x-timer
S1656038519.108481,VS0,VE0
etag
"06096562b0b4a838e4c7533453858fea"
vary
Accept-Encoding
x-amz-request-id
83HEK3JN9NXY9CQG
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3
vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~50cce69e.a69651be56000aca7c3b.js
x.kinja-static.com/assets/new-client/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~50cce69e.a69651be56000aca7c3b.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
073b21c537d95d2274fb5b5392f51ce22a873199388cbe0db242427dca9fdb11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
96
via
1.1 varnish
x-cache
HIT
content-length
2578
x-amz-id-2
P1PQ8t9gH8B/TB3rbmAHfiWlp0u96lBMT8xMO74GOi+19G6bkl8n6o09g9rUlvAwC5un8x/HeMI=
x-served-by
cache-yul12830-YUL
last-modified
Mon, 16 May 2022 21:04:34 GMT
server
AmazonS3
x-timer
S1656038519.108460,VS0,VE0
etag
"308e73f85140346ed7338a2b3d7dde92"
vary
Accept-Encoding
x-amz-request-id
BJ20PNSTVJ538DHE
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3
vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~007de4ae.906b80ebac7fdbc72d70.js
x.kinja-static.com/assets/new-client/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channe~007de4ae.906b80ebac7fdbc72d70.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25dd534b54365a2dad31b02d486a2278447d9b697348d820bf4089708021b101
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
77
via
1.1 varnish
x-cache
HIT
content-length
9668
x-amz-id-2
ShCVJzuZ6ffqeSSyZMiibatpF0bqk+sRlJ6gYa1q0/WrRdQuD2JL8wz7YMpUxYCpdClmV6C9y8U=
x-served-by
cache-yul12830-YUL
last-modified
Mon, 13 Jun 2022 21:24:54 GMT
server
AmazonS3
x-timer
S1656038519.111956,VS0,VE0
etag
"187e6f010b54a8f1806f3586325d63b2"
vary
Accept-Encoding
x-amz-request-id
21P6F1N80WC7QGH7
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3
vendors~adEditor~biztoolsPage~browser-logs~carGalleryPage~carSpecsPage~celebrityPage~channelSectionP~c4543c10.2334a0f145aff3e9d9c9.js
x.kinja-static.com/assets/new-client/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~browser-logs~carGalleryPage~carSpecsPage~celebrityPage~channelSectionP~c4543c10.2334a0f145aff3e9d9c9.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b4ae0416425af570bf943a6892376366b92e2deca08d9ced15c63cdaf06502c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
77
via
1.1 varnish
x-cache
HIT
content-length
5356
x-amz-id-2
+2UkcjTila2Cglr+11iBZdsZoISfm5J0yMXPrG/0mqoEwwey7YmP8HUWI0kBTofMAMBDBc8EtWo=
x-served-by
cache-yul12830-YUL
last-modified
Mon, 09 May 2022 15:37:18 GMT
server
AmazonS3
x-timer
S1656038519.125495,VS0,VE0
etag
"f8cced9c3b71653e909f0fc95aacefc7"
vary
Accept-Encoding
x-amz-request-id
CP4AAJZWFDYFWHFA
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3
vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
x.kinja-static.com/assets/new-client/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c8db4fb7b462b2e87a758a1968e83f666a95ede8539802dd8b9eec1ae6971ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
77
via
1.1 varnish
x-cache
HIT
content-length
11011
x-amz-id-2
SNgnO8/uxWJIWYTAFhf+v8ArCbmC+4nt7n7u5wc1NnR2Tt41NpvwE/ejvOUorX+0cZ1wKKdQ938=
x-served-by
cache-yul12830-YUL
last-modified
Mon, 20 Jun 2022 15:09:53 GMT
server
AmazonS3
x-timer
S1656038519.125994,VS0,VE0
etag
"026bd6a2f1f189eaf258c74837e48b88"
vary
Accept-Encoding
x-amz-request-id
THXRSC5RMC9J1SD2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
137
vendors~YMALModule~ad-welcome-ad.mobile~car-comparator~car-selector~celebrityPage~channelSectionPage~b2a084e9.f7d54d15e1c0e0e4ba5d.js
x.kinja-static.com/assets/new-client/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendors~YMALModule~ad-welcome-ad.mobile~car-comparator~car-selector~celebrityPage~channelSectionPage~b2a084e9.f7d54d15e1c0e0e4ba5d.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f8f7b0b3ed9cc7c0de194471aeb8deb5bdc5578ccccda76bfa5fcba26f22426
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
via
1.1 varnish
x-cache
HIT
content-length
6598
x-amz-id-2
XDl56o1Y0xPVpECpk+K5IifedJ2OvY85XuWvQsyoPmfcuoqV1vNXJ4/fFzSAiuvr3mtxYP6QwWM=
x-served-by
cache-yul12830-YUL
last-modified
Wed, 15 Jun 2022 21:40:00 GMT
server
AmazonS3
x-timer
S1656038519.125977,VS0,VE24
etag
"8704c247bbade1e8efee3369e9119e36"
vary
Accept-Encoding
x-amz-request-id
DKH55GNPA8S0ZJ8M
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
vendors~channelSectionPage~commerceDashboardClient~curatedHomepage~customHeader~login~notification~s~f59e3ca1.bb0d1c5a08bec2b9f509.js
x.kinja-static.com/assets/new-client/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendors~channelSectionPage~commerceDashboardClient~curatedHomepage~customHeader~login~notification~s~f59e3ca1.bb0d1c5a08bec2b9f509.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
667ade71ffe22726d280d30aeb8d49c43a35e9b6e1b87f1bd6e0a1baf898a02a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
96
via
1.1 varnish
x-cache
HIT
content-length
4107
x-amz-id-2
AF6iLMUFszHSDqgK1PTCtGDN5gOt3cHhuZ0G4RsPJrFjNg5LpImSfEYyvvoeYQ7lGmisgPmGCd4=
x-served-by
cache-yul12830-YUL
last-modified
Fri, 17 Jun 2022 19:15:00 GMT
server
AmazonS3
x-timer
S1656038519.126041,VS0,VE1
etag
"47d7834c5db112681b430684e3b755eb"
vary
Accept-Encoding
x-amz-request-id
ETBNK69C5W7HW7CH
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
vendors~curatedHomepage~featuredPermalinkPage~frontPage~permalinkPage~searchPage~slideshowPermalinkP~993851e3.62e820c2f285e0b9457b.js
x.kinja-static.com/assets/new-client/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendors~curatedHomepage~featuredPermalinkPage~frontPage~permalinkPage~searchPage~slideshowPermalinkP~993851e3.62e820c2f285e0b9457b.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
496a55670b5babb1da589f0d90cae3b84b01d4710b9c50f7a6e91e551991c349
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
77
via
1.1 varnish
x-cache
HIT
content-length
6282
x-amz-id-2
Zfhkl6LBm98PWOSZfy9Ku6yBLqLHMddxpEfh4SYB+sjxfJJs4zv4frwxAonwKEQOCjLqfI6O98k=
x-served-by
cache-yul12830-YUL
last-modified
Mon, 13 Jun 2022 21:24:54 GMT
server
AmazonS3
x-timer
S1656038519.125951,VS0,VE0
etag
"b205ce3ac0c18dd459d9a5dbc17188d2"
vary
Accept-Encoding
x-amz-request-id
GQ2EQNS098HWA0KW
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
2
vendors~biztools~channelSectionPage~commerceDashboardClient~curatedHomepage~splice-editor.d3f1695e0592898e94c5.js
x.kinja-static.com/assets/new-client/ 		441 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendors~biztools~channelSectionPage~commerceDashboardClient~curatedHomepage~splice-editor.d3f1695e0592898e94c5.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef8a5c6a8e3f506ff17160402e515cba52a8f998af33c36906d532d35d64426f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
96
via
1.1 varnish
x-cache
HIT
content-length
74284
x-amz-id-2
aeUBFoFL0bQAaBmrhBTm4IY39hLjYI5s6315C1fS2H/usMTi7kfkscta4n82x+MIUTR3uE78Jyo=
x-served-by
cache-yul12830-YUL
last-modified
Wed, 15 Jun 2022 21:40:00 GMT
server
AmazonS3
x-timer
S1656038519.125936,VS0,VE1
etag
"efe761235498e1eb743bc1e6d25ebe92"
vary
Accept-Encoding
x-amz-request-id
C19726SFSBAWK5JW
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
curatedHomepage.621926a4eeea0ba3abc7.js
x.kinja-static.com/assets/new-client/ 		2 MB
394 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/curatedHomepage.621926a4eeea0ba3abc7.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
528edd8dd7457b4985c6469fb36ee8d40f871a3071b7ae4d427df6aa1b682e01
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
96
via
1.1 varnish
x-cache
HIT
content-length
403226
x-amz-id-2
2R5XSk06stxWbwIroWrNbAta2O+f7la/MtDiCoIMHA6AsH+ybi8EjTgOUZwETxPxfbf9W650pk4=
x-served-by
cache-yul12830-YUL
last-modified
Tue, 21 Jun 2022 20:00:32 GMT
server
AmazonS3
x-timer
S1656038519.141807,VS0,VE1
etag
"f2d751c466375b467cf37bb3292e4138"
vary
Accept-Encoding
x-amz-request-id
STKV5WEMSFQ0KX5R
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
191132_720p.mp4
vid.kinja.com/prod/191132/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.kinja.com/prod/191132/191132_720p.mp4
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.theonion.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
via
1.1 varnish
age
158
x-cache
HIT
Content-Range
bytes 0-10741190/10741191
Content-Length
10741191
x-amz-id-2
FSnsYhc1QFd4iNx98dU8XYTsGwW9CFM5kePKtYRY0h8hSmHnIYIKmYwyncsgCrUKIlPIQlt3CGY=
x-served-by
cache-yul12826-YUL
last-modified
Thu, 16 Jun 2022 16:02:05 GMT
server
AmazonS3
x-timer
S1656038519.114954,VS0,VE1
etag
"6df9c8c201de708fb11ae469de344879-2"
x-amz-request-id
X32M6JYRK1M2W0HS
access-control-allow-origin
*
accept-ranges
bytes
content-type
video/mp4
x-cache-hits
1
libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
0
x-cache
HIT
content-length
17984
x-amz-id-2
doU/0mzHNBV3068hod1/9GISGBni45dOTb68JdxRPb553t0+uew08tKJm1BkEaS9A2a9VcD341M=
x-served-by
cache-yul12826-YUL
last-modified
Fri, 17 Jun 2022 19:13:33 GMT
server
AmazonS3
x-timer
S1656038519.049474,VS0,VE62
etag
"0518781cd45a71291d17ea1febfcc5fe"
x-amz-request-id
4YTTG7ZJ7QWF395D
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
binary/octet-stream
x-cache-hits
1
b-92ee7c4-d3619282.js
tagan.adlightning.com/gomedia/ 		82 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/b-92ee7c4-d3619282.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-37.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6f6bcacd16d4885735c8bf34e64b14598bc75b360bb02da44bffb9ab73dc1fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 18:48:07 GMT
content-encoding
gzip
age
114833
x-cache
Hit from cloudfront
content-length
31436
x-amz-meta-git_commit
92ee7c4
last-modified
Wed, 16 Mar 2022 19:19:56 GMT
server
AmazonS3
etag
"5086041455876f7638823d16d6d5011a"
x-amz-version-id
LTlh3zFnNmJpF7mEod9vuodP0rI76SrT
via
1.1 6ba47df044361b708e00c6d6274556cc.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
IAD79-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
TdCtM4CsotkAys04or5m27gX1U7QO1PNxXqDKc6G177BpgkC2DYsEA==
bl-b318b8b-fc770fdb.js
tagan.adlightning.com/gomedia/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/bl-b318b8b-fc770fdb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-37.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d924f0a8b2ea7ebdbca0cd7344422edacbbaa19de8679ad79b1fa3dddd0e6e19

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 18:48:07 GMT
content-encoding
gzip
age
114833
x-cache
Hit from cloudfront
content-length
14085
x-amz-meta-git_commit
b318b8b
last-modified
Sat, 14 May 2022 09:31:34 GMT
server
AmazonS3
etag
"cd133e524c57c07ff057a7508e542fff"
x-amz-version-id
ZVAQEnN_JoERA1qclmYe3ebWhiPRgA4U
via
1.1 6ba47df044361b708e00c6d6274556cc.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
IAD79-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
aKUgxtF2h-mip1pRhOKE9q0UrYdl6N6ZHjXcnec2C6v2qFYKLohfXA==
theonion-json-config.457c3e63ae8bf106ab97.js
x.kinja-static.com/assets/new-client/ 		22 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/theonion-json-config.457c3e63ae8bf106ab97.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e048322e1f775c081a251977ac8dcaa89a38d8f3c94c364627c3fa42cbc17750
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
via
1.1 varnish
x-cache
HIT
content-length
1657
x-amz-id-2
I5qvTMHd5fhiQs7IqrDTacTRGHplm3lNWUezfm4s1yZ7+6Vh2+2awywag0+cTodVThVK/kRkjTA=
x-served-by
cache-yul12830-YUL
last-modified
Tue, 21 Jun 2022 13:02:37 GMT
server
AmazonS3
x-timer
S1656038519.303926,VS0,VE54
etag
"72e7bc7e2fca013e29df12c4ef461d25"
vary
Accept-Encoding
x-amz-request-id
BAKV2PDR0X6MA2D9
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
prebid-js-prod.f4e5461286f2552eb207.js
x.kinja-static.com/assets/new-client/ 		387 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/prebid-js-prod.f4e5461286f2552eb207.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4fe275accd55a346519a10dcddc62f1dca9208793cf4f7c1227db825bfa0ffc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
119
via
1.1 varnish
x-cache
HIT
content-length
93182
x-amz-id-2
eHGrl3zqCH9WnU4aV1S8x3oExwLdBWSN3dCJpRc9RvMQPsTKsHqTtPK5Y/R1NmoAptI81yhn2Bw=
x-served-by
cache-yul12830-YUL
last-modified
Mon, 23 May 2022 21:28:01 GMT
server
AmazonS3
x-timer
S1656038519.304144,VS0,VE0
etag
"486857600edda0d13adb3f32de60ac0c"
vary
Accept-Encoding
x-amz-request-id
4XZGY5PPKE1SECEH
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
2
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		372 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bc857b4d0e88a228918bffcd18989a34eb6458bcde621e8ab7ef8754c6a0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126826
x-xss-protection
0
expires
Fri, 24 Jun 2022 02:41:59 GMT
pubads_impl_2022062201.js
securepubads.g.doubleclick.net/gpt/ 		373 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
sffe /
Resource Hash
a1ad79f8595bd0e292ee596db63d06f80e8a3ec4a6cf84621a4d2af673562a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57619
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129224
x-xss-protection
0
last-modified
Wed, 22 Jun 2022 08:35:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Jun 2023 10:41:40 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		232 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theonion.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
8d605ac6364a4cce77b9a2840829a2082070672a3041fbdcd49e832180ed19d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136
x-xss-protection
0
expires
Fri, 24 Jun 2022 02:41:59 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
scroll.js
static.scroll.com/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.scroll.com/js/scroll.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d7685d961a175a9df933dc1ecc9bb703db5496c5c442961232c2c204b126fcb3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:59 GMT
content-encoding
gzip
age
23740
x-guploader-uploadid
ADPycdtJ86Qr8Bm3yDA-Ao3TkRhDI-mQL8tI98ZwAH0UmVZ5psMW-QvLkozt-XjhSxJXPFDUH5h-6I5DzCEZ0_B67EE
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
6181
x-served-by
cache-yul12826-YUL
last-modified
Thu, 17 Mar 2022 20:05:53 GMT
server
UploadServer
x-timer
S1656038520.517766,VS0,VE0
etag
"1e95949e7c12b7ee6c5f4dd56d15b476"
vary
Origin
x-goog-hash
crc32c=S/xPEw==, md5=HpWUnnwSt+5sX03VbRW0dg==
x-goog-generation
1647547553107114
via
1.1 varnish
expires
Fri, 18 Mar 2022 20:05:53 GMT
cache-control
public, max-age=0, s-maxage=86400
access-control-allow-credentials
true
x-goog-stored-content-length
6181
accept-ranges
bytes
content-type
application/javascript
x-scrolljs
3
x-cache-hits
14097
apstag.js
c.amazon-adsystem.com/aax2/ 		140 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/trackers.5b8f6de4302beba68d06.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.210.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-210-121.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
134a42905c70de4301c37f3a6388c2e501b07742cb9ef79595b5f2ecee89e996

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:05:12 GMT
content-encoding
gzip
etag
W/"73003c74309d019875e3908fbf402f47"
last-modified
Thu, 09 Jun 2022 19:19:59 GMT
server
AmazonS3
age
2205
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 20f7ae61b5842910159e6955c9fef4b4.cloudfront.net (CloudFront), 1.1 e811c1e9e6ed756b98bfcf15c74f6bea.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
YTO50-C2, IAD79-C1
x-amz-cf-id
SToQRNx_Ei76weezjnX6zQDpJriaSsCl0e_owHLvnuoLgdMY163qOw==
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:6800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fa7d9bd2cb33c921b9344cccd91566456718083452bb63176be14d5c4357b2d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 01:40:44 GMT
content-encoding
gzip
last-modified
Fri, 24 Jun 2022 01:40:38 GMT
server
nginx
age
3675
etag
W/"62b51616-9200"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
IAD79-C1
x-amz-cf-id
fiEIn1QvnVBNrnQbA2HulHSHXxsskbxrkqxwzryPPgeA5RyFf4jqBA==
expires
Fri, 24 Jun 2022 03:40:44 GMT
tag
btloader.com/
Redirect Chain
  • https://kinja-com.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=kinja-com&upapi=true
13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=kinja-com&upapi=true
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04a003543a579ddf388564b183fc42330730565e014f2f9870eb63c9c587bf58

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1354
content-length
5675
last-modified
Fri, 24 Jun 2022 02:19:18 GMT
server
cloudflare
etag
"2d39b350e5e1cffebf6f46e4ecb7082c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YE4CGmFxBmBI6ptB3y0yjz9B5mCMbDFRAEqI0ESCB%2BD4%2Bx7ScwhwjfuohfepZwCFManrRhul2wYjr2pse0bg4gQYCEPavFeeBbHWqlDE%2FV%2FojOlTMOHwYMaFbLfkdfdlAoKz30iNP4c%2FCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400, no-transform
accept-ranges
bytes
cf-ray
72021b907a7e4bd0-YUL

Redirect headers

date
Fri, 24 Jun 2022 02:41:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYEHjIoSSoN2987N1m0efJKQNk2C1FsLdsfcrxMsh%2BhE8KC6RuxwrD71ZsNl6ru%2BQUKRD9vrAJ7LSeQU%2BquMOGriJGq46ej57Z5zHX11bbo8FzFiZ4ZvzMNOpAdYI6XqoMvgKo%2BEI2uLhv0yVDJWmKHGA%2BWFEqHXM7k%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=kinja-com&upapi=true
cache-control
max-age=3600
cf-ray
72021b8aff2bece6-YUL
expires
Fri, 24 Jun 2022 03:41:59 GMT
i.js
tag.bounceexchange.com/3645/ 		22 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/3645/i.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
78e6123d398df1e88034710dcc3591bb4acf4d6f621a00562d8d99defafcb8b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:41:12 GMT
content-encoding
gzip
age
47
x-envoy-upstream-service-time
0
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10680
access-control-allow-origin
*
server
istio-envoy
etag
c908880f85bbbd
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
via
1.1 google
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-63.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 07:52:13 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Thu, 09 Jun 2022 14:24:43 GMT
server
AmazonS3
age
67801
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1fa3f854976309f3d11907ad7125291a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-cf-id
QNwdpx0U9Hf21w8Q5A8xQ6ufnUryMciec3LXVUAJzR7_3KFl0Lv6JQ==
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzQyNTI5YjctYmEwYy00ODBjLTk5ZDYtY2YxNWE3YjUyNjNl&gdpr=0&gdpr_consent=&ttd_tdid=342529b7-ba0c-480c-99d6-cf15a...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=MzQyNTI5YjctYmEwYy00ODBjLTk5ZDYtY2YxNWE3YjUyNjNl&gdpr=0&gdpr_consent=&ttd_tdid=342529b7-ba0c-480c-99d6-cf1...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=342529b7-ba0c-480c-99d6-cf15a7b5263e&google_gid=CAESENilx0F5VvL7PFtWj1bSFHg&google_cver=1
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=342529b7-ba0c-480c-99d6-cf15a7b5263e&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=342529b7-ba0c-480c-99d6-cf15a7b5263e&expiration=1658630520&gdpr=0&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=342529b7-ba0c-480c-99d6-cf15a7b5263e&expiration=1658630520&gdpr=0&gdpr_consent=&C=1
43 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=342529b7-ba0c-480c-99d6-cf15a7b5263e&expiration=1658630520&gdpr=0&gdpr_consent=&C=1
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72021b966cefa20a-YYZ
pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnxAlIDOq4Lq2unsrfoy0t9QL39%2BKAz3tVDZvRj1Zc5Xn5Ecs%2BLJ9CVnF0MSrFDChpOwYHIQV145Z8qUd%2B0Idxq%2BfDrvD5kEvktrWBZgqFYUYwDkkXhzKSQQaDFCfC2RIO7X0CDzGzvHqA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6n6feoj%2BpUtNtImK0j8kiYJTRw8oFRrmyo4B8ELg2VshdjcSmjvpe9TJ7aRkSlBpc0BpwRyqSvK6sZFhJtQTnUOYVzLVey7db3GE27IaR3OiyTfwbK%2BdyZ98GteDXpgVJ%2F%2B84RhSQHg5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=39&external_user_id=342529b7-ba0c-480c-99d6-cf15a7b5263e&expiration=1658630520&gdpr=0&gdpr_consent=&C=1
cache-control
no-cache
cf-ray
72021b953b59a226-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
info
www.theonion.com/api/veritas/ 		95 B
719 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/api/veritas/info?pi=e317b28ff680d206e73f49db9e5a2d801a26d2b2&cb=1656038519978
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendors~trackers.bc8a247c4090bcf4745b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5db5a470d7bb2196090b1fbb97ed9d44386cf975e3538563698a369665dcf5c
Security Headers
Name Value
Content-Security-Policy default-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
0
x-cache
MISS, MISS
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
108
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000134-IAD, cache-yul12826-YUL
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-timer
S1656038520.983632,VS0,VE26
x-frame-options
DENY
date
Fri, 24 Jun 2022 02:42:00 GMT
vary
Accept-Encoding, Authorization, X-Valid-Scroll-User
content-type
application/json
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-cache-hits
0, 0
b
www.theonion.com/api/veritas/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/api/veritas/b?debug=0
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendors~trackers.bc8a247c4090bcf4745b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-Veritas-Version
1.0.23
Content-Encoding
gzip
Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-cache
MISS, MISS
x-ua-device
desktop
x-cdn-fetch
mantle-nocache
content-length
0
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000126-IAD, cache-yul12826-YUL
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-timer
S1656038520.990546,VS0,VE28
date
Fri, 24 Jun 2022 02:42:00 GMT
x-frame-options
DENY
cache-control
no-cache, no-store, private
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-cache-hits
0, 0
optimize.js
www.googleoptimize.com/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-W523ND3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH42LHK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
61af5383be54034e7824003c127930aa1dfe7c0fc3aee783aafb50a12df04a98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37777
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Jun 2022 02:42:00 GMT
gomedia_015a5_the_onion.js
cdn-magiclinks.trackonomics.net/client/static/v2/ 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:e200:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 11:41:35 GMT
content-encoding
gzip
last-modified
Thu, 23 Jun 2022 11:07:33 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
age
54025
etag
W/"17c61-5e21b75e9e639"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-pop
IAD79-C3
x-amz-cf-id
AXYTMRP8pOmuRuyLxYF_l9NhS28qzuPqCoSuPPYFYwIeNuhgIGjzpg==
via
1.1 f0312eca85d338806221bc299acb4e0a.cloudfront.net (CloudFront)
/
id.sv.rkdms.com/identity/ 		348 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=GOMEDIA&sv_domain=www.theonion.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.23.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-23-242.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
51369afbad2e903c1f66746fc82f39d7e4575f41b5085aca7dc9f48576affbf3

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 24 Jun 2022 02:42:00 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.20.2
vary
Accept-Encoding, Origin
content-type
application/json
identity
api.rlcdn.com/api/ 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
any
idx.liadm.com/idex/ie/ 		0
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/ie/any
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.184.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-184-125.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 24 Jun 2022 02:42:00 GMT
Request-Time
2
Server
nginx/1.18.0
Vary
Origin
Access-Control-Allow-Origin
https://www.theonion.com
Connection
keep-alive
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000; includeSubDomains
trace-id
f9f3158e25205fad
rid
match.adsrvr.org/track/ 		108 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183957&gdpr=0
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
f4539e54173149bbb80d122258adaf968064ba8424f62d17cfede1f68c08fdb5

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 24 Jul 2022 02:42:00 GMT
event.js
www.theonion.com/api/kala/t/ 		159 B
812 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/api/kala/t/event.js?e=eyJibG9nSWQiOiIxNjM2MDc5NTEwIiwiY29udGV4dElkIjoiMTYzNjA3OTUxMCIsInRhcmdldElkIjoiMTYzNjA3OTUxMCIsImNvbnRleHRUeXBlIjoiRlJPTlRQQUdFIiwiZXZlbnRUeXBlIjoiRlJPTlRQQUdFX1ZJRVciLCJ0YXJnZXRUeXBlIjoiRlJPTlRQQUdFIiwiZXZlbnRBdHRyaWJ1dGVzIjp7ImJsb2dOYW1lIjoid3d3LnRoZW9uaW9uLmNvbSIsImlzTG9nZ2VkSW4iOjB9LCJldmVudEF0dHJpYnV0ZXNFeHRlbmRlZCI6eyJyZXNwb25zaXZlVmVyc2lvbiI6IjEzNjQrIiwiZGV2aWNlQ2F0ZWdvcnkiOiJkZXNrdG9wIiwiYWRCbG9jayI6ImFkYmxvY2sgb2ZmIiwidGltZW91dCI6ZmFsc2UsInBvc3RzSW5TdHJlYW0iOlsiMTg0OTA5NDI1OCIsIjE4NDkwNzIxNzAiLCIxODQ5MDk0MjQ1IiwiMTg0OTAyMjI2NiIsIjE4NDkwMTcwMDciLCIxODQ5MDE1NzAwIiwiMTg0OTAyMjI2MyIsIjE4NDg5OTUwMTIiLCIxODQ5MDg5NDE0IiwiMTg0OTA4ODc4NCIsIjE4NDkwOTUyMjEiLCIxODQ5MDg5OTI0IiwiMTg0OTA5NTU0NCIsIjE4NDkwOTQ0MjIiLCIxODQ5MDU4Nzc1IiwiMTg0OTA5NTUzNyIsIjE4NDkwMjI1MjUiLCIxODQ5MDcyMjUxIiwiMTg0OTAyMzA4MiIsIjE4NDg5ODkxMDYiLCIxODQ4OTk1MDA3IiwiMTg0OTAyMjUxMSIsIjE4NDkwMjI1MTciLCIxODQ5MDcyMTAyIiwiMTg0OTA0MDU1NCIsIjE4NDkwMjM1MjQiLCIxODQ5MDE3MDAxIiwiMTg0OTA0ODQ2MCIsIjE4NDkwNTkzODAiLCIxODQ5MDU1NDk4IiwiMTg0OTA0MDUxMyIsIjE4NDkwMzQ3MjgiLCIxODQ5MTAwNjY3IiwiMTg0OTA5NTUzNyIsIjE4NDkwOTQ0MjIiLCIxODQ5MDk0MDg4IiwiMTg0ODk2OTI5MSIsIjE4NDkwMDQ3MzEiLCIxODQ4OTg3MjY1IiwiMTg0ODk4NzI1OSIsIjE4NDkwNTM0MDkiLCIxODQ5MDAzNjc3IiwiMTg0OTAyNDgyOSIsIjE4NDg3OTU4ODQiXSwic29ydGluZ1ZpZXciOiJkZWZhdWx0IiwicGFnZUluZGV4IjowfX0=&cb=781
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/curatedHomepage.621926a4eeea0ba3abc7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
beb323148aee40bdf1fd04fb5263d7971a5a37bf305f680346ec774fa4db3bfe
Security Headers
Name Value
Content-Security-Policy default-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-ua-device
desktop
x-kinja
kinja-kala-kube01-8df464c7d-5k4b6 #71
x-cdn-fetch
mantle-setcookie
content-length
154
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200039-IAD, cache-yul12830-YUL
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-timer
S1656038520.259260,VS0,VE18
x-frame-options
DENY
date
Fri, 24 Jun 2022 02:42:00 GMT
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-cache-hits
0, 0
event.js
www.theonion.com/api/kala/t/ 		159 B
443 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/api/kala/t/event.js?e=eyJibG9nSWQiOiIxNjM2MDc5NTEwIiwiY29udGV4dElkIjoiMTYzNjA3OTUxMCIsInRhcmdldElkIjoiMTYzNjA3OTUxMCIsImNvbnRleHRUeXBlIjoiRlJPTlRQQUdFIiwiZXZlbnRUeXBlIjoiU1RSRUFNX1ZJRVciLCJ0YXJnZXRUeXBlIjoiRlJPTlRQQUdFIiwiZXZlbnRBdHRyaWJ1dGVzIjp7ImJsb2dOYW1lIjoid3d3LnRoZW9uaW9uLmNvbSIsImlzTG9nZ2VkSW4iOjB9LCJldmVudEF0dHJpYnV0ZXNFeHRlbmRlZCI6eyJyZXNwb25zaXZlVmVyc2lvbiI6IjEzNjQrIiwiZGV2aWNlQ2F0ZWdvcnkiOiJkZXNrdG9wIiwiYWRCbG9jayI6ImFkYmxvY2sgb2ZmIiwidGltZW91dCI6ZmFsc2UsInBvc3RzSW5TdHJlYW0iOlsiMTg0OTA5NDI1OCIsIjE4NDkwNzIxNzAiLCIxODQ5MDk0MjQ1IiwiMTg0OTAyMjI2NiIsIjE4NDkwMTcwMDciLCIxODQ5MDE1NzAwIiwiMTg0OTAyMjI2MyIsIjE4NDg5OTUwMTIiLCIxODQ5MDg5NDE0IiwiMTg0OTA4ODc4NCIsIjE4NDkwOTUyMjEiLCIxODQ5MDg5OTI0IiwiMTg0OTA5NTU0NCIsIjE4NDkwOTQ0MjIiLCIxODQ5MDU4Nzc1IiwiMTg0OTA5NTUzNyIsIjE4NDkwMjI1MjUiLCIxODQ5MDcyMjUxIiwiMTg0OTAyMzA4MiIsIjE4NDg5ODkxMDYiLCIxODQ4OTk1MDA3IiwiMTg0OTAyMjUxMSIsIjE4NDkwMjI1MTciLCIxODQ5MDcyMTAyIiwiMTg0OTA0MDU1NCIsIjE4NDkwMjM1MjQiLCIxODQ5MDE3MDAxIiwiMTg0OTA0ODQ2MCIsIjE4NDkwNTkzODAiLCIxODQ5MDU1NDk4IiwiMTg0OTA0MDUxMyIsIjE4NDkwMzQ3MjgiLCIxODQ5MTAwNjY3IiwiMTg0OTA5NTUzNyIsIjE4NDkwOTQ0MjIiLCIxODQ5MDk0MDg4IiwiMTg0ODk2OTI5MSIsIjE4NDkwMDQ3MzEiLCIxODQ4OTg3MjY1IiwiMTg0ODk4NzI1OSIsIjE4NDkwNTM0MDkiLCIxODQ5MDAzNjc3IiwiMTg0OTAyNDgyOSIsIjE4NDg3OTU4ODQiXSwic29ydGluZ1ZpZXciOiJkZWZhdWx0IiwicGFnZUluZGV4IjowfX0=&cb=549
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/curatedHomepage.621926a4eeea0ba3abc7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3000b1b9efc5af18e1e72b35583b66dedf7a4e44906f570d200a8ecf765cbdd0
Security Headers
Name Value
Content-Security-Policy default-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-ua-device
desktop
x-kinja
kinja-kala-kube03-6fcc4654c8-bfhm7 #71
x-cdn-fetch
mantle-setcookie
content-length
153
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100045-IAD, cache-yul12830-YUL
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-timer
S1656038520.259487,VS0,VE19
x-frame-options
DENY
date
Fri, 24 Jun 2022 02:42:00 GMT
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-cache-hits
0, 0
video-html5~next-video-loader.3b2ea27bf76d2a448d5c.js
x.kinja-static.com/assets/new-client/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/video-html5~next-video-loader.3b2ea27bf76d2a448d5c.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09e5d7759c3bc652a195284481342562b628aace13850b643cc8ef5318abd58e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
52
via
1.1 varnish
x-cache
HIT
content-length
865
x-amz-id-2
Sf0uxdiaqK+HEr5GF6t6JbKLBr+7euAlB9QvUWk5B/AmfpGsVkMl7WMc8139EiOaqRMh8eBHmik=
x-served-by
cache-yul12830-YUL
last-modified
Mon, 20 Jun 2022 15:09:53 GMT
server
AmazonS3
x-timer
S1656038520.274482,VS0,VE0
etag
"a7a4144d9752f752f4839da9734c6781"
vary
Accept-Encoding
x-amz-request-id
CN0SFKVTHZB6ZFXT
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
158
next-video-loader.144c5cac5d121bf9b880.js
x.kinja-static.com/assets/new-client/ 		428 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/next-video-loader.144c5cac5d121bf9b880.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7eb54b19ce3206a32381d4fe45bd913fdbc714fd492c71d5d0721158a888fbc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
52
via
1.1 varnish
x-cache
HIT
content-length
229
x-amz-id-2
g94l30b91cmAtsm2gx9JG4i+Ax5bw7PYxC8m+HMO+wojRUebx4OGyAncaGu4DuSPttJXg6hmNGQ=
x-served-by
cache-yul12830-YUL
last-modified
Wed, 15 Jun 2022 21:39:58 GMT
server
AmazonS3
x-timer
S1656038520.274699,VS0,VE0
etag
"f5aaf61feff75acd461c085a222bf29f"
vary
Accept-Encoding
x-amz-request-id
P0Q59EPC4W5F13XW
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
2
api-video-meta.fbee63d6f5d237492dda.js
x.kinja-static.com/assets/new-client/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/api-video-meta.fbee63d6f5d237492dda.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1028692b99de9ad9b21a70d17cf2598418d30127bc0e78d94fecaf38328d53af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
120
via
1.1 varnish
x-cache
HIT
content-length
849
x-amz-id-2
ifzVRwXFuQXA3kVsGdtPEp+vmBnW/27VEo5phAqgqQq1/G/Yte3MMZy+yjMO/rBHXOobkG0fKPo=
x-served-by
cache-yul12830-YUL
last-modified
Thu, 09 Jun 2022 15:35:35 GMT
server
AmazonS3
x-timer
S1656038520.274712,VS0,VE0
etag
"150f7b5e11193eef320bb349590fb026"
vary
Accept-Encoding
x-amz-request-id
CWQ5WB248SV90J0K
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
2
sync
gum.criteo.com/ 		54 B
378 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&j=window.advBidxc.crt&gdpr=0&gdpr_consent=&us_privacy=&gdpr_pd=0
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=www.theonion.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
34fdabcecf8abe48ca921b23839ca6304ae4942011b527b1ec160a991d53bb53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1742
strict-transport-security
max-age=31536000; preload;
content-length
170
expires
60
tcb.js
contextual.media.net/ 		38 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/tcb.js?&cb=window.advBidxc.nativetemplatefetch&req=T31K017_300x250%7CT31K017_300x50%7CT31K017_300x600%7CT31K017_728x90&v=1
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=www.theonion.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8d3930c36cec3973ad57efc6aa7db089903983c71e5ca043e59e705fcbfe6895
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 24 Jun 2022 02:42:00 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
expires
Sun, 26 Jun 2022 02:42:00 GMT
cache-control
max-age=172800
content-length
7671
x-cache-hits
0
px.gif
contextual.media.net/ 		43 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/px.gif
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
last-modified
Wed, 19 Jul 2017 10:11:12 GMT
server
Apache
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
max-age=648228
accept-ranges
bytes
content-length
43
expires
Fri, 01 Jul 2022 14:45:48 GMT
px.gif
s.mnet-ad.net/ 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.mnet-ad.net/px.gif
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.59.26 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-34-59-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
last-modified
Wed, 19 Jul 2017 10:11:12 GMT
server
Apache
content-type
image/gif
cache-control
max-age=640311
accept-ranges
bytes
content-length
43
expires
Fri, 01 Jul 2022 12:33:51 GMT
publisher:getClientId
ampcid.google.ca/v1/ 		3 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
rtbsspub
xch.media.net/AdExchange/ 		41 KB
3 KB 		EventSource
General
Check archive.org
Download Go to
Full URL
https://xch.media.net/AdExchange/rtbsspub?&prvReqId=93459762552540281656038520341&gdpr=0&gdprconsent=0&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=283886783*23%7C728x90~970x250~970x90%7C1722916%7C18816313~18816313~18816313%7C%7C%7C1%40283886783*29%7C728x90~970x250~970x90%7C12156%7C317160_1626430_2~317160_1626430_45~317160_1626430_57%7C%7C%7C1%40283886783*96%7C728x90~970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C%7C%7C1%40283886783*106%7C728x90~970x250~970x90%7C541006788%7C541006797~541006797~541006797%7C%7C%7C1%40283886783*172%7C728x90~970x250~970x90%7C8CUL2TG3D%7C18685548~18685548~18685548%7C0.33%7C%7C1%40283886783*201%7C728x90~970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.37%7C%7C1%40283886783*203%7C728x90~970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.27%7C%7C1%40283886783*222%7C728x90~970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.37%7C%7C1%40283886783*236%7C728x90~970x250~970x90%7C159463%7C2927740_715385~2927740_715385~2927740_715385%7C0.33%7C%7C1%40283886783*246%7C728x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D%7C%7C%7C1%40283886783*251%7C970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C%7C%7C1%40637870534*23%7C300x250%7C1722916%7C18721845%7C%7C%7C1%40637870534*29%7C300x250%7C12156%7C314832_1606506_15%7C%7C%7C1%40637870534*96%7C300x250%7C8CUL2TG3D%7C637870534_8CUL2TG3D%7C%7C%7C1%40637870534*106%7C300x250%7C541006788%7C541006799%7C%7C%7C1%40637870534*172%7C300x250%7C8CUL2TG3D%7C18685609%7C0.33%7C%7C1%40637870534*201%7C728x90~300x250~320x50%7C8CUL2TG3D%7C637870534_8CUL2TG3D~637870534_8CUL2TG3D~637870534_8CUL2TG3D%7C0.37%7C%7C1%40637870534*203%7C300x250%7C8CUL2TG3D%7C637870534_8CUL2TG3D%7C0.27%7C%7C1%40637870534*222%7C728x90~300x250~320x50%7C8CUL2TG3D%7C637870534_8CUL2TG3D~637870534_8CUL2TG3D~637870534_8CUL2TG3D%7C0.37%7C%7C1%40637870534*236%7C300x250%7C159463%7C2927740_715385%7C0.33%7C%7C1%40637870534*246%7C300x250%7C8CUL2TG3D%7C637870534_8CUL2TG3D%7C%7C%7C1%40637870534*251%7C300x250%7C8CUL2TG3D%7C637870534_8CUL2TG3D%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.5189313233808188&tscode=1&crid=283886783%2C637870534&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.theonion.com&https=1&requrl=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520priority%252011&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=headerBid&cc=CA&ct=MONTREAL&rc=QC&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=300&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0&switch=1
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.136.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.136.107.34.bc.googleusercontent.com
Software
/
Resource Hash
ad4445bb8aefb0915922290b47212311edcd2931fcf8f22f59588be7ddc81ead

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:00 GMT
content-encoding
gzip
vary
accept-encoding
content-type
text/event-stream;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
Sat, 15 Nov 2008 16:00:00 GMT
rtbsspub
xch.media.net/AdExchange/ 		11 KB
2 KB 		EventSource
General
Check archive.org
Download Go to
Full URL
https://xch.media.net/AdExchange/rtbsspub?&prvReqId=36525199358584451656038520345&gdpr=0&gdprconsent=0&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=637870534*23%7C300x250%7C1722916%7C18721845%7C%7C%7C1%40637870534*29%7C300x250%7C12156%7C314832_1606506_15%7C%7C%7C1%40637870534*96%7C300x250%7C8CUL2TG3D%7C637870534_8CUL2TG3D%7C%7C%7C1%40637870534*106%7C300x250%7C541006788%7C541006799%7C%7C%7C1%40637870534*172%7C300x250%7C8CUL2TG3D%7C18685609%7C0.33%7C%7C1%40637870534*222%7C728x90~300x250~320x50%7C8CUL2TG3D%7C637870534_8CUL2TG3D~637870534_8CUL2TG3D~637870534_8CUL2TG3D%7C0.37%7C%7C1%40637870534*236%7C300x250%7C159463%7C2927740_715385%7C0.33%7C%7C1%40637870534*251%7C300x250%7C8CUL2TG3D%7C637870534_8CUL2TG3D%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.8081290820656017&tscode=1&crid=637870534&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.theonion.com&https=1&requrl=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520priority%252011&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=cache&cc=CA&ct=MONTREAL&rc=QC&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.136.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.136.107.34.bc.googleusercontent.com
Software
/
Resource Hash
a2f27733e05a3a7058b6bd3d8f99b383d3a2761d04338ed5727a2f2c2bb6195c

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:00 GMT
content-encoding
gzip
vary
accept-encoding
content-type
text/event-stream;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
Sat, 15 Nov 2008 16:00:00 GMT
bridge3.519.0_en.html
imasdk.googleapis.com/js/core/ Frame 6F52 		633 KB
204 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.519.0_en.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23279b70cc075a69239a1a0b47d9e2354c8a2e5debe828fee80aa8a84dc721d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
284725
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209290
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Jun 2022 19:36:35 GMT
expires
Tue, 20 Jun 2023 19:36:35 GMT
last-modified
Tue, 14 Jun 2022 17:19:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Jun 2022 02:42:00 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif
headerstats
as-sec.casalemedia.com/ 		0
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=365217&u=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&v=3
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:00 GMT
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.theonion.com
X-CS-CLIENT-GEO
19
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
19
Expires
Fri, 24 Jun 2022 02:42:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?aot=ob&tte=f&lid=158&sdkv=h.3.519.0&e=44730464%2C44760950%2C44761692%2C44762462&id=ima_html5&c=2019415807298329&domain=www.theonion.com
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ijs_all_modules_cjs_min_93e19add939072ce7939b1254c440756.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		607 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_93e19add939072ce7939b1254c440756.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0ca04cbc52d0db4ddb0d13e73d51964a224c66c2474738af21c36839a3c15dda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 17:06:38 GMT
content-encoding
br
age
34522
x-guploader-uploadid
ADPycduAskQWEExlaqm2LJ0JvuxfVHsjc_77XaN8KeNGoawaRSdcc8shLAHUmCnwtKyWaJoTVWma8WKz4c3g24QTUv-j8fVcaT0D
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119829
last-modified
Wed, 22 Jun 2022 20:04:43 GMT
server
UploadServer
etag
"f33abe7e4e1a0a8f761e2cbe64ec2322"
x-goog-hash
crc32c=2sXyxQ==, md5=8zq+fk4aCo92Hiy+ZOwjIg==
x-goog-generation
1655928283474894
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
119829
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 23 Jun 2023 17:06:38 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6770184&cs_it=b3&cv=3.8.0.210223&ns__t=1656038520663&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.165...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&cs_it=b3&cv=3.8.0.210223&ns__t=1656038520663&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.16...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&cs_it=b3&cv=3.8.0.210223&ns__t=1656038520663&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&c8=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&c9=
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Server
52.85.151.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-63.iad89.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
via
1.1 1fa3f854976309f3d11907ad7125291a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-cf-id
hPPYiC2GkJ90JfjJClAsZ3ZxIs59FiiFuTza3wALX_qMUEUdJf_8LA==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=6770184&cs_it=b3&cv=3.8.0.210223&ns__t=1656038520663&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&c8=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&c9=
date
Fri, 24 Jun 2022 02:42:00 GMT
via
1.1 1fa3f854976309f3d11907ad7125291a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
content-length
0
x-amz-cf-id
xZ17Z9rWJgZqNNx1i6Nh1fjj9ra25-CP7tpNBWVVPeVJCuqoTW816A==
x-cache
Miss from cloudfront
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=theonion.com&p=%2F&u=BGDb_GcX84QDEWXIj&d=theonion.com&g=3012&g0=www.theonion.com&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6007&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1941&t=BV_TGUBSv3roCdjV3RCmyzOPB7YrMZ&V=135&i=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&tz=0&sn=1&sv=BhAzgYDurqwUBlkWXzwCaxU9CIR9&sd=1&im=067b2ef3&_
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.59.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-59-172.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:00 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
config
c.amazon-adsystem.com/cdn/prod/ 		844 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3076&u=https%3A%2F%2Fwww.theonion.com
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.210.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-210-121.iad79.r.cloudfront.net
Software
Server /
Resource Hash
f23a96343ab17bfed4aef1d6e9afd72ef022992bbc56466cbab5f1f20260d302

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 21:56:12 GMT
via
1.1 e811c1e9e6ed756b98bfcf15c74f6bea.cloudfront.net (CloudFront)
server
Server
age
17148
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
IAD79-C1
content-length
844
x-amz-cf-id
_R1XYXNbd1aovxGSuBh8Fjgf58LPh1NRryPhIKTqJB7vnqoTxUAFfw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.210.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-210-121.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 07:38:22 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
68619
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 16 Jun 2022 07:15:00 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
V0pVBg0mlfLR15rr7Wd2OdbBwvWb7BSE
via
1.1 3b8e0d5ce152e011bcc1dba2235e26b8.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
IAD79-C1
content-type
application/javascript
x-amz-cf-id
oA3t9p3R66fEoOccOtsGnaZhOcZmb7j3k3N6zlg_7z8PyPO_89JW9A==
bid
c.amazon-adsystem.com/e/dtb/ 		138 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&pid=9lnvNgCyVi2C0&cb=0&ws=1600x1200&v=8.0.1&t=1000&slots=%5B%7B%22sd%22%3A%22dfp-ad-1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x251%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_top-banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.210.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-210-121.iad79.r.cloudfront.net
Software
Server /
Resource Hash
2a9b5af79946512402b6b8336c785370b6a7ae3fc45e4625e84555856cf7872b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
via
1.1 e811c1e9e6ed756b98bfcf15c74f6bea.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD79-C1
x-amz-rid
KYV35VBBQAJXSGXG7Y95
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
138
x-amz-cf-id
HSCwZ75ijMHVRVUwd_1D9WuJJt18WEBxU-MWpHOrktQ6ysS1iQoHmw==
config
prebid.media.net/rtb/prebid/analytics/ 		72 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid/analytics/config?cid=8CU74RYRS&dn=www.theonion.com
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
becaecc6663d091f14a00c80317ebc9fa3beeab411becf786f6df9f266192a6a

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
max-age=900, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
expires
Fri, 24 Jun 2022 02:57:00 GMT
pub
pixel.adsafeprotected.com/services/ 		284 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-1,ss:%5B970.250,970.251,970.90,728.90%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F%253F_ga%253D2.7348274.1424516059.1655742986-168588755.1655480028%252520Priority%25252011
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.180.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-180-220.compute-1.amazonaws.com
Software
nginx /
Resource Hash
88cc184af2fe5d0dca6d0b82d4095c1e3186ee14e54b2ff5bf6ec94f308134ed

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
x-server-name
app02.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
log
hblg.media.net/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=abdlog&itype=HB&adt=desktop&cid=8CUL2TG3D&ct=MONTREAL&cc=CA&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=theonion.com&servname=ssp-serving-cc697fd98-k8l5s&svr=062313_386_062313_358_ssp&sc=QC&version=4&vh=1200&vw=1600&vsid=&vid=00001656038520316025035145555695&sspAbBucket=CONTROL&lw=0&dapp=green&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=&gdpr=0&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&abte=SSP_CLIENT&abd=2&cabd=0&dabd=2&dend=487&cend=37&end=155&dstart=37&cstart=37&start=37&requrl=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&kwrf=
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:00 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 24 Jun 2022 02:42:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=769201105&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABlAQCAC~&jid=1091827694&gjid=1920902205&cid=1583285708.1656038521&tid=UA-223393-1&_gid=458885652.1656038521&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd39=none&cd40=-2&cd42=none&cd43=none&cd48=%3F&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd134=1&z=125779928
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=769201105&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABlAQCAC~&jid=1231804297&gjid=763499211&cid=1583285708.1656038521&tid=UA-142218-33&_gid=458885652.1656038521&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd39=none&cd40=-2&cd42=none&cd43=none&cd48=%3F&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd134=1&z=691375271
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=769201105&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=Video%20Load&el=kinjavideo-191132&_u=aGDICEABlAQCAC~&jid=609811387&gjid=1863199996&cid=1583285708.1656038521&tid=UA-142218-33&_gid=458885652.1656038521&_r=1&cd39=&cd40=&cd42=191132&cd50=html5&cd83=curatedHomepage&cd101=theonion&cd105=The%20Onion&cd111=0&cd134=true&cd16=curatedHomepage&cd22=&cd41=clip&cd44=56-60&cd45=What%20Is%20The%20%23KillYourDad%20Challenge%3F&cd62=none&cd63=www.theonion.com%2F&cd65=0&cd89=&cd120=the%20onion&cd121=default&cd122=&cd129=Kinja&z=1328652815
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
px.gif
ad-delivery.net/ 		43 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Fri, 24 Jun 2022 02:42:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1050568
x-guploader-uploadid
ADPycdupfa7KCtOe0TVtQ1XEXjEqBcYS55h5xltmciWkwyT05QVbX3hl2G6BY1wwXXVxP-9l4WeFTPgHVnUrgCoq0nDtipi3Jg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tv%2BGZ38YDHPk5aljXgKYiSlQMBX0Wjx4GF6rNmvl9UoF71E8yNkz7Rg9PrFGPw2yhma3%2BKNvGiZ0yIVCU3BuNaUhX%2BJEqBZyYoSCh7PW2%2F1HnSpb%2FozwJTN60oL%2B3Dg0h04uZqfhH0RQDu5qoA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
72021b9378767142-YUL
expires
Sat, 11 Jun 2022 23:08:34 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 17:40:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32495
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Jun 2022 17:40:25 GMT
px.gif
ad-delivery.net/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.14561804320510108
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Fri, 24 Jun 2022 02:42:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1050568
x-guploader-uploadid
ADPycdupfa7KCtOe0TVtQ1XEXjEqBcYS55h5xltmciWkwyT05QVbX3hl2G6BY1wwXXVxP-9l4WeFTPgHVnUrgCoq0nDtipi3Jg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h50UReTNnq2sTJb%2Fx0hzA264hswBhK6xxP%2BLOUL8EHKspUkkfqgp3vyx8zFuWRJuDtoqPUGDIs88GRm0D4esX4CjxIVmSUq5cMGjwHeaPp3J0I3mApfR8pjOvUmbnHvOpkIJ6Dh1k3MMe5U8sA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
72021b9378797142-YUL
expires
Sat, 11 Jun 2022 23:08:34 GMT
rtbsspub
xch.media.net/AdExchange/ 		5 KB
1 KB 		EventSource
General
Check archive.org
Download Go to
Full URL
https://xch.media.net/AdExchange/rtbsspub?&prvReqId=80512806145613981656038520824&gdpr=0&gdprconsent=0&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=283886783*97%7C728x90~970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.54%7C%7C1%40637870534*97%7C728x90~300x250~320x50%7C8CUL2TG3D%7C637870534_8CUL2TG3D~637870534_8CUL2TG3D~637870534_8CUL2TG3D%7C0.54%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.45251856920012945&tscode=1&crid=283886783%2C637870534&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.theonion.com&https=1&requrl=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520priority%252011&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=headerBid&cc=CA&ct=MONTREAL&rc=QC&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=300&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.136.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.136.107.34.bc.googleusercontent.com
Software
/
Resource Hash
ecca2db6293aeb8d4af72107cb4ddfe7236fdef4f866e7d76668b17d6433d4dc

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:00 GMT
content-encoding
gzip
vary
accept-encoding
content-type
text/event-stream;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
Sat, 15 Nov 2008 16:00:00 GMT
rtbsspub
xch.media.net/AdExchange/ 		3 KB
1 KB 		EventSource
General
Check archive.org
Download Go to
Full URL
https://xch.media.net/AdExchange/rtbsspub?&prvReqId=84551907672961911656038520825&gdpr=0&gdprconsent=0&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=637870534*97%7C728x90~300x250~320x50%7C8CUL2TG3D%7C637870534_8CUL2TG3D~637870534_8CUL2TG3D~637870534_8CUL2TG3D%7C0.54%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.3746725284683037&tscode=1&crid=637870534&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.theonion.com&https=1&requrl=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520priority%252011&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=cache&cc=CA&ct=MONTREAL&rc=QC&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.136.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.136.107.34.bc.googleusercontent.com
Software
/
Resource Hash
883d627e0da276e00b4d73dc684f283cfb7d537a59ef01dd28432034942c7a19

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:00 GMT
content-encoding
gzip
vary
accept-encoding
content-type
text/event-stream;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
Sat, 15 Nov 2008 16:00:00 GMT
ats.js
ats.rlcdn.com/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-54.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 09:51:38 GMT
content-encoding
gzip
age
60624
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
via
1.1 16f689172b396b7e266a396b6b5d6754.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
IAD50-C2
content-type
application/x-javascript
x-amz-cf-id
r6KKZlYwiKgQ1h9n0ZvJ-AWMjxw9LA23G2djZDva0AdNzeR0XHa9bg==
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-142218-33&cid=1583285708.1656038521&jid=609811387&gjid=1863199996&_gid=458885652.1656038521&_u=aGDICEABlAQCAC~&z=1775602244
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 24 Jun 2022 02:42:00 GMT
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-142218-33&cid=1583285708.1656038521&jid=1231804297&gjid=763499211&_gid=458885652.1656038521&_u=aGDACEABlAQCAC~&z=1291368528
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 24 Jun 2022 02:42:00 GMT
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-223393-1&cid=1583285708.1656038521&jid=1091827694&gjid=1920902205&_gid=458885652.1656038521&_u=aGDACEAAlAQCAC~&z=216167039
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 24 Jun 2022 02:42:00 GMT
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		479 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392270&zone_id=2189722&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&kw=TheOnion&tg_i.ref=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&tg_i.page=https%3A%2F%2Fwww.theonion.com%2F&tg_i.domain=theonion.com&tg_i.pbadslot=%2F4246%2Ffmg.onion%2Ffrontpage&tk_flint=pbjs_lite_v6.16.0&x_source.tid=3eca12dd-efad-49e6-9fda-bec91c3dba4c&l_pb_bid_id=2836f5554ae84a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4246%2Ffmg.onion%2Ffrontpage&slots=1&rand=0.7943650282776684
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7994405d1523f6daebb92e945c9301ff76d0ec0797cc5feac0aeed5a8230183b

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:01 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.theonion.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
479
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
fusion-media-group-d.openx.net/w/1.0/ 		173 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3eca12dd-efad-49e6-9fda-bec91c3dba4c&nocache=1656038520966&aus=970x250%2C970x251%2C970x90%2C728x90&divids=dfp-ad-1&aucs=%252F4246%252Ffmg.onion%252Ffrontpage&auid=545727625
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
ca192dfac9cd86a22ece1f99cb1f3bc0042a78062dd0efcc75f5c3994f48f0d7

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.theonion.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a71120f0035f&pos=d-atf-top-728x90_970x250_970x90_2&cmd=bid&secure=1
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
009801fbd69b1ae8aa64ff505b0b574639b29687607c4886ecf305173726111d

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a71120f0035f&pos=top_banner_728x90&cmd=bid&secure=1
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
fa2a1fe1c0e3d33b927e32303167b4fd3627841e07729749019677cbfed23738

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a71120f0035f&pos=d-atf-top-728x90_970x250_970x90_3&cmd=bid&secure=1
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
5cda4d2f6d3370bcd7037f155ab99b0a169216fb24beae59273e96a208ada2f1

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a71120f0035f&pos=d-atf-top-728x90_970x250_970x90_1&cmd=bid&secure=1
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
ff22771b825d214b07ef4ea19e28ae0fa1b434d7f01f07cdd1720e8fa4d1bdee

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
content-length
62
cdb
bidder.criteo.com/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.16.0&cb=73414530361
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
hbjson
grid.bidswitch.net/ 		24 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c26bc2777466506b367f46437b9780bba7bd174e1eb5f097956a9683023107f9

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Jun 2022 02:42:01 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
cygnus
htlb.casalemedia.com/ 		36 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=727144&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2214b7d0fe022f6b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011%22%2C%22domain%22%3A%22theonion.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%2C%22keywords%22%3A%22TheOnion%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.16.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22157f8d76de38f0e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22727144%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A251%2C%22ext%22%3A%7B%22siteID%22%3A%22727144%22%2C%22sid%22%3A%22970x251%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22727144%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22727144%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22342529b7-ba0c-480c-99d6-cf15a7b5263e%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22TRUE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-05-24T02%3A42%3A00%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22merkleinc.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22EFDA1341291B291D3A70BC9FC62131A0FC1C873C06579300B7C465F336B1EE61%22%2C%22ext%22%3A%7B%22enc%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f9cfd831bac63a8fb2113e8e6bb303f8e8585db21e60adcf4a75a910d7de5cb

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XtFkWGC40FuMWkA6R1Z2a0Rnzc1IoeF9WwZCA%2BoDjiK%2BCZbuMlZmUDK1AHKqO8fqNhUHWxM7nxNJMCu6MVMWsskPNYptk52lF7tnnZMaaeUF2g4rsGhgt2sYGrvy0gVgg1kZPD%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
72021b94bed13fd8-YYZ
expires
0
auction
tlx.3lift.com/header/ 		19 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.16.0&referrer=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&tmax=1000
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.91.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-91-74.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 24 Jun 2022 02:42:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
ads.resetsrv.com/ 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.resetsrv.com/
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.21.53 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 24 Jun 2022 02:42:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-methods
GET, POST
content-type
text/html
prebid
prebid.media.net/rtb/ 		1 KB
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU74RYRS
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
afe80cc4efffa62ffc67e3a61179939c08d3fa2d207b5edbe0aa1a856cb16534

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		139 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.87 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
936add2ae980ead3784809a3cd9d76d3bb7a93685c5a6570b8613955608486cf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:01 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fa7875fa-be40-437c-9471-3d4bb77c5202
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.theonion.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
new
px.britepool.com/ 		0
0
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=YLbMlZgn&w=5197056576585728&o=5726495427264512&cv=2.0.9-1-g2cac8e3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&upapi=true
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Jun 2022 02:42:01 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
iu3
s.amazon-adsystem.com/ Frame 2B86
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&dcc=t
290 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&dcc=t
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
878eca272b777cc8477c5230448c0699fa5ab65ea0078eb81c252f7edc52dad2
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
290
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 24 Jun 2022 02:42:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
19T5N50HZM065PE50E20

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 24 Jun 2022 02:42:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&dcc=t
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
PNF4XAWW7ZYR0DJP3DZY
/
data.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.cdnbasket.net/
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.175.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.175.117.34.bc.googleusercontent.com
Software
/
Resource Hash
a88b04c6028922191091e1e99b45742294f56636bfd0324263f123b2c8bc30c0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:01 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
page.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://page.cdnbasket.net/
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.120.234.209 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
209.234.120.34.bc.googleusercontent.com
Software
/
Resource Hash
2afe57c56ff07cfc14c5f6fe8bbc9aebb4f29feef122bca929fd741d996a1c77

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:01 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
view.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://view.cdnbasket.net/
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.148.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.148.149.34.bc.googleusercontent.com
Software
/
Resource Hash
5d8b255182de2684e2e17f2d36273f83d72287116879d7ef038c4c24dee84cee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:01 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142218-33&cid=1583285708.1656038521&jid=609811387&_u=aGDICEABlAQCAC~&z=2013758717
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142218-33&cid=1583285708.1656038521&jid=609811387&_u=aGDICEABlAQCAC~&z=2013758717
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142218-33&cid=1583285708.1656038521&jid=1231804297&_u=aGDACEABlAQCAC~&z=895820968
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142218-33&cid=1583285708.1656038521&jid=1231804297&_u=aGDACEABlAQCAC~&z=895820968
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/?_ga=2.7348274.1424516059.1655742986-168588755.1655480028%20Priority%2011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame 5FF7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
1305685
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
gzip
content-length
1055
content-type
text/html; charset=UTF-8
date
Thu, 09 Jun 2022 00:00:36 GMT
etag
"3a518743cd4090cd45b81d96df5ca6a7"
expires
Fri, 09 Jun 2023 00:00:36 GMT
last-modified
Mon, 06 Jun 2022 12:59:32 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1654520372225276
x-goog-hash
crc32c=1T6/Tg== md5=OlGHQ81AkM1FuB2W31ympw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1055
x-guploader-uploadid
ADPycdvpCg_xCoS40ekYbeiIGfuj4SCRGct9vAOpoyrldGcTVwTUsbEImWaZCOyRV_n7Upz8RWN0X_6_yRKoUbXWtvt-iA
/
geo.privacymanager.io/ 		30 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-120.iad79.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 18:20:42 GMT
via
1.1 9b097dfab92228268a37145aac5629c0.cloudfront.net (CloudFront), 1.1 39174a6a452e175e6e614ff396a4ca4e.cloudfront.net (CloudFront)
age
30079
x-amzn-requestid
68da8180-25cc-40d0-ad83-358387964b48
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62b4aefa-0c350113232ee43620d81169;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
IAD89-C1, IAD79-C1
x-amz-apigw-id
UMBHKFvJDoEF0Fw=
content-length
30
x-amz-cf-id
t7nrkLWcAmY5fob1OCXP3HPIdQs7CZg-GoKJTYYGE9oCkkyjOB5Z9A==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
init1.js
api.bounceexchange.com/bounce/ 		89 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=526&wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwCspADAMwAc5ATMceQCzbABeIUV2AdyQAjAmmBIA+mgRQapNuWwAnJARAAbGMDQg4JalQAexRlX6qUSZauVQ8AQw0aMAc0kxlGqAAtgwAAcCAFIaAEFgxgAxSKiBeIA6YB8kPV04BNwQAFtY0KjJVwdQgBFGBIB2GjY6Rgq2BOI2RkUyKnIATkaKcnrGDrpSAFoyBjo6CvJybqma80Y6SKYqAAVlXXXgAE8lsxZsADc0MWBJLJAAazQkKGCKgCFIxg0Ap9CIxkY-QJDGcnDdjE-tF4gIkik0npMjlAUsaAUinCypVqrV6o1mq1qJ0Zr1mgNhqNyONJtMyLM6PNFsDlmsNuIdjS9sQ3owAMJPZRvAGfN4VEp4ECXa63B53AUHBzKAgAbQQKACkmUwg0IFwFwAulA4CBTqoHAgtoLhVJQCBJBopa4bignAQkNhhAE+NgkIEoDKNdgAoR7FlsgEXA44LgpChLa57AcfA4oEA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
63a7de33b0b878b6a99ff9129132bd58adddd1d9c94312ed74212d730f0285ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
content-encoding
gzip
last-modified
Fri, 24 Jun 2022 02:42:01 GMT
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
9
content-type
text/javascript;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
0
pr
s.amazon-adsystem.com/v3/ Frame FF64 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8df11986d9c304a2d7364ca836107597a47f032809e24dad86fc03486c8fbadf
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1920
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 24 Jun 2022 02:42:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
PNWG1MMFRVCKPGXVCCKG
usermatch
ssum-sec.casalemedia.com/ Frame 20B8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
abaab5f3c359d6a476edcedc9e159956652bae284abe355f1774aa2fc1316dfd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1842
Content-Type
text/html
Date
Fri, 24 Jun 2022 02:42:01 GMT
Dropped-Udsids
39|45|230|241|196|31|190|131
Expires
Fri, 24 Jun 2022 02:42:01 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
324
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 24 Jun 2022 02:42:01 GMT
Expires
Fri, 24 Jun 2022 02:42:01 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 539D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=53143
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 02:42:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 24 Jun 2022 17:27:44 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 3CA5 		971 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.206.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-206-228.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8628ce0be54c615bcf7cfef10e7306141208b6c0302fd60d32794cd4a2b03e42

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
syncb
sync.bfmio.com/ Frame FAC5 		812 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/syncb?pid=137
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.86.123.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-123-228.compute-1.amazonaws.com
Software
/
Resource Hash
84c742aec98cc6e80ec9c48994c6bf8e47d05f49210895536158df9d9baab8d0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
812
Content-Type
text/html
Date
Fri, 24 Jun 2022 02:42:00 GMT
usync.html
eus.rubiconproject.com/ Frame B8A4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 24 Jun 2022 02:42:01 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 9ABF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS15bFh3Mnl0RTJ1SzRYazZHRW1KaU90ZG50OU1rckNmLn5B
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS15bFh3Mnl0RTJ1SzRYazZHRW1KaU90ZG50OU1rckNmLn5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 24 Jun 2022 02:42:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
TR7WZ610SVJB0FNKC2NK

Redirect headers

age
0
content-length
0
date
Fri, 24 Jun 2022 02:42:01 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS15bFh3Mnl0RTJ1SzRYazZHRW1KaU90ZG50OU1rckNmLn5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.0.46
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame 2B8B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=780750410301151874&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=780750410301151874&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 24 Jun 2022 02:42:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
PPMVHR58FMKB0GZ17Z6Q

Redirect headers

AN-X-Request-Uuid
e1f704a2-3969-4911-bc7e-444f3eb2a0e9
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 24 Jun 2022 02:42:01 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=780750410301151874&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame E13A
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2361227759780991366806
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2361227759780991366806
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_bf_rbd_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 24 Jun 2022 02:42:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
DK9WB02JDWTHZKDC072T

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 24 Jun 2022 02:42:01 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2361227759780991366806
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c
ids.cdnwidget.com/ 		463 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=081221004&GCS2=MWI3MmMxODEtY2E3Yy00NTI2LWE2NDEtNDg4MmI5Mzc3NDY0LmxvY2Fs&pe=false&wsid=3645&varID=0opv6&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Afalse%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A3645%2C%22loadID%22%3A%22QmdrRFyUyrk58zS%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A8%2C%22IDStageStart%22%3A8%2C%22obsReqdata%22%3A116%2C%22obsReqpage%22%3A117%2C%22obsReqview%22%3A119%2C%22netComplete%22%3A194%2C%22IDStagePrefire%22%3A194%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.191.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.191.107.34.bc.googleusercontent.com
Software
/
Resource Hash
1eee0ebb0f62102fc8a60b840040879ec2006393a094e14246e614ad2d786787

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 24 Jun 2022 02:42:01 GMT
content-encoding
gzip
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
application/json
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 18FF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=53143
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 02:42:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 24 Jun 2022 17:27:44 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
visit
events.bouncex.net/track.gif/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLppORZGemZVGXo5NgBlFAAzFCQQJ3K3DwAyUAgYJAQa5G6kHHbwKGgKPh40U3QEWCRSHDTISFNhanLjGno6TboBPcZINIQCTBATxnjsndpNuVoAfTQqNbkAEWpGFzl1AA5qF3UjEk6mo6noklK9AAnEDVPR6ADqFCfqoALQQn70H4-Fzw2Hw37MZjUH40BQABQaBAakAAnmTJJIhp1oN0wARSLBIGdMLocBCicyRmyOVyebT+TpmEKYPF4JBssB6iAUDZLGAcJQXNpqLwaqZ7kg1QREjRqPINtRqJgCJBDQgULx6Vata8ZdBLgQIiAEJrtWaasBIGaLRD6KU5JjqJIQmbQLwQ3JjGGI1HJNHw3JzdRQlaUARE8ZWDmzaRTIWzYtlqt1tdrnsBAcjiceRcrmtti8Hk9bu9Pt8-gCgSCwQLofiESDkWiMVicXiw-RCcTSdQKVSac6FIyQyW86tzUni7nqMBTMBCzG97qK1aEy7r0hb9nsyf4kHL3DU1sryeIPfD2MdFYytNB4ifF0k00a8skLY8zV4EAAItM1VDkKE5GBTCXDWVQcRcKF1BcVdX1LD9IOTL9mEjH8QNPCt-RcV5XVaeBkGmbBoBsTIhGQHB0kyHJWMQVAME44BkAgE5+WowpilKIo5GE9ixJgCwUEgGpqSyHAVH4IQpGlNjRKwGBeAQUB4gQOlTF9cywAiBVTFaOUwAVHIkGgNIUDAS5MAkpBIAQXgcGlDACA9AhYGwJBaUucz+OMVpwsi6LIFi+KEDkRKRGS45Upi2lMBQHJ+JQYreBQPKIu6NAeRwABFYJqtZBA6pOYrSoa2BbASFr4igCVCBih1SBa0wCDclBSEynAfDkGJ+pOblMFM2aRCSrICAS6UBFsToECQnAPDBGUjpTai0wzNDqFaczLMOkK0IwrDJBw8N8MI4jWimDBQAQARztaRAAEceswKyjuleJwlM7kcimrJTH5KiaOjXCXNh7AUFMEAAqkzAcEgdAlPukArJwXhgaipAKb2mxWg43BjKAA
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1N8jAdLthAPYB2MXTAxuwC29MjQD6YEGQAiVJgHZSAFgAcVeUqYBGJVSUBWLQDYADPoCc2o-v0aq5lUYC0xlfpUr5NqzdUmTVCrU+lQmAAqoPJG4AJ7BoVpaAGSgkLAIiHzIhLhCUCCRIABG6BCEmMTyAELUVAAmAGbAYqgl7HwA1rVklFRUnOy4LRAgdXF9ldIp4NBwSALsHXCEMABeEJjqRkmC7HUbJknwEEUruBAwdZikRgZJsGeXmMb6pqRuVFqfr6RUSfuwPgXK5GUjmUg6CHyKivTzycxKeQqaZpOZPZKECAAR2QEE4QPRST46DgnHwMEEZVwIEEwGe1jeHy+7iJJLx1OAMCgEFQKy4mGpYFI-1mQMwdSShHYaDFxyKSRmZMw2R5QA
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sync
ssp.behave.com/
Redirect Chain
  • https://ssp.behave.com/push_sync
  • https://ssp.behave.com/ul_cb/push_sync
  • https://x.bidswitch.net/sync?ssp=bouncex
  • https://x.bidswitch.net/ul_cb/sync?ssp=bouncex
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=bouncex&bsw_custom_parameter=abbb20c6-a377-431a-8a32-714fe18ade85
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=f695d2b3-56c5-450f-b5f3-85ab36eefe0a&ssp=bouncex&bsw_param=abbb20c6-a377-431a-8a32-714fe18ade85
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=ecba0b5f-e39d-49d2-9913-8b700ad86555
43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.behave.com/sync?tp_id=2&tp_uid=ecba0b5f-e39d-49d2-9913-8b700ad86555
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
HTTP/1.1
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 02:42:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//ssp.behave.com/sync?tp_id=2&tp_uid=ecba0b5f-e39d-49d2-9913-8b700ad86555
Date
Fri, 24 Jun 2022 02:42:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame B8A4 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b2951f530d41c1f5b6f5fe1ac77f6948c4f5936c424442cf408d796e50944afd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 02:42:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71120
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9456
Expires
Fri, 24 Jun 2022 22:27:21 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 539D 		60 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f0ebb5be95d86d4c05f3e6888a6b46e39f3ddb32404956a96dd18ab4dd1e12b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
cache-control
private
expires
Wed, 21 Sep 2022 19:37:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
60
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 18FF 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63070703&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3a31965c2ec17cdc744cfa7e644a06a6bdc40be870996427d1a808efbd161b3b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
sync.bfmio.com/ Frame FAC5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=342529b7-ba0c-480c-99d6-cf15a7b5263e
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=342529b7-ba0c-480c-99d6-cf15a7b5263e
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
3.86.123.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-123-228.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 24 Jun 2022 02:42:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=342529b7-ba0c-480c-99d6-cf15a7b5263e
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame FAC5
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=E36B116FBE05449ABC9F1AE439C7B336
0
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=E36B116FBE05449ABC9F1AE439C7B336
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
3.86.123.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-123-228.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 24 Jun 2022 02:42:01 GMT

Redirect headers

date
Fri, 24 Jun 2022 02:42:01 GMT
x-content-type-options
nosniff
server
nginx
location
https://sync.bfmio.com/sync?pid=141&uid=E36B116FBE05449ABC9F1AE439C7B336
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 23 Jun 2022 02:42:01 GMT
sync
sync.bfmio.com/ Frame FAC5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=157
  • https://sync.bfmio.com/sync?pid=172&uid=AWg5cj5ITCdLPbpd0n52l5U4mbs
0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=172&uid=AWg5cj5ITCdLPbpd0n52l5U4mbs
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
3.86.123.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-123-228.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 24 Jun 2022 02:42:00 GMT

Redirect headers

Location
https://sync.bfmio.com/sync?pid=172&uid=AWg5cj5ITCdLPbpd0n52l5U4mbs
Date
Fri, 24 Jun 2022 02:42:01 GMT
Connection
keep-alive
Content-Length
94
Content-Type
text/html; charset=utf-8
sync
sync.bfmio.com/ Frame FAC5
Redirect Chain
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=2953
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=2953&s_h=1
  • https://sync.bfmio.com/sync?pid=102&uid=f9bfc24c-3361-4f92-a49f-f70a21125137
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=102&uid=f9bfc24c-3361-4f92-a49f-f70a21125137
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
3.86.123.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-123-228.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 24 Jun 2022 02:42:00 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=102&uid=f9bfc24c-3361-4f92-a49f-f70a21125137
pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
sync
sync.bfmio.com/ Frame FAC5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/beachfront/c334011c120be70a2e28390eca78a765f8b81356
  • https://sync.bfmio.com/sync?pid=157&uid=y-LTEXGwVE2pITFyu.AhGFB_Fq.Wmbekre6oxkUaaNCA--~A
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=157&uid=y-LTEXGwVE2pITFyu.AhGFB_Fq.Wmbekre6oxkUaaNCA--~A
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
3.86.123.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-123-228.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 24 Jun 2022 02:42:01 GMT

Redirect headers

date
Fri, 24 Jun 2022 02:42:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://sync.bfmio.com/sync?pid=157&uid=y-LTEXGwVE2pITFyu.AhGFB_Fq.Wmbekre6oxkUaaNCA--~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
sync.bfmio.com/ Frame FAC5
Redirect Chain
  • https://ad.mrtnsvr.com/sync/beachfront
  • https://sync.bfmio.com/sync?pid=187&uid=55zv2Ey4M
0
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=55zv2Ey4M
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
3.86.123.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-123-228.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 24 Jun 2022 02:42:01 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=187&uid=55zv2Ey4M
date
Fri, 24 Jun 2022 02:42:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76
vary
Origin
content-type
text/html; charset=utf-8
log
pb-logs.media.net/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fwww.theonion.com%2F%3F_ga%3D2.7348274.1424516059.1655742986-168588755.1655480028%2520Priority%252011&dn=www.theonion.com&ref=&screen=1600x1200&cid=8CU74RYRS&lper=1&plper=&gdpr=0&ajx=1&pbv=v6.16.0&pbav=1.0.0&flt=1&supcrid=dfp-ad-1&tmax=1000&ismn=1&vplcmtt=&sts=0&ets=460&tts=465&aucstatus=completed&acid=31358d04-cac2-4832-aba2-2905419ef2b2&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=APPR&adid=&pvnm=-2&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=970x250%7C970x251%7C970x90%7C728x90&size=&mtype=banner&dId=&curr=&rests=&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=rubicon&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=970x250%7C970x251%7C970x90%7C728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=openx&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=970x250%7C970x251%7C970x90%7C728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=onemobile&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=970x250%7C970x251%7C970x90%7C728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=onemobile&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=970x250%7C970x251%7C970x90%7C728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=onemobile&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=970x250%7C970x251%7C970x90%7C728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=onemobile&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=970x250%7C970x251%7C970x90%7C728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=criteo&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=970x250%7C970x251%7C970x90%7C728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=trustx&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=970x250%7C970x251%7C970x90%7C728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=ix&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=970x250%7C970x251%7C970x90%7C728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=triplelift&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=970x250%7C970x251%7C970x90%7C728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=pubmatic&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=970x250%7C970x251%7C970x90%7C728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=resetdigital&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=970x250%7C970x251%7C970x90%7C728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=medianet&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=970x250%7C970x251%7C970x90%7C728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=296855687&pubcrid=296855687&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=appnexus&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=970x250%7C970x251%7C970x90%7C728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&targ=%7B%22vw05%22%3A%2240%22%2C%22vw%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%5D%2C%22id%22%3A%223746cb2c-f367-11ec-b36c-0ef05de99743%22%2C%22ias-kw%22%3A%22IAS_3007987_PG%22%2C%22fr%22%3A%22false%22%2C%22vio%22%3A%22veryLow%22%2C%22off%22%3A%22veryLow%22%2C%22hat%22%3A%22veryLow%22%2C%22drg%22%3A%22veryLow%22%2C%22dlm%22%3A%22veryLow%22%2C%22alc%22%3A%22veryLow%22%2C%22adt%22%3A%22veryLow%22%7D
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 24 Jun 2022 02:42:01 GMT
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 02:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 02:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1620218889985807&correlator=2720284392340189&eid=31068209%2C42531606%2C31065518&output=ldjh&gdfp_req=1&vrg=2022062201&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x251%7C970x90%7C728x90&ifi=1&adks=3099211010&sfv=1-0-38&ecs=20220624&fsapi=false&prev_scp=article_position%3Dnone%26pos%3Dtop%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dtop-01%26amznbid%3D2%26amznp%3D2%26vw05%3D40%26vw%3D40%2C50%2C60%26id%3D3746cb2c-f367-11ec-b36c-0ef05de99743%26ias-kw%3DIAS_3007987_PG%26fr%3Dfalse%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26drg%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26mnetPageID%3D1%26mnetCC%3DCA%26mnetCV%3D1%26mnetUGD%3D4%26mnetCID%3D8CUL2TG3D%26hb_abt%3Dhb%26mnetDNB%3D1&eri=1&cust_params=tags%3D%26blogName%3Dtheonion%26channel%3D%26page%3Dfrontpage%26section%3D%26subsection%3D%26veritas-segments%3D1%26veritas-iab%3D19%252C%252015%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1656038521452&lmt=1656038521&dlt=1656038518913&idt=1784&biw=1600&bih=1200&adxs=315&adys=303&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x290&msz=1600x290&fws=4&ohw=1600&ga_vid=1583285708.1656038521&ga_sid=1656038521&ga_hid=769201105&ga_fc=true&btvi=0
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
1b61c14a1c18c7d16e5ceb87786d42a2012b99ef2e2d7f387172b09aed940cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10851
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7C0B 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 02:42:01 GMT
expires
Sat, 24 Jun 2023 02:42:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 20B8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=342529b7-ba0c-480c-99d6-cf15a7b5263e&expiration=1658630521&gdpr=0&gdpr_consent=
43 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=342529b7-ba0c-480c-99d6-cf15a7b5263e&expiration=1658630521&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72021b979f23a20a-YYZ
pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGZLSCXTqjgwh0wmw%2BD6ou76Ei%2BKSxJtw5J1zIV8nIBJdqi9H%2BaXS6w%2B243tfHRyFLRaYFFcBd%2FYdA2BmkxzT5EIN%2BnPkhxxOlHZxeMeRPmvYowEFhtz8gLgzfZeKQ%2BNBS0hPbhyOCOpNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=342529b7-ba0c-480c-99d6-cf15a7b5263e&expiration=1658630521&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 20B8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YrUkeQSJC6Pugzxy.maICAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAH3ntPgd5bcuUElEnYTWh4&google_cver=1&google_hm=2
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAH3ntPgd5bcuUElEnYTWh4&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72021b982818a20a-YYZ
pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ruC8vAD0UIKgsFswXyjHgnbV3lQtia7VKiWXzZoT3hobMIs%2BzpSExIbyJ0Uspx6balSsN5WvwoVIDUB0szOJppGW6NWBuwNzzdXWMI5%2F5fA2tOzumZTwzi%2BoewiZNRlvjk91gEGp5uBhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAH3ntPgd5bcuUElEnYTWh4&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 20B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YrUkeVkHPcCZNgR3LL12ZQAABNgAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFK7PTacZ11XBd4rrcCR9t8&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFK7PTacZ11XBd4rrcCR9t8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
184.29.133.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-133-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 24 Jun 2022 02:42:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFK7PTacZ11XBd4rrcCR9t8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 20B8 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YrUkeVkHPcCZNgR3LL12ZQAABNgAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RB7H9PRKMJJNK70K7EQ5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 20B8
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030001_62b52479b51e9&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_62b52479b51e9
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_62b52479b51e9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72021b99daf8a20a-YYZ
pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oo%2BdOl1ObipMX7awyrGhFqSlyVfpu1Krb2LI5qs6ENR7Pc1enkAMbaw7KRW0Oau1SsEGZC6Gh%2FJrrZf4ibVN1Uot%2FlCXVsXqfhIjwmQzAvSblc2X2CIaK08rkqdfLAAv1XZTQ3PIFF%2BUDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 24 Jun 2022 02:42:01 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_62b52479b51e9
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame 20B8
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7093249211678081055&uid=Q7093249211678081055&ref=%2Feucm%2Fp%2Fcc
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7093249211678081055
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7093249211678081055
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72021b98e936a20a-YYZ
pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdkKHwED4U8eKSC3OD4u3nIO0f61tv9uZu4wk3Qvr01u6P3UF14UpfSo8p963u3dIgujfOx0uS5IDvxLGZVa3yAesEcNHV%2FIS9hs4xE015HrVg7LTEb%2FZnPdM%2BuPgiUxTkru079lGdo7TA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Fri, 24 Jun 2022 02:42:01 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7093249211678081055
Cache-Control
max-age=69288
Connection
keep-alive
Content-Type
text/html
Content-Length
154
crum
dsum.casalemedia.com/ Frame 20B8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=780750410301151874
43 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=780750410301151874
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72021b981c11a24c-YYZ
pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdj0ohwAFOOAEkcg%2B0t7oW%2B5NxrjD797ptsa0R4ZRsNy2svOanZlAChS%2FdlrSxhBh3OAmefj4EgcaVugtiEob7LsGJesbPvgfG6nYqWMCuVXwpCNePFHbhfp8E8E4Jms4FAstiOz"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:01 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
9d8b073b-d2e6-49d0-9eed-3ac249b6c1de
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=780750410301151874
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 20B8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662296952328896
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662296952328896
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72021b9949e9a20a-YYZ
pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrlxbHBAvpZIS1mWaS6w%2BeyNd3geMV87dPqwQM%2B21yD3jvLqUZqhUV0RpTCUonWDvEDEDzWmblGYjfoZYHe96fGZ%2BLv4Su3DKxdssUdM7tSKSKO9qrYcs5UFe6GBrYVdNihM7vsXfrJT0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
880
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
72021b9878c4ca47-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662296952328896
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 20B8 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YrUkeVkHPcCZNgR3LL12ZQAABNgAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JBV6EH4BBPA357GE775S
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame B4D5 		728 B
576 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=3A240AA5-6332-48CC-8B2D-B1DF4F8202BF&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4dbc9f1cd61faa65988b09b34e18afb89b2461f5be713f3b50a5fdb3bf3850f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 24 Jun 2022 02:42:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
match
c1.adform.net/serving/cookie/ Frame 7EBD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C3E08DA9-D324-4D66-8134-C7493E27E7EA
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C3E08DA9-D324-4D66-8134-C7493E27E7EA
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C3E08DA9-D324-4D66-8134-C7493E27E7EA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 24 Jun 2022 02:42:01 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 24 Jun 2022 02:42:01 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C3E08DA9-D324-4D66-8134-C7493E27E7EA
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame DB5A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YrUkeQALNGCGIgAo&gdpr=0&gdpr_consent=&_test=YrUkeQALNGCGIgAo
1 B
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YrUkeQALNGCGIgAo&gdpr=0&gdpr_consent=&_test=YrUkeQALNGCGIgAo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 24 Jun 2022 02:42:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 24 Jun 2022 02:42:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YrUkeQALNGCGIgAo&gdpr=0&gdpr_consent=&_test=YrUkeQALNGCGIgAo
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12828-YUL
x-timer
S1656038522.572441,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame D2A3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:336c62b5-2479-4900-8f51-fe240806a828&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:336c62b5-2479-4900-8f51-fe240806a828&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 24 Jun 2022 02:42:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 24 Jun 2022 02:42:01 GMT
Expires
Fri, 24 Jun 2022 02:42:00 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4475 c1dc35a master iad-pixel-x18 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:336c62b5-2479-4900-8f51-fe240806a828&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 634E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFeG9rN0Zha2tBQUJOaWJTNHdpdw&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAExok7FakkAABNibS4wiw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sy...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4053307272047313424
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAExok7FakkAABNibS4wiw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D4053307272047313424%26bee_sync_partners%3Dsyn%252Cpm%26...
  • https://match.prod.bidr.io/cookie-sync?userid=4053307272047313424&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAExok7FakkAABNibS4wiw&pid=55...
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAExok7FakkAABNibS4wiw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D4053307272047313424%26bee_sync_partners%3Dpm%26bee_sy...
  • https://match.prod.bidr.io/cookie-sync?userid=4053307272047313424&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAExok7FakkAABNibS4wiw
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAExok7FakkAABNibS4wiw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 24 Jun 2022 02:42:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 24 Jun 2022 02:42:02 GMT
Server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAExok7FakkAABNibS4wiw
strict-transport-security
max-age=2592000; includeSubDomains
141
match.deepintent.com/usersync/ Frame BB94 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Fri, 24 Jun 2022 02:42:01 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
usersync.aspx
widget.us.criteo.com/dis/ Frame E68B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybac...
43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 02:42:01 GMT
expires
Fri, 24 Jun 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
459096
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0

Redirect headers

content-length
0
date
Fri, 24 Jun 2022 02:42:01 GMT
location
https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
server
Kestrel
server-processing-duration-in-ticks
266116
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame 56E7
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=399eca3c-f367-11ec-a45c-682258f0f1c1
42 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=399eca3c-f367-11ec-a45c-682258f0f1c1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 24 Jun 2022 02:42:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 24 Jun 2022 02:42:01 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=399eca3c-f367-11ec-a45c-682258f0f1c1
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-2
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame DBB8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=AWg5cj5ITCdLPbpd0n52l5U4mbs
42 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=AWg5cj5ITCdLPbpd0n52l5U4mbs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 24 Jun 2022 02:42:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Fri, 24 Jun 2022 02:42:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=AWg5cj5ITCdLPbpd0n52l5U4mbs
Pug
simage2.pubmatic.com/AdServer/ Frame 7AFC
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1656038521642
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8585394149
  • https://sync.1rx.io/usersync/tradedesk/342529b7-ba0c-480c-99d6-cf15a7b5263e
  • https://sync.targeting.unrulymedia.com/csync/RX-a167cf8e-0812-4e52-9531-20fe6ac77d25-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a167cf8e-0812-4e52-9531-20fe6ac77d25-005
42 B
332 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a167cf8e-0812-4e52-9531-20fe6ac77d25-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 24 Jun 2022 02:42:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Fri, 24 Jun 2022 02:42:01 GMT
ETag
RXa167cf8e08124e52953120fe6ac77d25005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a167cf8e-0812-4e52-9531-20fe6ac77d25-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Transfer-Encoding
chunked
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 3732
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=8983dd6b-5fb6-4ea6-a359-0becfb9184a9&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C3E08DA9-D324-4D66-8134-C7493E27E7EA
42 B
352 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C3E08DA9-D324-4D66-8134-C7493E27E7EA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.174.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-174-103.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
42
content-type
image/gif
date
Fri, 24 Jun 2022 02:42:01 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 23 Jun 2022 16:01:33 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C3E08DA9-D324-4D66-8134-C7493E27E7EA
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 2CAF
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=676902280705
42 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=676902280705
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 24 Jun 2022 02:42:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=676902280705
Pug
simage2.pubmatic.com/AdServer/ Frame A999
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:SRwRaWKO1O4zgJ5&gdpr=0&gdpr_consent=
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:SRwRaWKO1O4zgJ5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Jun 2022 16:22:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 24 Jun 2022 02:42:00 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:SRwRaWKO1O4zgJ5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-008f6d7239e4d0f59@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
i.match
s.tribalfusion.com/z/ Frame 7B16
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
72021b98f999ca47-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 24 Jun 2022 02:42:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
72021b979ff1ca47-YUL
content-type
text/html
date
Fri, 24 Jun 2022 02:42:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1231
Pug
simage2.pubmatic.com/AdServer/ Frame 2794
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7093249211328985151&uid=Q709324921132898...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7093249211328985151
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7093249211328985151
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Jun 2022 16:04:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=69288
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Fri, 24 Jun 2022 02:42:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7093249211328985151
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 18FF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w-CNqdMkTWaBNMdJPifn6g%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=53143
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Fri, 24 Jun 2022 17:27:44 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 18FF
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C3E08DA9-D324-4D66-8134-C7493E27E7EA
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEMzRTA4REE5LUQzMjQtNEQ2Ni04MTM0LUM3NDkzRTI3RTdFQRAAGg0I-cjUlQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=1dd08ca02368c7ac01b0a0616deaaa9edd87f2e18b13bb955ce01896538dd5d5791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAxZGQwOGNhMDIzNjhjN2FjMDFiMGEwNjE2ZGVhYWE5ZWRkODdmMmUxOGIxM2JiOTU1Y2UwMTg5NjUzOGRkNWQ1NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAxZGQwOGNhMDIzNjhjN2FjMDFiMGEwNjE2ZGVhYWE5ZWRkODdmMmUxOGIxM2JiOTU1Y2UwMTg5NjUzOGRkNWQ1NzkxNDI2YjU0MTdkY2UyMRAAGgwI-cjUlQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=04bf5ffd-5a5d-408d-b3c6-f7080cc45f98
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=04bf5ffd-5a5d-408d-b3c6-f7080cc45f98
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 02:42:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=04bf5ffd-5a5d-408d-b3c6-f7080cc45f98
date
Fri, 24 Jun 2022 02:42:01 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 18FF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f9ce62b5-2479-4000-b35c-bb97eafdbcd5
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f9ce62b5-2479-4000-b35c-bb97eafdbcd5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 24 Jun 2022 02:42:01 GMT
Server
MT3 4475 c1dc35a master iad-pixel-x20 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f9ce62b5-2479-4000-b35c-bb97eafdbcd5
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 24 Jun 2022 02:42:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 18FF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzNFMDhEQTktRDMyNC00RDY2LTgxMzQtQzc0OTNFMjdFN0VB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 18FF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELXgho7LkbPJvk8WLUFuWhk&google_cver=1
42 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELXgho7LkbPJvk8WLUFuWhk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELXgho7LkbPJvk8WLUFuWhk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 18FF
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D5A0BE942A9C49B4926EBA7851290645
42 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D5A0BE942A9C49B4926EBA7851290645
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 24 Jun 2022 02:42:01 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D5A0BE942A9C49B4926EBA7851290645
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 23 Jun 2022 02:42:01 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 18FF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7574025732850242011&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7574025732850242011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7574025732850242011&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 18FF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=342529b7-ba0c-480c-99d6-cf15a7b5263e
42 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=342529b7-ba0c-480c-99d6-cf15a7b5263e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=342529b7-ba0c-480c-99d6-cf15a7b5263e
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
C3E08DA9-D324-4D66-8134-C7493E27E7EA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 18FF 		43 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C3E08DA9-D324-4D66-8134-C7493E27E7EA?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:7048:1629:7931:e6d0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 18FF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4wBQwsRE2uWi6DLh5mSBZVE3tHzPNKM-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4wBQwsRE2uWi6DLh5mSBZVE3tHzPNKM-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 21:01:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4wBQwsRE2uWi6DLh5mSBZVE3tHzPNKM-~A&gdpr=0&gdpr_consent=
date
Fri, 24 Jun 2022 02:42:01 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 18FF 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.141.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-141-245.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 18FF
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=39a888a0-f367-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
1 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=39a888a0-f367-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 17:29:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=39a888a0-f367-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
Date
Fri, 24 Jun 2022 02:42:00 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
39a888a1-f367-11ec-8a25-c312b08c9a12
Pug
simage2.pubmatic.com/AdServer/ Frame 18FF
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=304b2942501308e3&is_secure=true&networkId=17100&version=1&nuid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADKPnsxfsBYwNulAmVAAAAAAA&expiration=1656124921&nuid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&...
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADKPnsxfsBYwNulAmVAAAAAAA&expiration=1656124921&nuid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 16:01:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADKPnsxfsBYwNulAmVAAAAAAA&expiration=1656124921&nuid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 18FF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=780750410301151874&gdpr=0&gdpr_consent=
42 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=780750410301151874&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:01 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f5d26a6f-652a-4bf4-87b1-71f52248d73c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=780750410301151874&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 18FF
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2JFT-9yXBvfDmgf-25ccq9qQVP7DmwiriMbocvpT
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2JFT-9yXBvfDmgf-25ccq9qQVP7DmwiriMbocvpT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2JFT-9yXBvfDmgf-25ccq9qQVP7DmwiriMbocvpT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 18FF
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=96c38ccf-16ea-4d04-ae14-fc854472ccca-62b52479-4341&gdpr=0&gdpr_consent=
42 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=96c38ccf-16ea-4d04-ae14-fc854472ccca-62b52479-4341&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=96c38ccf-16ea-4d04-ae14-fc854472ccca-62b52479-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 18FF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=ecba0b5f-e39d-49d2-9913-8b700ad86555
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=ecba0b5f-e39d-49d2-9913-8b700ad86555
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=0a6afd2a-e49e-4039-9bfb-d64208c198bc&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ecba0b5f-e39d-49d2-9913-8b700ad86555&gdpr=&gdpr_consent=&gdpr_pd=
1 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ecba0b5f-e39d-49d2-9913-8b700ad86555&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ecba0b5f-e39d-49d2-9913-8b700ad86555&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 24 Jun 2022 02:42:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame 18FF
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_F1F3B21D_67407FE6&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Server
4.78.226.233 Irving, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-339025321; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:01 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-339025321; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Thu, 23 Jun 2022 17:29:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 18FF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8249113497166911165
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8249113497166911165
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 17:04:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8249113497166911165
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 18FF
Redirect Chain
  • https://sync.resetdigital.co:10001/csync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000B614CBA3D3
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000B614CBA3D3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 17:06:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 24 Jun 2022 02:42:18 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000B614CBA3D3
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 3CA5 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=gad9a805795f6c1dec62
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2JP28VXDGHTBBVACNDE3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/ Frame 3CA5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?&nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=AWg5cj5ITCdLPbpd0n52l5U4mbs&gdpr=&gdpr_consent=
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=AWg5cj5ITCdLPbpd0n52l5U4mbs&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.204.59.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-59-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=AWg5cj5ITCdLPbpd0n52l5U4mbs&gdpr=&gdpr_consent=
Date
Fri, 24 Jun 2022 02:42:01 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
sync
ads.yieldmo.com/ Frame 3CA5
Redirect Chain
  • https://x.bidswitch.net/sync?&ssp=yieldmo
  • https://x.bidswitch.net/ul_cb/sync?&ssp=yieldmo
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=yieldmo&ssp_user_id=ecba0b5f-e39d-49d2-9913-8b700ad86555&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171119953&expires=5&ssp=yieldmo
  • https://ads.yieldmo.com/sync?userid=ecba0b5f-e39d-49d2-9913-8b700ad86555&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=ecba0b5f-e39d-49d2-9913-8b700ad86555&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.204.59.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-59-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=ecba0b5f-e39d-49d2-9913-8b700ad86555&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Date
Fri, 24 Jun 2022 02:42:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
widget.us.criteo.com/dis/ Frame 3CA5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?&r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
  • https://widget.us.criteo.com/dis/usersync.aspx?&r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget.us.criteo.com/dis/usersync.aspx?&r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
360239
content-type
image/gif
expires
Fri, 24 Jun 2022 00:00:00 GMT

Redirect headers

location
https://widget.us.criteo.com/dis/usersync.aspx?&r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
date
Fri, 24 Jun 2022 02:42:01 GMT
server
Kestrel
server-processing-duration-in-ticks
254404
content-length
0
strict-transport-security
max-age=31536000; preload;
pixel
cm.g.doubleclick.net/ Frame 3CA5 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=yieldmo_dbm&google_hm=ZzNmYzkyYzNiMzVkMjcyN2FmODY=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ib.adnxs.com/&https://ads.yieldmo.com/v000/ Frame 3CA5
Redirect Chain
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=780750410301151874&pn_id=an
0
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=780750410301151874&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
68.67.179.87 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:01 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6bd60147-acee-47e8-a879-37b1db5fd91d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:01 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
3afc85ce-04ec-418b-b63e-b5d29a61bf54
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
&https://ads.yieldmo.com/v000/sync?userid=780750410301151874&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cl_partner.html
ads.pubmatic.com/AdServer/js/ Frame 30A8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D3A240AA5-6332-48CC-8B2D-B1DF4F8202BF%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
Requested by
Host: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=3A240AA5-6332-48CC-8B2D-B1DF4F8202BF&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b01ef7916c2e4d5e7b97fbcdb95caf8e24f184a773b9ca533a9a416b4aea4218

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31208
content-encoding
gzip
content-length
953
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 02:42:01 GMT
etag
"fa18f0-6b8-53a413358bd01"
expires
Fri, 24 Jun 2022 11:22:09 GMT
last-modified
Wed, 17 Aug 2016 09:36:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 8556 		43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=3A240AA5-6332-48CC-8B2D-B1DF4F8202BF&ex=pubmatic.com
Requested by
Host: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=3A240AA5-6332-48CC-8B2D-B1DF4F8202BF&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 24 Jun 2022 02:42:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
27SX5H6Z60P8724ZMQ4F
i.js
mathid.mathtag.com/d/ Frame 30A8 		0
0
graph
idr.cdnwidget.com/ 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idr.cdnwidget.com/graph?cookieID=2B0MP7Bib37GNURTzG6RpqsUA3W&deviceID=2B0MP2FH2k0AVlSYXFKwhzxkZLP&bxdid=6393143172568779478&bxvid=1656038521215632&bxwid=3645&gm=false&apikey=2^HIykD&loadID=QmdrRFyUyrk58zS
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.130.207 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
207.130.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Jun 2022 02:42:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
id_sync
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/id_sync?id_sync:id_type=sid&id_sync:id_source=graph&soft_id=2B0MP2FH2k0AVlSYXFKwhzxkZLP&source=web&agent=cjs&deviceid=6393143172568779478&visitid=1656038521215632&websiteid=3645&pageviewid=1&sequenceid=1
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:01 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.f4e5461286f2552eb207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:02 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jun 2022 02:42:02 GMT
container.html
ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1B6A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 02:42:01 GMT
expires
Sat, 24 Jun 2023 02:42:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:02 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jun 2022 02:42:02 GMT
bl-b318b8b-fc770fdb.js
tagan.adlightning.com/gomedia/ Frame 1B6A 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/bl-b318b8b-fc770fdb.js
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-37.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d924f0a8b2ea7ebdbca0cd7344422edacbbaa19de8679ad79b1fa3dddd0e6e19

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 18:48:07 GMT
content-encoding
gzip
age
114836
x-cache
Hit from cloudfront
content-length
14085
x-amz-meta-git_commit
b318b8b
last-modified
Sat, 14 May 2022 09:31:34 GMT
server
AmazonS3
etag
"cd133e524c57c07ff057a7508e542fff"
x-amz-version-id
ZVAQEnN_JoERA1qclmYe3ebWhiPRgA4U
via
1.1 6ba47df044361b708e00c6d6274556cc.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
IAD79-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
utWoG8CoaMBieCBZiJBZOI6xcWTjbGYOoLmQH521mUKQ3JFYwisCIg==
b-92ee7c4-d3619282.js
tagan.adlightning.com/gomedia/ Frame 1B6A 		82 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/b-92ee7c4-d3619282.js
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-37.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6f6bcacd16d4885735c8bf34e64b14598bc75b360bb02da44bffb9ab73dc1fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 18:48:07 GMT
content-encoding
gzip
age
114836
x-cache
Hit from cloudfront
content-length
31436
x-amz-meta-git_commit
92ee7c4
last-modified
Wed, 16 Mar 2022 19:19:56 GMT
server
AmazonS3
etag
"5086041455876f7638823d16d6d5011a"
x-amz-version-id
LTlh3zFnNmJpF7mEod9vuodP0rI76SrT
via
1.1 6ba47df044361b708e00c6d6274556cc.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
IAD79-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
n_lUg0ht_cyxKqdE22JsAI5Y_3BhhVWvkIc0j3GRbIZz2-wtVfo66g==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B6A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ClgXKyaTU5dTGa1oRhzlUKGURRWeYtHODQH_n2H2Qylk3WLOpgpcMQRURe_kejH41smQ5TMRUCcKKtABQ3KBlnGklJFRTP1htoI8NUjXnN9WqMt6g
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unit_renderer.php
fw.adsafeprotected.com/rjss/as.jivox.com/937172/63662186/unit/ Frame 1B6A 		238 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/as.jivox.com/937172/63662186/unit/unit_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=${US_PRIVACY}&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https://www.theonion.com/&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&ias_dspID=3&ias_campId=25417540&ias_pubId=pub-9268440883448925&ias_chanId=1&ias_placementId=15447686141&bidurl=https://www.theonion.com/&ias_dealId=549644393848240971&adsafe_par&ias_impId=v4~~ABAjH0heAg73qw9wQFrgJuhZnFhs
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.180.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-180-220.compute-1.amazonaws.com
Software
/
Resource Hash
d21d99ac54f111bdda38b3064999c174301d5fe3762913fea562c43422a3ca98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:02 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame 1B6A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/window_focus_fy2019.js
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 00:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Jul 2022 00:34:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1B6A 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43180
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655912982481896"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Jun 2022 02:42:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame 1B6A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92cc22507e69f2baa9a37f4dd7767bad45f4531a1667fd8cfb0665dd7bfd52d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:14:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1642
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7350
x-xss-protection
0
server
cafe
etag
4581267900612465077
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Jul 2022 02:14:40 GMT
l
www.google.com/ads/measurement/ Frame 1B6A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7eAgaXbdc4Hq0TaBYKSd-KMKmaJB5o7F8sfpOeUuaaSsQeZIqXAaVUl45hZko5hGPUdONl-ZMVnBt7ZDLY9cY_Wk0Nw
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
3645
dfp.bouncex.net/pub/ 		6 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp.bouncex.net/pub/3645?li=5923752189
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
d7d70191c4ae206d1bb0fe914396baa00deb1cfd2bd4ea9a340b72e4d9c577c5

Request headers

Accept
*/*
Referer
https://www.theonion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:02 GMT
via
1.1 google
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5918 		624 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLL7uQEQp_XsmAIYmPqjzAEwAQ&v=APEucNWdC_1rqtUmCvGIJ9gsx4czp8UNdrlV7Hj8gZ1ZI1SU3qt0-lv-F1ggplfvW7koPN60-ETccEGrkt-pSnT31b1-LKymJw
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 02:42:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 1B6A 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cns9rzKtqGhh6u6QnHUOnMRQ09DqhsXJn8sSF4pDzmMllUf1tKjyn1IRbZNhpPPhDKMr2rhHwA-nt47qibsGlOBg5iABIgcVO3VWSUmzmofosvhmVmn-uEsCoXbJL-l2reKmexc7Mjs55SzuQXZ2oRVg57Dg&cry=1&dbm_d=AKAmf-C5ueRKWj36rVOtlSFEsWCJfEne1tccp-J6inUuhYAsGUWsL1bAjtW5_1eGTBP2JzrNlkFx45Nn_2aVCGd-Ev8FQUBpaxIZYYZhK1ctnjrnC77-qiszEq7pJA7qGAEiRida5AtVBe3P9R9Udqv7znLE_4VkcGxxVa4gJFIwyWFxqmSMb-gWloag-d3P5qiLCjqfwmgK6GClzd7QWUL5x9z_4F9NA0WGMscO5YTdrTDKY-wNgzXbbhYuSEQo4nPUg-3YE0lwuZozNzGXKkRiRDwFIErSHtBFTUx3V_Uz9X_7xSJYQcThG59Cwp_z-Vg3wD7vtXvprzjNSJEMT5Q7Ir9AMJnO7s5Lj8WLVkJoqYHTm_tsAE4nP3HFWbuGSqti-BhRDn4iDa5Ifa0o1KvUYGuXtAK_laySuk7kbrl1NW_WemQdupPJDAijfC4juXHII8y3ntEnLrCmgrZc02HGDQD7azzWqz62sc6wxMBcfPbGYnXo3Ca2MUQa38zyhN85Wc0tjdeVRmR-eZD7qH3RTu7rBEaqjtwKMy0zWeBhf-21IbPdrTzddPnoDpSuUHyrc6KYORSm9lxijg0KZ_1by9xvkwkfYZpXntbt77EjZh8H27QvdIF2QEY0KmIv0v19oqtulWUd3BJgKsUFPk2XY1a13f3kXR8s0wCyItbE2txEtOSWy7L702PYXSON924FpAZwAAeg3oFtZ8-NHsRdP3sFaMsgkPFXxTyUNR3o0_T-K6FIlphAJTK7C0NONpYEDqXnVCpzlDRq1DtnMNJQvNzaU0Xnt05OJ3JMqq27ConsCBMe4p8c6IDt8gJnAEme-kOwbevN8sZVKg8krDQX2jXjKrmYkYpGIFhZhy2yAKkpRge7N1X6NBq9O4oBgTbi584uNKot8eYTbpNYlgAGFJRKi_s2v6FpopeykEtWV9r5t3qURQDRrMx_TdyO20NK1kK7mxWIxxGVzbeB9cZLr2J-Gc09Qx48uXXCixoBLZ9nxHrQcIMaUUG0G92qju1_IR8q8AWKsYi6z3Y5L4t_gmsd1rQBOYePsGXZZTNmElHadI22_l5yK3LTJ5eVmNuPqZXO5T6XTo7EHqa5R-U9uGaVwxR96Mf7CePD7Rf2FMT5gz7IANpwiQxtpEk9E0Mtd0B0R7ADeUmYnEnHaUWJZYda0d6iUxtMOSnWP2LBDHMsY_AfyeaWYljsS7gXVdao3zrjab1Zc175erbff9F-pqziVfwMWvCNrApwuy7FX973M997h7IUsxiTeiGcir7skOAvs5urX3tIwTlz7UYRGt3Bflo25b4tqryMS2JhAlsntpxQWlAtfxsvLvGGgfdB5tqI3Rfak06Gb4XovAxUde1OcjMjVVsuftashLnFP8D5M6znO5ILjBiqSetjGHwlWNw6581Fp_wV_BhFzNSgqcLMbeREhXHq4-qxRiVjJo13u9fGH-WNpfagjaZSUQPoB4McUrc8_hPHVPdnrbo0as67gAfzsQbCU0kLNtHEHS7pLPxhNeSSh9Im_brFRYr7WCun1o1w-HapecQbF6f3Mkqd4AejrPEjzN29DphVBZi6QaMDT4DfAa_kTakBc7HtmbtRKa5Qa29f60cKs9TU2-2qdPG4PpDw_pUxc4gxM3o3ZdxNQXUpOJuLdV1slMQcBFVMt_c82KOA2262gz8LM53V4x8awfk_zgxWMYkrNgjA5EXs6RzGKJh-t6dypC0Rcec3bhP_azsRIY3ThQ2AG5p9LfCQNUVAPT1hO5PghsBiWxhqjfgT-6a7RNENSD45hbOZrvfy1-_sh8DjsqNKC_WB2-Wzh1jFlWJTVKTzwa5eVGVNt0kXVyLyDH4dlkEy8q7j3_tb4ODxX3IpbLL1t_VY1AldNffDeket5NK1yVZrRBtSfRFjk2NpcO11fM1OVjgc6Te2SD8IOqGlMDQ-C9duSvF6qrrO8eJvFAosjOzBeDl3iCzrKJ6PgpxjQ7yzgvp3RZ4obFEPFxNyCV87omxDz5Es2tGDrCDR3_lAvdQ_wBBkDNfi4e_3ZmFSEVhBJx47KgTl6ErZVFfZWhgMwbDoGTkxplo6mqlnmFHqRNV-QF_Qz5JjUDT02zCc5C95dmqTWxA1cDXKpnAzZOtzLL2R7hsAm5Z8qGChV16RFFwDf0iGUrltL8HQepmrn9u_e7eFum6PT55R-s8UjA23mM_1T5gJYBvsaKN5ED41bu7ExvsAJroS2FzG3WS0OnhclDEz6uvms1mIghsJc7do2y0ge9RyuFjFH279RS4bg-JImDuVPYLJ8tpIxtPdfndyznJjHR3cBEYKSzKOSEj8uq9gPNoW8B64v7BmrUT-nAtERcmZn9fZaDnO52dDgaAQ4jKCoSVnDPLf4xtyHbU-oQah0HF3-JmjoqMq4pw5YCC7JOWbvRySxNejF5A_XIvHPwRZfG-XnvnJ8TqJ9cZ2w-LCzeP_FFV59hyLaKOULXm9LstJZbnt18a9_GCesn-GfTDouYJQWDMzNQk_myFkmpRoB39AUirYQCjOGbGJgibIynINzDUkWhdugOvWp9TQ6WMilODSratKxneG5hJHU__pBOMV9DqKWN__cRMFiEoz5Qhm3vLlNDmvvC2PenqZYmIdKUNlqVpbAqz0QHL1rIC3HxgV5MfNbiHvTzkqkUaJGEhg_9OVmiNqiAqOPGq66ORTe-VxI5wmmrpZ-f3D76mwJ0TpAE3E4NmHBDaBbNFBZLwfXHX-ButMBaBwBXPzxQjWUdB3qeXB_xy9cCc63fOXY0n_lTozBWAU6qWn8gTmU45nKHezs4pic9sFk2unOcRl1-qY6dsozQ-J_lGWTthOFvPVvQUNyIDmgVFgDCZLvNuAtJYI-Mlb92PsVinAjE76fX_0UhPUM4n13ZEAoKowhBr2CfOe3JnEAUddVscXDRiMn2R26XXyO_bP5sO1MJpEEKOKZ_XtT0ZpNVRgABmoUp-tIX-F4fQS1urwCgFgpfo9O03lzASoyL8DmTcWtLxjO_VUT-tyjjwrQKiEWVgAzk7aIXleNgeuNgk8L6llcR8mVpQam0koinzMnm6Aqd8DOJV8opGn63rh-uMtIhlYItF88swfk1wtgJLds2TSLYaqlh9fLPsnJhfXv-N7k_MlD98y1sCXbo48d6m9uSWMZBgRP49hu8nz1fe_Lisoix9l5K-rX3TFBr8CBB8op0lOJLwAODcaK8jj8htVmpuXa12Y7-XvurYmmFhKX_0x8BL-mQP7bsj1HRpn9kfea-1jyoxNooZv0sNLFQLeeMJY1kzYwQkBXGc4ieBv2Hc31zkcJR5ZkEHmmQc5pOicJTXzmDP9&cid=CAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME&rfl=1%2Chttps%253A%252F%252Fwww.theonion.com%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-92ee7c4-d3619282.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6da1a2466594a859fe55e319b7475ffcb05bc8ad872d74047262df58b7b4c6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16340
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5918
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAH3ntPgd5bcuUElEnYTWh4&google_cver=1
43 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAH3ntPgd5bcuUElEnYTWh4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLL7uQEQp_XsmAIYmPqjzAEwAQ&v=APEucNWdC_1rqtUmCvGIJ9gsx4czp8UNdrlV7Hj8gZ1ZI1SU3qt0-lv-F1ggplfvW7koPN60-ETccEGrkt-pSnT31b1-LKymJw
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72021b9e4a23a20a-YYZ
pragma
no-cache
date
Fri, 24 Jun 2022 02:42:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKJDJd4BkNMnB4ld8I5R6z7ijfKsPWHKN6tklzeG6ouprF4LXM4TeK5zcyq%2Bp3x6XTG%2FAPXXKaLO07EPXpD3Icf3FFWY5%2F4c68J%2FUPmj25iwgx9ZtKN2887EJVcTY5ocVXF%2BKOUVsIX3sg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAH3ntPgd5bcuUElEnYTWh4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5918
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YrUkeQSJC6Pugzxy.maICAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAH3ntPgd5bcuUElEnYTWh4&google_cver=1&google_hm=2
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAH3ntPgd5bcuUElEnYTWh4&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLL7uQEQp_XsmAIYmPqjzAEwAQ&v=APEucNWdC_1rqtUmCvGIJ9gsx4czp8UNdrlV7Hj8gZ1ZI1SU3qt0-lv-F1ggplfvW7koPN60-ETccEGrkt-pSnT31b1-LKymJw
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72021b9edb34a20a-YYZ
pragma
no-cache
date
Fri, 24 Jun 2022 02:42:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WP2tcrzQf%2FgtCJym15jcdfW4U6Z9N4nV2Tu21i%2B4ksv3AxioWKHnimIPSj8fYHSIIPgYrCaHEJSUqP4EZNi1ZlRyhEhCmBhjjD3ImPSBzRiDJcCnN8UisJXjw6qZN6nVtPLzFtwlOmS2PA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAH3ntPgd5bcuUElEnYTWh4&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5918
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIMef7V0gWXhsvJGiR2ZXj0&google_cver=1
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIMef7V0gWXhsvJGiR2ZXj0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLL7uQEQp_XsmAIYmPqjzAEwAQ&v=APEucNWdC_1rqtUmCvGIJ9gsx4czp8UNdrlV7Hj8gZ1ZI1SU3qt0-lv-F1ggplfvW7koPN60-ETccEGrkt-pSnT31b1-LKymJw
Protocol
HTTP/1.1
Server
68.67.179.87 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:02 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
68803cb7-0723-4fbc-b3b1-b49ef36d55e8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIMef7V0gWXhsvJGiR2ZXj0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5918
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgwNzUwNDEwMzAxMTUxODc0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgwNzUwNDEwMzAxMTUxODc0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLL7uQEQp_XsmAIYmPqjzAEwAQ&v=APEucNWdC_1rqtUmCvGIJ9gsx4czp8UNdrlV7Hj8gZ1ZI1SU3qt0-lv-F1ggplfvW7koPN60-ETccEGrkt-pSnT31b1-LKymJw
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:02 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
9ecc4fb0-97d0-4083-98fc-00f7d0b080ee
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgwNzUwNDEwMzAxMTUxODc0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220622/r20110914/ Frame 1B6A 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220622/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-92ee7c4-d3619282.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
610
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10545
x-xss-protection
0
server
cafe
etag
4672069523611413616
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Jul 2022 02:31:52 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1B6A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-92ee7c4-d3619282.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 01:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Jun 2023 01:09:50 GMT
unit_renderer.php
as.jivox.com/unit/ Frame 1B6A
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/as.jivox.com/937172/63662186/unit/unit_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=...
  • https://as.jivox.com/unit/unit_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2...
95 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as.jivox.com/unit/unit_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=${US_PRIVACY}&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https://www.theonion.com/&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
23.22.255.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-255-185.compute-1.amazonaws.com
Software
Apache /
Resource Hash
02168ed0848731bbbc4eb630fec028db119f02673ad3cb558d21546d59df7d42

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:02 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
application/javascript
Content-Length
25920

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:02 GMT
x-server-name
app24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://as.jivox.com/unit/unit_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=${US_PRIVACY}&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https://www.theonion.com/&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 42BC 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-92ee7c4-d3619282.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:f000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 03:16:10 GMT
content-encoding
gzip
age
18055553
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 0f954bea3b233fb0b6e1981b1e8b6bd8.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
IAD50-C2
content-type
application/javascript
x-amz-cf-id
tmujJaERZtS5wcgT4B4jxFZ89wBhUJ0QVffGhVaLooY3oUySYZvDTg==
dt
dt.adsafeprotected.com/ Frame 1B6A 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=937172&asId=3059e981-e3b7-5a33-6948-e4a8d475c020&tv=%7Bc:gq4fqV,pingTime:-3,time:66,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:66,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B60~0%5D,as:%5B60~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t9DGSbZ+11%7C12%7C1311%7C131211%7C131212%7C1313%7C1314%7C1315%7C1316%7C1317%7C1318%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C159%7C15a%7C15b%7C15c%7C15d%7C15e%7C16%7C17%7C18*.937172-63662186%7C181,idMap:18*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:02 GMT
X-Server-Name
dt38.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 1B6A 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=937172&asId=3059e981-e3b7-5a33-6948-e4a8d475c020&tv=%7Bc:gq4fqX,pingTime:-6,time:68,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:68,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B61~0%5D,as:%5B61~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t9DGSbZ+11%7C12%7C1311%7C131211%7C131212%7C1313%7C1314%7C1315%7C1316%7C1317%7C1318%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C159%7C15a%7C15b%7C15c%7C15d%7C15e%7C16%7C17%7C18*.937172-63662186%7C181,idMap:18*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:www.theonion.com*&br=c
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:02 GMT
X-Server-Name
dt55.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7878 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-92ee7c4-d3619282.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
437532
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 19 Jun 2022 01:09:50 GMT
expires
Mon, 19 Jun 2023 01:09:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 1B6A 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=937172&asId=3059e981-e3b7-5a33-6948-e4a8d475c020&tv=%7Bc:gq4frg,pingTime:-2,time:87,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:542,beZ:543,mfA:545,cmA:546,inA:547,inZ:552,prA:552,prZ:561,si:571,poA:577,poZ:603,cmZ:603,mfZ:603,loA:611,loZ:617,ltA:629,ltZ:629%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:87,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B80~0%5D,as:%5B80~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t9DGSbZ+11%7C12%7C1311%7C131211%7C131212%7C1313%7C1314%7C1315%7C1316%7C1317%7C1318%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C159%7C15a%7C15b%7C15c%7C15d%7C15e%7C16%7C17%7C18*.937172-63662186%7C181,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,sinceFw:53,readyFired:false%7D&br=c
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:02 GMT
X-Server-Name
dt45.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
Aq6axuIj4xdN0A4LClEu7wk1FdfqQrvSY5ZnYLGiLRk.js
pagead2.googlesyndication.com/bg/ Frame 7878 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Aq6axuIj4xdN0A4LClEu7wk1FdfqQrvSY5ZnYLGiLRk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02ae9ac6e223e3174dd00e0b0a512eef093515d7ea42bbd263966760b1a22d19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 01:05:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
178583
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13741
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Jun 2023 01:05:39 GMT
layout_renderer.php
as.jivox.com/unit/ Frame 30FF 		165 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-92ee7c4-d3619282.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.255.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-255-185.compute-1.amazonaws.com
Software
Apache /
Resource Hash
664ef2bc50d354920f872de049e1d7e806f64666ad0df0be053b79213e4400b6

Request headers

Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
39618
Content-Type
text/html; charset=UTF-8
Date
Fri, 24 Jun 2022 02:42:02 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A358 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
26396
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 19:22:06 GMT
etag
48472445140208031
expires
Fri, 24 Jun 2022 19:22:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1B6A 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c801218dc5017f81047f7c9b21458e07e4a72e757004f15ecb4796bbdc6800f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
jquery-2.1.0.min.js
playercdn.jivox.com/1641453473/unit/js/gz/ Frame 30FF 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playercdn.jivox.com/1641453473/unit/js/gz/jquery-2.1.0.min.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.222.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-222-80.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 08:35:20 GMT
content-encoding
gzip
last-modified
Thu, 06 Jan 2022 07:21:24 GMT
server
AmazonS3
age
65204
etag
"360f2dc03e68bdff25f7116099845c15"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 a929b4bfaa0111e3feb7c4dbffdbd8d8.cloudfront.net (CloudFront)
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-pop
IAD79-C1
accept-ranges
bytes
content-length
29294
x-amz-cf-id
GM4DxWu7EaL6H538v9kjDxgU6Vm2lt5zQbf8Tldn1dMDXzTLxWbbrw==
velocity-raf-disabled.min.js
playercdn.jivox.com/1641453473/unit/js/gz/ Frame 30FF 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playercdn.jivox.com/1641453473/unit/js/gz/velocity-raf-disabled.min.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.222.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-222-80.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa85a4366200f608a99ecf4b1b933babdd9c5662cbe5d518b3daa57e53dbd85b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 08:35:40 GMT
content-encoding
gzip
last-modified
Thu, 06 Jan 2022 07:21:26 GMT
server
AmazonS3
age
65184
etag
"4d3dcf41e19bc8e6676e86249f21f9ce"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 a929b4bfaa0111e3feb7c4dbffdbd8d8.cloudfront.net (CloudFront)
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-pop
IAD79-C1
accept-ranges
bytes
content-length
12405
x-amz-cf-id
o-hOoO5wIxcYB32YG3MF4rj6YhGAroxRhNlBv-3EphOE2T2r8QuuGQ==
jivoxWidgetApiV2.min.js
playercdn.jivox.com/1641453473/widgets/jivoxWidgetApi/gz/ Frame 30FF 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playercdn.jivox.com/1641453473/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.222.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-222-80.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 08:35:20 GMT
content-encoding
gzip
last-modified
Thu, 06 Jan 2022 07:21:49 GMT
server
AmazonS3
age
65204
etag
"efa5ea7da9ee15ce4469e3f26ecb6356"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 a929b4bfaa0111e3feb7c4dbffdbd8d8.cloudfront.net (CloudFront)
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-pop
IAD79-C1
accept-ranges
bytes
content-length
5987
x-amz-cf-id
IwUJSuFNvKx1nKkLEaBisNTa4UcskupUznaxbbCmvzB_PfrFk51whA==
pixel
cm.g.doubleclick.net/ Frame A358
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEJoMEsVcxSSoA0HceUYWH8M&google_cver=1&google_push=ARnp8GAEYAvkbVbaGomGT3gx7jTtiE1fl1lRhiudknx7y111xoKfQY0FeaaB3oaWEHRrQEXcfCzDI5umjcTw0AQWlZrwPoxb74J_
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ARnp8GAEYAvkbVbaGomGT3gx7jTtiE1fl1lRhiudknx7y111xoKfQY0FeaaB3oaWEHRrQEXcfCzDI5umjcTw0AQWlZrwPoxb74J_&google_hm=UjFCMzMwX0YxRjNC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ARnp8GAEYAvkbVbaGomGT3gx7jTtiE1fl1lRhiudknx7y111xoKfQY0FeaaB3oaWEHRrQEXcfCzDI5umjcTw0AQWlZrwPoxb74J_&google_hm=UjFCMzMwX0YxRjNCMjFEXzY3NDA3RkU2
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ARnp8GAEYAvkbVbaGomGT3gx7jTtiE1fl1lRhiudknx7y111xoKfQY0FeaaB3oaWEHRrQEXcfCzDI5umjcTw0AQWlZrwPoxb74J_&google_hm=UjFCMzMwX0YxRjNCMjFEXzY3NDA3RkU2
Date
Fri, 24 Jun 2022 02:42:02 GMT
Cache-Control
private
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
338
Strict-Transport-Security
max-age=-339025323; includeSubDomains
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame A358
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXJVa2VRQUxOR0NHSWdBbw==&google_gid=CAESEGIHkXODVBErJqrNKpmNlK4&google_cver=1&google_push=ARnp8GClY_OWTmPhbbKeWkZoUU1oQf2U_2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXJVa2VRQUxOR0NHSWdBbw==&google_gid=CAESEGIHkXODVBErJqrNKpmNlK4&google_cver=1&google_push=ARnp8GClY_OWTmPhbbKeWkZoUU1oQf2U_2C9ZoKZ1zd6Nfb5hhUQ61lKzjkMob7R6R-4f328nY8bfCj3oddkkz8i2_3RGgk1evmK_Q
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1656038523.958671,VS0,VE0
x-served-by
cache-yul12828-YUL
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXJVa2VRQUxOR0NHSWdBbw==&google_gid=CAESEGIHkXODVBErJqrNKpmNlK4&google_cver=1&google_push=ARnp8GClY_OWTmPhbbKeWkZoUU1oQf2U_2C9ZoKZ1zd6Nfb5hhUQ61lKzjkMob7R6R-4f328nY8bfCj3oddkkz8i2_3RGgk1evmK_Q
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame A358
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGdiq2IO-E-ELKJf3W31JoM&google_cver=1&google_push=ARnp8GAnUzLLD41CFGsSLavHvjzzbSDHThB1EQPaivgYk0mf8zAXoU8V_VosEJlcM5USczCIeXKIGJAzVAUNT...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGdiq2IO-E-ELKJf3W31JoM&google_push=ARnp8GAnUzLLD41CFGsSLavHvjzzbSDHThB1EQPaivgYk0mf8zAXoU8V_VosEJlcM5USczCIeXKIGJAzVAUNT...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ARnp8GAnUzLLD41CFGsSLavHvjzzbSDHThB1EQPaivgYk0mf8zAXoU8V_VosEJlcM5USczCIeXKIGJAzVAUNTRc1IgJV3MymioaBIA&google_hm=VnRucEZHXy1XeTlmNX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ARnp8GAnUzLLD41CFGsSLavHvjzzbSDHThB1EQPaivgYk0mf8zAXoU8V_VosEJlcM5USczCIeXKIGJAzVAUNTRc1IgJV3MymioaBIA&google_hm=VnRucEZHXy1XeTlmNXFZd2RjbnM=
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:03 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ARnp8GAnUzLLD41CFGsSLavHvjzzbSDHThB1EQPaivgYk0mf8zAXoU8V_VosEJlcM5USczCIeXKIGJAzVAUNTRc1IgJV3MymioaBIA&google_hm=VnRucEZHXy1XeTlmNXFZd2RjbnM=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A358
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFK7PTacZ11XBd4rrcCR9t8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrUkeQSJC6Pugzxy-maICAAABNgAAAAB&google_cver=1&google_push=ARnp8GB2Oy6rzRaU70eoIyAK594Yhb9ouonnpIL8tROOXB6XAu18APKjgfPCuiODBZW0cYNJIBBa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrUkeQSJC6Pugzxy-maICAAABNgAAAAB&google_cver=1&google_push=ARnp8GB2Oy6rzRaU70eoIyAK594Yhb9ouonnpIL8tROOXB6XAu18APKjgfPCuiODBZW0cYNJIBBa6rWADLl8Crb_uJJUROlCzd2q0A&google_gid=CAESEFK7PTacZ11XBd4rrcCR9t8
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrUkeQSJC6Pugzxy-maICAAABNgAAAAB&google_cver=1&google_push=ARnp8GB2Oy6rzRaU70eoIyAK594Yhb9ouonnpIL8tROOXB6XAu18APKjgfPCuiODBZW0cYNJIBBa6rWADLl8Crb_uJJUROlCzd2q0A&google_gid=CAESEFK7PTacZ11XBd4rrcCR9t8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
462
Expires
Fri, 24 Jun 2022 02:42:02 GMT
pixel
cm.g.doubleclick.net/ Frame A358
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHhLmU5ZJrnMy8xmlwSGeH4&google_cver=1&google_push=ARnp8GA9LxZ3iGuWV8yN30RaWOyWK6T-XAVh8gLpcIeTaM2RO-cxkiH80W-LhUDjNVnYW4LZQ-trbQSrz29lNGJrZqg7wW20XF...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM2MTIyNzc1OTc4MDk5MTM2NjgwNg%3D%3D&google_push=ARnp8GA9LxZ3iGuWV8yN30RaWOyWK6T-XAVh8gLpcIeTaM2RO-cxkiH8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM2MTIyNzc1OTc4MDk5MTM2NjgwNg%3D%3D&google_push=ARnp8GA9LxZ3iGuWV8yN30RaWOyWK6T-XAVh8gLpcIeTaM2RO-cxkiH80W-LhUDjNVnYW4LZQ-trbQSrz29lNGJrZqg7wW20XFoY7Q
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM2MTIyNzc1OTc4MDk5MTM2NjgwNg%3D%3D&google_push=ARnp8GA9LxZ3iGuWV8yN30RaWOyWK6T-XAVh8gLpcIeTaM2RO-cxkiH80W-LhUDjNVnYW4LZQ-trbQSrz29lNGJrZqg7wW20XFoY7Q
date
Fri, 24 Jun 2022 02:42:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame A358
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEA387QpprvH9er-QDeqf7gI&google_cver=1&google_push=ARnp8GDhGQBRywOJHBl4tAuxi70jP31RkUyvJSXM1ljgO-NQ9lByYUVCQtmxdSxlnIERHTBVvz7M...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=Cmr9KuSeQDmb-9ZCCMGYvA==&no_redirect=1&google_push=ARnp8GDhGQBRywOJHBl4tAuxi70jP31RkUyvJSXM1ljgO-NQ9lByYU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=Cmr9KuSeQDmb-9ZCCMGYvA==&no_redirect=1&google_push=ARnp8GDhGQBRywOJHBl4tAuxi70jP31RkUyvJSXM1ljgO-NQ9lByYUVCQtmxdSxlnIERHTBVvz7MS3rnbF2WMGfXoy3Nf7y23u6wF1k
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=Cmr9KuSeQDmb-9ZCCMGYvA==&no_redirect=1&google_push=ARnp8GDhGQBRywOJHBl4tAuxi70jP31RkUyvJSXM1ljgO-NQ9lByYUVCQtmxdSxlnIERHTBVvz7MS3rnbF2WMGfXoy3Nf7y23u6wF1k
date
Fri, 24 Jun 2022 02:42:02 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
pixel
cm.g.doubleclick.net/ Frame A358
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEIc6_8IiAqkwHIyNT_zcRgc&google_cver=1&google_push=ARnp8GD-51vRTsfuseyZumu1QqrYumhBSpgXsIiKLLbWu6PXPI0-ePzwooX5yCUc2XpxYcsUHBYdlCuo27qtWJikHLHgukI...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ARnp8GD-51vRTsfuseyZumu1QqrYumhBSpgXsIiKLLbWu6PXPI0-ePzwooX5yCUc2XpxYcsUHBYdlCuo27qtWJikHLHgukI1z5rpH9Q&google_hm=ODA0MTQ1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ARnp8GD-51vRTsfuseyZumu1QqrYumhBSpgXsIiKLLbWu6PXPI0-ePzwooX5yCUc2XpxYcsUHBYdlCuo27qtWJikHLHgukI1z5rpH9Q&google_hm=ODA0MTQ1Njc0OTcyMzIwNzQ5Mg==
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ARnp8GD-51vRTsfuseyZumu1QqrYumhBSpgXsIiKLLbWu6PXPI0-ePzwooX5yCUc2XpxYcsUHBYdlCuo27qtWJikHLHgukI1z5rpH9Q&google_hm=ODA0MTQ1Njc0OTcyMzIwNzQ5Mg==
Date
Fri, 24 Jun 2022 02:42:03 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame A358 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LtimgPV3-_wgwpdbGVJ2DMEeqeN_kwkDU932XTjREps4AVFanaXMneB0DwPIqxSKhA-Q4V3OE
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7878 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWQFdeiS1YoaaILiLoPMP1KW24AYAAAAAOAHgBAI&bg=!5Oel56PNAAZlcKWdRXA7ACkAdvg8WrNxC03zAcLzxjjGPDZty_CMnfIQd4D741FNu7CGI4GAQKY97wIAAACmUgAAAAJoAQeZAum8aktcBC4p30GCsSHCRoRciHTel3gsXw4Qy4IyNUGhNWMCGaSvEMFIyJXN9Y-r3GkDe755ckv3mVBRlulQeikmWinQZHRsoMYgStnXZHF0TH-VxHqyprh_i3N6rl7WrXMaweRjHCbq6h4gBvvHrKQd_gUl-2i6ppAVoqEvG4lJ4c5MfIl4swUmc4TDLMUtOJ3dcz7W813NsrTaTijd-MPFd5873IEPgKiZk0eYhumUb4R2i9qmXrXjq8kg29mD-WNa9e8XrrMbHD2LJBVkSEAyLr2TwUgVQxqN-m0BYBGWsW9OApAQ3_MWkBKK2RPkt4R3LkGvtXqSxoq8zEs6TKr8eb8lp5josk9OMYjJsNn8TjrBrL96IbvRdjjqpYtW7L-5Xdn63c9aAejmAZYml8zECuUntUAEiYEkOQvGBig15QuIGb19GxNRVEkHgfo0Qz8cV8IMQ_te31Osr4gJ7zJJbIulhZVoN34prDR25r-jcCy7_3SNQaJ3vMwyX7JSVsB2-OiFkgUuC7imWczs7F181TiFKm494Lg3_B_fOlY1uRXBWsz5BWaYb_6UXzIVKlyrbQQeu7sCpKxsTbIGFKwCcbxVG2IJCklpp-lmoDBe64HZwht5mqW2JzylBT4_IpS34oDawQfU90rLfWrJUc4M4IYKmylHY2YmzO6F9UfUvwceQLImF_efaKvxcug9w97QMNdljsssWVKSv3oLn02SUjXFwl5RWn_9Tm9W-BlUXHTnvIwwjrnHmUdUYcgf-9ukVVy7F-uKnt9PRSfPXEtlIo30upmeWfq8XB_cq8ij5OMIrtOUFJuKd0cg6JueL_VbtOkhIqkWJcRaEYqyeg2IQDiAkfhNA4gF3VEFp-EfanQ_1vIb2H6FO3RMJWDbWC83T_SVeIhzDhfOM_Ol9q7YhJj57Cov16PQSoaSGpv5z6HCB7z5rUkMBLoLnzc-Hf2epTqL-oopDcXwUC_LzgsFe1RS_4gt8QUw
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 1B6A 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=937172&asId=3059e981-e3b7-5a33-6948-e4a8d475c020&tv=%7Bc:gq4fxl,pingTime:-10,time:464,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuNTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000020000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1656038523086%7C%7Ce6e98dbb98a5814ab7fadd9c740f2aa8%7C%7C8203953bb098b7ae8a102827ac834317%7C%7C0098d531dd02ae4cdd47bf21cc842268%7C%7Cbe5161e99b3b6fe876e374829ec6312b%7C%7Caa1e6d13e224e656783c09f4e9ea4a43%7C%7C9bfc15034f3fab1f0ead39038c0baa60%7C%7Cbb2c482ee6b73b0159563d7bbbe5e856%7C%7C1629390669%7D
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:03 GMT
X-Server-Name
dt45.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
index.html
assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/ Frame 30FF 		26 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/index.html?externalWg=1&adUnitType=29&campaignId=159291&base=1&creativeUnitType=29&adUnitId=2900&isDynamic=1&objectName=jvx_62b5247abe6cd&clickThroughURL=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3Dhttps%253A%252F%252Fwww.t-mobile.com%252F&serverURL=https://as.jivox.com&placementId=fZjNz9&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3Dhttps%253A%252F%252Fwww.t-mobile.com%252F&reportingURL=https://evs.jivox.com&jvxSessionId=1656038522.4901&siteId=361255049d11e6&isCampaign=1&es_pId=fZjNz9&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&jvxUUId=t9DGSewUTmt8&es_cgName=CM1%3ATMO_Postpaid_X_TS_2520967_22SG22ALMX_EGS_Free_v1_GS22AALMax_Samsung_EL_DIS-RM_HTML_X_X_X_CM-CRTV-002%3A970x250&es_segName=2520967_Free+SamsungGS22+wAAL+on+Max+-+EGS&assetID=asset134&isMobile=&externalStartEventId=11900
Requested by
Host: playercdn.jivox.com
URL: https://playercdn.jivox.com/1641453473/unit/js/gz/jquery-2.1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-100.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0633c49d241ff7631b803b1ff99d2ebca713d7f01e70fc70c49702bda7945f6d

Request headers

Accept
*/*
Referer
https://as.jivox.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:54:51 GMT
content-encoding
br
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
56833
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 16 Jun 2022 10:52:50 GMT
server
AmazonS3
etag
W/"9390f296c8844b778cab830e72620689"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
via
1.1 48b970169016f7185b7cff9e185ee0b2.cloudfront.net (CloudFront)
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-pop
IAD50-C2
x-amz-cf-id
4Jsgf7xW0IVImaIMHDIKXvEZinAYUKwdlN28sSdlgNzSstFoD-ddfA==
es_encParams_L2FwX0RhdGFTaWduYWwxPTE1NDQ3Njg2MTQxL2FwX0RhdGFTaWduYWwyPUFEMUV6UlFBQUFCb0NtQUtEQWdBRlFBQUFBQWRBQUFBQUJJTUNBQVZBQUFBQUIwQUFBQUFJaE1JX2ZlRHhqbW9BcWYxN0pnQ3NBTEVybzhNUUFIU0Fpb1lBQ0lUQ09l...
evs.jivox.com/trk/72/159291/361255049d11e6/29/jvxSId_1656038522.4901/es_pId_fZjNz9/ Frame 1B6A 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evs.jivox.com/trk/72/159291/361255049d11e6/29/jvxSId_1656038522.4901/es_pId_fZjNz9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE1NDQ3Njg2MTQxL2FwX0RhdGFTaWduYWwyPUFEMUV6UlFBQUFCb0NtQUtEQWdBRlFBQUFBQWRBQUFBQUJJTUNBQVZBQUFBQUIwQUFBQUFJaE1JX2ZlRHhqbW9BcWYxN0pnQ3NBTEVybzhNUUFIU0Fpb1lBQ0lUQ09lYXZaNkl4ZmdDRlNOQXdRb2RMZkVOQmlnQk1BRTQyYjJzd29vUVFBSklBVmlaZ1NBUW1QcWp6QUY1WEhJanJ5blV0dFBvNE9vWnc2dmcvZXNfZXQ9MC9qdnhSYW5kb209MC43NTgwMjE1MTQwNDcwODMvZXNfY2dOYW1lPUNNMSUzQVRNT19Qb3N0cGFpZF9YX1RTXzI1MjA5NjdfMjJTRzIyQUxNWF9FR1NfRnJlZV92MV9HUzIyQUFMTWF4X1NhbXN1bmdfRUxfRElTLVJNX0hUTUxfWF9YX1hfQ00tQ1JUVi0wMDIlM0E5NzB4MjUwL2VzX3NlZ05hbWU9MjUyMDk2N19GcmVlK1NhbXN1bmdHUzIyK3dBQUwrb24rTWF4Ky0rRUdT
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.154.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-154-195.compute-1.amazonaws.com
Software
akka-http/10.1.11 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Jun 2022 02:42:03 GMT
access-control-allow-credentials
false
server
akka-http/10.1.11
content-type
image/gif
content-length
43
p3p
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
es_encParams_L2FwX0RhdGFTaWduYWwxPTE1NDQ3Njg2MTQxL2FwX0RhdGFTaWduYWwyPUFEMUV6UlFBQUFCb0NtQUtEQWdBRlFBQUFBQWRBQUFBQUJJTUNBQVZBQUFBQUIwQUFBQUFJaE1JX2ZlRHhqbW9BcWYxN0pnQ3NBTEVybzhNUUFIU0Fpb1lBQ0lUQ09l...
evs.jivox.com/trk/66/159291/361255049d11e6/29/jvxSId_1656038522.4901/es_pId_fZjNz9/ Frame 30FF 		43 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evs.jivox.com/trk/66/159291/361255049d11e6/29/jvxSId_1656038522.4901/es_pId_fZjNz9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE1NDQ3Njg2MTQxL2FwX0RhdGFTaWduYWwyPUFEMUV6UlFBQUFCb0NtQUtEQWdBRlFBQUFBQWRBQUFBQUJJTUNBQVZBQUFBQUIwQUFBQUFJaE1JX2ZlRHhqbW9BcWYxN0pnQ3NBTEVybzhNUUFIU0Fpb1lBQ0lUQ09lYXZaNkl4ZmdDRlNOQXdRb2RMZkVOQmlnQk1BRTQyYjJzd29vUVFBSklBVmlaZ1NBUW1QcWp6QUY1WEhJanJ5blV0dFBvNE9vWnc2dmcvcj0wLjUzNjI2NTQxNjA2MjQ4NDUvZXNfZXQ9MS9lc19jZ05hbWU9Q00xJTNBVE1PX1Bvc3RwYWlkX1hfVFNfMjUyMDk2N18yMlNHMjJBTE1YX0VHU19GcmVlX3YxX0dTMjJBQUxNYXhfU2Ftc3VuZ19FTF9ESVMtUk1fSFRNTF9YX1hfWF9DTS1DUlRWLTAwMiUzQTk3MHgyNTAvZXNfc2VnTmFtZT0yNTIwOTY3X0ZyZWUrU2Ftc3VuZ0dTMjIrd0FBTCtvbitNYXgrLStFR1M=
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.154.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-154-195.compute-1.amazonaws.com
Software
akka-http/10.1.11 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Jun 2022 02:42:03 GMT
access-control-allow-credentials
false
server
akka-http/10.1.11
content-type
image/gif
content-length
43
p3p
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
es_encParams_L2FwX0RhdGFTaWduYWwxPTE1NDQ3Njg2MTQxL2FwX0RhdGFTaWduYWwyPUFEMUV6UlFBQUFCb0NtQUtEQWdBRlFBQUFBQWRBQUFBQUJJTUNBQVZBQUFBQUIwQUFBQUFJaE1JX2ZlRHhqbW9BcWYxN0pnQ3NBTEVybzhNUUFIU0Fpb1lBQ0lUQ09l...
evs.jivox.com/trk/60/159291/361255049d11e6/29/jvxSId_1656038522.4901/es_pId_fZjNz9/ Frame 30FF 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evs.jivox.com/trk/60/159291/361255049d11e6/29/jvxSId_1656038522.4901/es_pId_fZjNz9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE1NDQ3Njg2MTQxL2FwX0RhdGFTaWduYWwyPUFEMUV6UlFBQUFCb0NtQUtEQWdBRlFBQUFBQWRBQUFBQUJJTUNBQVZBQUFBQUIwQUFBQUFJaE1JX2ZlRHhqbW9BcWYxN0pnQ3NBTEVybzhNUUFIU0Fpb1lBQ0lUQ09lYXZaNkl4ZmdDRlNOQXdRb2RMZkVOQmlnQk1BRTQyYjJzd29vUVFBSklBVmlaZ1NBUW1QcWp6QUY1WEhJanJ5blV0dFBvNE9vWnc2dmcvcj0wLjAwNjg3MTkyMTc3NDg5NjQ4My9jX2R2MzYwX3NvdXJjZXVybD1odHRwcyUzQSUyRiUyRnd3dy50aGVvbmlvbi5jb20lMkYvY2xpY2tNYWNybz1odHRwcyUzQSUyRiUyRmdvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldCUyRmRibSUyRmNsayUzRnNhJTNETCUyNmFpJTNEQ001ZVhlU1MxWXFmNkg2T0FoUWF0NHJjd2xwbmt1R3JadmF6Q2loQ1c3THFOdGlnUUFTQ0l6WTRlWU1tbWxZandvLXdTb0FIbDlfei9jYWNoZU1hY3JvPTE2NTYwMzg1MjE1MjM1NTkvcGFnZVVybD1odHRwcyUzQSUyRiUyRmVhN2M5Y2RiMzhjMDlkMjRmMTk4ZjExMWUwMmZlYTc4LnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20lMkZzYWZlZnJhbWUlMkYxLTAtMzglMkZodG1sJTJGY29udGFpbmVyLmh0bWwvZXNfY2dOYW1lPUNNMSUzQVRNT19Qb3N0cGFpZF9YX1RTXzI1MjA5NjdfMjJTRzIyQUxNWF9FR1NfRnJlZV92MV9HUzIyQUFMTWF4X1NhbXN1bmdfRUxfRElTLVJNX0hUTUxfWF9YX1hfQ00tQ1JUVi0wMDIlM0E5NzB4MjUwL2VzX3NlZ05hbWU9MjUyMDk2N19GcmVlK1NhbXN1bmdHUzIyK3dBQUwrb24rTWF4Ky0rRUdT
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.154.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-154-195.compute-1.amazonaws.com
Software
akka-http/10.1.11 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Jun 2022 02:42:03 GMT
access-control-allow-credentials
false
server
akka-http/10.1.11
content-type
image/gif
content-length
43
p3p
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
reloadCampaigns.js
api.bounceexchange.com/bounce/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=1050&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYBWQgBgGYAOYgJgv2Is2AC8QozMB3AUwCMcqYLwD6qACZQKhACzFMAJ144QAGzhoMBcmQAe+WmS7KYvRcsVRsAQzVrUCAOai4itVAAWwYAAccAKQUAIIBtABiYeHcMQB0wJ68GOgIsUggALZRQeGiTjZBACK0sQDsFLJUtKWysfiytPJEZMQAnHUkxDW0rVSEALRENFRUpcTEHeOVxrRUYXRkAAqK6CvAAJ7zRvj4mABuqELAoukgANaovFABpQBCYbRqvg9BobS03n6BtExvdJE-CIxbjxRLJDBpTJbAFMXL5eYUYplCpVGp1BpNchtSZdBq9AZDYgjMYTIhTKgzOaAhbLVbCTbU7b4F60ADCD0ULxCLNoN0K2BA50u1zuDxge2AXOCZPI1DozLZDwOEilMsoNFohkYhAovMV7xsIClZDC7PeTylD0+-gRfwi0OBoKSCBSkKygJhFDhBR+iJK5Uq1Vq9UaxGa2LJuJ6fUGhGGo3GOOmZFmYVutJAawZtx2LLNtBs315IRN+toe18e1VpoeKver1reY5lvrrfzSAlqpIso1CvzQjrxelNfeTiQnPrIVkI9o7qHpfzEkkLdoOtaDFkDFKPzjpVKrVkpSpevzak7k+l3fV8pnEic4VQihwwAAMiAbIPXsBFHBeDPPDYigSAAkoUK60LcZAALKLHcqD8BQpQAOIAHIAKoAEoACqsEhhAYb4ACOOBocEFAAOpNu8qgwMAoHgZBMERAAErQZxkMEABqagAMoAJoABrhAA0twnisHoZwAFovosLylPyeyATgADaEgwL4oiKPwaggEgZwALpQAgIDHMoH7rAKQpiKAICiGogFOFcMB2DgvCYPwvicJgvB+FAKkGZgvjAHgAoZL4Dg2MgYgwA5TjWOpvgBVAbT0GMmpUK0+wAd5laSAQShqBsvhXIlWk6XpZyFQgNgZFcSkrDYOnuQBQHiFIEHQbBtzwYhqGYTheEEcRpEUZgNHHPlnVMeErHsVxvGCSJYkSdJslAA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
8ccfa1665927100d8ff8a0377c8e70b2d6c77a9731344ace8208ba48509f76e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
content-encoding
gzip
last-modified
Fri, 24 Jun 2022 02:42:03 GMT
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
12
content-type
text/javascript;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
0
reloadcampaigns
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHmAGbIA+sAYQ4Aa149WAZgCCMrBBKiQsAJ4yOAEQBkoSLAQp02fFiQhmVGvUaHw0eElSZceEpuQ3BIsUgpfUQIGBsABn0AdxA6HDQSEDQYZjkANgAWAFZ9CjQEkhTmAEZ07PSIuQAObJ4S+oq5Hn1w-Lhk1PS5AE45Esz+9h4K6vZ2Hsz2av1UDBB8kGjikv0cEABHQhAsDuKWuDA0HZIixCYSN1Lyypq6-uzM-UPjrEvkNAoQYASILGZLhg5K0FmgOswYGsIIRgODYnR9FB5m9mMRvlCBGp9pwIgBZAAKPAAYgAJHiSCIKABqYAAygBNAAaRIA0tEABYALwAHpIAFoAGXx+nZ1BgwmxePxXDQdDk7AA4gA5ACqACUACqchXpNXIDY4FUKOQAdSAA
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 1B6A 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=937172&asId=3059e981-e3b7-5a33-6948-e4a8d475c020&tv=%7Bc:gq4fyY,time:565,type:e,im:%7Bpci:%7Btdr:509%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:565,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B558~0%5D,as:%5B558~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:42,fm:t9DGSbZ+11%7C12%7C1311%7C131211%7C131212%7C1313%7C1314%7C1315%7C1316%7C1317%7C1318%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C159%7C15a%7C15b%7C15c%7C15d%7C15e%7C16%7C17%7C18*.937172-63662186%7C181,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
URL: https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:03 GMT
X-Server-Name
dt45.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
checksync.php
hbx.media.net/ Frame 4A50 		31 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=3018%2C3017%2C201%2C3%2C229%2C23%2C96%2C97%2C3012%2C147%2C178%2C175%2C2027%2C3016%2C203%2C226%2C29%2C117%2C77%2C145%2C106%2C132%2C236%2C2025%2C3007%2C2030%2C251%2C159%2C339%2C141%2C222%2C228%2C108%2C2034%2C59%2C172%2C220%2C246%2C126%2C326%2C2026&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=www.theonion.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
be365686b6806f5d99352bbc34dfd5dd25db8060c8061a27d07955876a32dba4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
10675
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 02:42:03 GMT
expires
Sun, 26 Jun 2022 02:42:03 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022062201&st=env
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf813a5aec2150af513f7b845e176a7ba48ffce729ca830a2e3d0729562765ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 02:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10659
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 16E7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
fb86633ecb74692134067335cb70dd9fd869f3108a4863588433fdc9e6db2e4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 02:42:02 GMT
server-processing-duration-in-ticks
1866
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
index.css
assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/ Frame FCD4 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/index.css
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-100.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c347576707c3ced59ecd466e54efc82ef26630eb9c4672cd2c26e577b914dc26

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:54:51 GMT
content-encoding
br
last-modified
Thu, 16 Jun 2022 10:52:50 GMT
server
AmazonS3
age
56833
etag
W/"6eb0365781c1dce2c70c17a6391140b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 07b0e28d0c589c8a26610bbc5dcd660a.cloudfront.net (CloudFront)
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-pop
IAD50-C2
x-amz-cf-id
FxyG30ndHtRzMtfg5xHhFbGTNwmGzSTkv0lg-bGiJNPsv2EUmfAjkQ==
jivoxWidgetApiV2.js
cdn-as.jivox.com/widgets/jivoxWidgetApi/ Frame FCD4 		44 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-as.jivox.com/widgets/jivoxWidgetApi/jivoxWidgetApiV2.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.103.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-103-191.iad79.r.cloudfront.net
Software
Apache /
Resource Hash
005b726c70c365b5d60379d98a24232fbcd74703605b34551575b77f3dd1d704

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 07:04:30 GMT
content-encoding
gzip
last-modified
Tue, 21 Jun 2022 09:55:06 GMT
server
Apache
age
70653
etag
"af12-5e1f237185e18-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via
1.1 b005949014b117aed39cd14f2e31cfb8.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C2
accept-ranges
bytes
content-type
application/javascript
content-length
8732
x-amz-cf-id
Jrp7lsgECUkQT44YCi8WaVvi0RSxJQqKyumRQooqAzPZ35pt6pPIAg==
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame FCD4 		113 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Jun 2022 02:42:03 GMT
failSafe.png
assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/assets/ Frame FCD4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/assets/failSafe.png
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-100.iad50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
cd7ef1344c39be1d57da91ea1fb5f5e69be37512d670242dec44a91e28bacf44
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:54:14 GMT
via
1.1 07b0e28d0c589c8a26610bbc5dcd660a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
661669
x-cache
Hit from cloudfront
content-disposition
inline; filename="failSafe.webp"
content-length
2508
x-request-id
6930a662b8ea94d177b99a64715163c3
last-modified
Thu, 16 Jun 2022 10:53:17 GMT
server
Cloudinary
etag
"55b2dfc91606fc65ff13d00d5ca42c82"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
x-amz-cf-pop
IAD50-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
-LXRy6N26zyp0bBWzAqFXi-RpQLDB905JWFYy26NXbka9gbZ3KRY7Q==
t_logo.png
assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/assets/ Frame FCD4 		406 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/assets/t_logo.png
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-100.iad50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
6cad8f307be75a8f9c12ade1f85e54fe0892e6c397f1119b79a6a4db76c5751a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:54:14 GMT
via
1.1 07b0e28d0c589c8a26610bbc5dcd660a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
661669
x-cache
Hit from cloudfront
content-disposition
inline; filename="t_logo.webp"
server-timing
fastly;dur=2;cpu=0;start=2022-06-16T10:54:14.907Z;desc=hit,rtt;dur=1
content-length
406
x-request-id
3591741a64560a10faaef65e9edd6871
last-modified
Thu, 16 Jun 2022 10:53:17 GMT
server
Cloudinary
etag
"5ce720ad8c2211c0e4c5bdb4c3a832f2"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
x-amz-cf-pop
IAD50-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
vyu_Fe4aHWBGVaK5hX77SR9O3QKXzPv859AJ1kX7uic8-Wn23wWdAg==
t-mobile_logo.png
assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/assets/ Frame FCD4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/assets/t-mobile_logo.png
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-100.iad50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
8c55d5d2a5bfb0e75629cedc6020ac57678d386ea8e6e0c4655a1efe5f693f28
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:54:15 GMT
via
1.1 07b0e28d0c589c8a26610bbc5dcd660a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
661668
x-cache
Hit from cloudfront
content-disposition
inline; filename="t-mobile_logo.webp"
content-length
1740
x-request-id
7ec96f6c817aaea633d43bead6e91a6b
last-modified
Thu, 16 Jun 2022 10:53:17 GMT
server
Cloudinary
etag
"11cee57516844affa66ed558babe10fe"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
x-amz-cf-pop
IAD50-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
kkaIGurAU2CKlcr9EGl1OdWVuQ32LDwNKLC3V-J0qnFK-kG_iyja7Q==
RO-arrow.png
assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/assets/ Frame FCD4 		208 B
899 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/assets/RO-arrow.png
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-100.iad50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
de07b0598813f5f5e306457369142146784ba2bd3955ebe0a03e7405bb2365cb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:54:15 GMT
via
1.1 07b0e28d0c589c8a26610bbc5dcd660a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
661668
x-cache
Hit from cloudfront
content-disposition
inline; filename="RO-arrow.webp"
server-timing
fastly;dur=1;cpu=0;start=2022-06-16T10:54:15.332Z;desc=hit,rtt;dur=1
content-length
208
x-request-id
9dfd6b36f086ddf475874800a7be3d88
last-modified
Thu, 16 Jun 2022 10:53:17 GMT
server
Cloudinary
etag
"f3fb6085ecd49ee00a759ddfaae5a270"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
x-amz-cf-pop
IAD50-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
aJmEizA7CM_6RwuaqZd4DsqNBY6YYCLDR04NwFpYQzP7WaeTgSqO4Q==
animation.js
assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/ Frame FCD4 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/animation.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-100.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ca5cbfb2f8ef9ce4418ad8914ac5fa3b736b38cdb71a7d7b1d38a090bf59ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:54:51 GMT
content-encoding
br
last-modified
Thu, 16 Jun 2022 10:52:51 GMT
server
AmazonS3
age
56833
etag
W/"4da2ffad86503e488f98b7864faf6b9f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 07b0e28d0c589c8a26610bbc5dcd660a.cloudfront.net (CloudFront)
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-pop
IAD50-C2
x-amz-cf-id
dFpW0NsJfT1K5KIYgl9OQTcaMO_FvtltJMZn7zAbRF4WMJ0xtHQolQ==
ScrollToPlugin.min.js
assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/assets/ Frame FCD4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/assets/ScrollToPlugin.min.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-100.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54a2bddadbedd2518cc2b1b523defd088477fc3cf65213d4fb6103fa05f129cc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:54:51 GMT
content-encoding
br
last-modified
Thu, 16 Jun 2022 10:52:50 GMT
server
AmazonS3
age
56833
etag
W/"101496bacf1c70c26a8d967108ebeafb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 07b0e28d0c589c8a26610bbc5dcd660a.cloudfront.net (CloudFront)
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-pop
IAD50-C2
x-amz-cf-id
kLa8CHi7CVPRxv9kbvBUBmdDCDlWbHdPppB88ukwbV5q6MxdG3vbJA==
sid
mug.criteo.com/ Frame 16E7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=D0bJznxNUEYxRXRvYTZXbGQrR3FvWU40c25NdG9WMldsVHhPeENaNkwvOTJndVZuemN3ejdzK1VIdWFDM2JiNEtobEg4aUppODh0MEtyakhHdy9NQUJqcFlHUmJlMEJRV0ZSRm81WlA1ZkpxMnJQT2hMME1vcHA2aytMZk...
435 B
631 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=D0bJznxNUEYxRXRvYTZXbGQrR3FvWU40c25NdG9WMldsVHhPeENaNkwvOTJndVZuemN3ejdzK1VIdWFDM2JiNEtobEg4aUppODh0MEtyakhHdy9NQUJqcFlHUmJlMEJRV0ZSRm81WlA1ZkpxMnJQT2hMME1vcHA2aytMZkhzOHVQaGI3dlJKaTNMVGlkNkVEUWRSVjZ5YjBOUzI3bjN6RE9jYUNJc0JoSnBjOGxEQ2ZYcHNpRFVKR1U4VUw0L0E5Z0hDMG9hWHJVemxqbHBRekNUTVpCeUtWbXdqS2JyQlQwYTRDb0RPSURCZmhIMm9Jb1lXVVZldGhpdHRCT24zdCtGc0xVRXRLWDYrL090UTBuWEt2UEVVb3o4QT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
13ae7d8d4406fcf533fe119dbefc049b680954e2229df6bfb3f9208435fd7cac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:02 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5008
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=D0bJznxNUEYxRXRvYTZXbGQrR3FvWU40c25NdG9WMldsVHhPeENaNkwvOTJndVZuemN3ejdzK1VIdWFDM2JiNEtobEg4aUppODh0MEtyakhHdy9NQUJqcFlHUmJlMEJRV0ZSRm81WlA1ZkpxMnJQT2hMME1vcHA2aytMZkhzOHVQaGI3dlJKaTNMVGlkNkVEUWRSVjZ5YjBOUzI3bjN6RE9jYUNJc0JoSnBjOGxEQ2ZYcHNpRFVKR1U4VUw0L0E5Z0hDMG9hWHJVemxqbHBRekNUTVpCeUtWbXdqS2JyQlQwYTRDb0RPSURCZmhIMm9Jb1lXVVZldGhpdHRCT24zdCtGc0xVRXRLWDYrL090UTBuWEt2UEVVb3o4QT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1571
content-length
541
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Jun 2022 02:42:03 GMT
TeleNeoWeb-ExtraBold.woff
assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/fonts/ Frame FCD4 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/fonts/TeleNeoWeb-ExtraBold.woff
Requested by
Host: assets.jivox.com
URL: https://assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-100.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99f6e84fd28977cf53aefadb395effc75c1c1a9d66316b4ef1e208074d43b008

Request headers

Referer
https://assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/index.css
Origin
https://as.jivox.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 11:06:36 GMT
via
1.1 48b970169016f7185b7cff9e185ee0b2.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
56128
x-cache
Hit from cloudfront
content-length
62244
last-modified
Thu, 16 Jun 2022 10:52:50 GMT
server
AmazonS3
etag
"d6867e9d4635987523d78be92ac44557"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-pop
IAD50-C2
accept-ranges
bytes
x-amz-cf-id
XTdy-5PmnkWABQi9wO2DXHRYiMhWiN56R_FDGOdzQfa3hTUFv9UhKw==
TeleNeoWeb-Medium.woff
assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/fonts/ Frame FCD4 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.jivox.com/assets/widgets/2022/6/a57332z62ab0b80dbb06/1/CM1_970x250/fonts/TeleNeoWeb-Medium.woff
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-100.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdab249eb2ebb19b28d1799a3395332f8158f92bb2ac2003c2651c7762a3e6cb

Request headers

Referer
https://as.jivox.com/
Origin
https://as.jivox.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 11:06:36 GMT
via
1.1 48b970169016f7185b7cff9e185ee0b2.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
56128
x-cache
Hit from cloudfront
content-length
62596
last-modified
Thu, 16 Jun 2022 10:52:50 GMT
server
AmazonS3
etag
"11e9806f278ffa7a3085695415c4737d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-pop
IAD50-C2
accept-ranges
bytes
x-amz-cf-id
s_06vGI-GlSnbKSlgfLla_WvIdHfCumTRpy-6b_ZuHbdlqDassKaUA==
F2%20970x250.png
cdn.jivox.com/files/57332/EL/2520967/970x250/ Frame FCD4 		997 KB
999 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jivox.com/files/57332/EL/2520967/970x250/F2%20970x250.png
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.222.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-222-80.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
366d0ca7a7f95f1a99b1722276601747fa14752e174f4a377767b20c17a42eca

Request headers

Referer
https://as.jivox.com/
Origin
https://as.jivox.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:31:24 GMT
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
58240
x-cache
Hit from cloudfront
content-length
1021433
last-modified
Mon, 30 May 2022 04:45:16 GMT
server
AmazonS3
etag
"d76d1531a641227d372d9420cac5b6a9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://as.jivox.com
access-control-expose-headers
Content-Range
cache-control
max-age=86400, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-pop
IAD79-C1
accept-ranges
bytes
x-amz-cf-id
ekQk5J7_TVUM04IHJgul22qaE6YG9LS58_6xTrFn5ol9RH-eV4d1QA==
F3%20970x250%20EL.png
cdn.jivox.com/files/57332/EL/2520967/970x250/ Frame FCD4 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jivox.com/files/57332/EL/2520967/970x250/F3%20970x250%20EL.png
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.222.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-222-80.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e1e505eb5a57e86177114498d793a00952d85c55ce7f0282afa17af9109b649f

Request headers

Referer
https://as.jivox.com/
Origin
https://as.jivox.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 09:05:33 GMT
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
63391
x-cache
Hit from cloudfront
content-length
155522
last-modified
Mon, 30 May 2022 04:45:16 GMT
server
AmazonS3
etag
"5283d6893a38d6bbb8153ae4e07ea1da"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://as.jivox.com
access-control-expose-headers
Content-Range
cache-control
max-age=86400, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-pop
IAD79-C1
accept-ranges
bytes
x-amz-cf-id
6VzKd2aBIOaFDtZNWjLlSIJOjyYM2bGP_p_RadS35nQVoU_FcoKSCA==
blank.png
cdn.jivox.com/files/57332/ Frame FCD4 		95 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jivox.com/files/57332/blank.png
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.222.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-222-80.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c93530e469af3e79ceb1e629370e04da374aa0629e92a6fa4c645246474f233b

Request headers

Referer
https://as.jivox.com/
Origin
https://as.jivox.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:01:10 GMT
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
85254
x-cache
Hit from cloudfront
content-length
95
last-modified
Wed, 10 Jun 2020 12:02:44 GMT
server
AmazonS3
etag
"b5291f47056c5f82567e199f02d63717"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://as.jivox.com
access-control-expose-headers
Content-Range
cache-control
max-age=86400, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-pop
IAD79-C1
accept-ranges
bytes
x-amz-cf-id
-ZnClCk8XRCQdOxaIIDwBWJqmP0AICQG22lhHXqujRaE28-OPAK-tQ==
EF%20970x250.png
cdn.jivox.com/files/57332/EL/2520967/970x250/ Frame FCD4 		997 KB
999 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jivox.com/files/57332/EL/2520967/970x250/EF%20970x250.png
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?creativeUnitType=29&bDim=970x250&bUnitId=2900&siteId=361255049d11e6&campaignId=159291&es_pId=fZjNz9&isDynamic=1&ap_DataSignal1=15447686141&ap_DataSignal2=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_feDxjmoAqf17JgCsALEro8MQAHSAioYACITCOeavZ6IxfgCFSNAwQodLfENBigBMAE42b2swooQQAJIAViZgSAQmPqjzAF5XHIjrynUttPo4OoZw6vg&us_privacy=%24%7BUS_PRIVACY%7D&gdpr=&gdpr_consent=&jvxVer=2&c_dv360_sourceurl=https%3A%2F%2Fwww.theonion.com%2F&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM5eXeSS1Yqf6H6OAhQat4rcwlpnkuGrZvazCihCW7LqNtigQASCIzY4eYMmmlYjwo-wSoAHl9_ztAcgBCagDAaoEmQJP0DM9_EN2GUxH-gLMKzCBekwp6YUun4XB44b0gmTdsbozdZWWFc5L_URgWL1e68pVq2gOP7jQL4BEyB-aPrsv9FxK_51_C-sfYn_KbY2JwjnFco5wUK4Grkjjvt22u5oWestbDfoS482cDSJ-Gl6UtW8SLfJo1P0u1MDN4mAn9oC7b_AMkX1hbdNsShjrvuoT_Zhi4bkpnC4-TCRhEO833w-hMZO-z-2PfUjh49CJsBOTDCcOlGCqPHpnPjXNshGDC7GBRPOlhrH3HjOX4W2NNYbRrYqHen4uabCXHHOAOc7VDUGfdabLeRxNSBwQX4oo7j7IQZXZu3v2pysOLkKEqB9t9gQWl-RJ44VeFULqdS5EtdlNI0vBQcAEn9344-AD4AQDkAYBoAZNgAeDiIOSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbAT4Mi4D9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME%26sig%3DAOD64_2tV5hPgjYaAKj9m7-5ZMJy94ZdRA%26client%3Dca-pub-9268440883448925%26dbm_c%3DAKAmf-BPfRsENtoweLZv4FRCc9fo3qtiYmkaCZwLTnn1__h7KJdpRkQcBq77xFruC0ONRE_d6tpi3El-5mWeB3ayoIR63IYgQe1IoDLs6g4QcHSuRGpj8skUGgEtABgDUU8Vl_lwHh6sToeT3JVYARX8WtF8AaM_Dg%26cry%3D1%26dbm_d%3DAKAmf-Anuj3GRgoopY9w_kf0sOtM4GdL0i0WyfiQjfJG3CqrmAiHg04JIIvsq6ref9lFXr8zXCUyt_wRsbIW7t3xbu0Uf7o3csQm3EbcPl6mzqzVM_FCvr3JJhuH7jLdwj-GRwtnE6P6gb7G2LiaCt_vEU-07CLsEj4hlzbME1pumEYQt1XK4ewcUNXSbGeraOmRWMima1rb0e7_YhWCnv_Iq3eijy5whpoiALQjr_ncpCNKujOxLCyIh2u-sADgAmGIAMbw3CGZboWNJ964skhP4z39aQLelWyO_Xgbbhlm9WCAdS63L-UJhK1WnjbnYnbZ0GbSjVp1VeXaGWYrP73V5hIO_AByYGlqKhPPRMtetgmVeISRDQcEDe4RzZFztDMUAD2rddAuyde_MhEWFVOz5qN6Csm_gyVcQ2nbX-G6Or0xhyWNJ2knj2ZbLIZxscn1td0CFsyBY2fUDpI2yZ4dJSkRBl_jF4netKs_gp3vHq43VllN45U%26adurl%3D&r=1656038521523559&objectName=jvx_62b5247abe6cd&adUnitId=2900&jvxSessionId=1656038522.4901&base=1&creativeResolveBeginTime=1656038522000&localTimeOffset=0&pageURL=https%3A%2F%2Fea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.222.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-222-80.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
366d0ca7a7f95f1a99b1722276601747fa14752e174f4a377767b20c17a42eca

Request headers

Referer
https://as.jivox.com/
Origin
https://as.jivox.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:00:23 GMT
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
85301
x-cache
Hit from cloudfront
content-length
1021433
last-modified
Mon, 30 May 2022 04:45:16 GMT
server
AmazonS3
etag
"d76d1531a641227d372d9420cac5b6a9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://as.jivox.com
access-control-expose-headers
Content-Range
cache-control
max-age=86400, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-pop
IAD79-C1
accept-ranges
bytes
x-amz-cf-id
GNZZAOCRYHVfXrklLdzy7WP52S65maBpbaw7sqF0HMcdyz9D68v3Ng==
usync.html
eus.rubiconproject.com/ Frame 1202
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=3018%2C3017%2C201%2C3%2C229%2C23%2C96%2C97%2C3012%2C147%2C178%2C175%2C2027%2C3016%2C203%2C226%2C29%2C117%2C77%2C145%2C106%2C132%2C236%2C2025%2C3007%2C2030%2C251%2C159%2C339%2C141%2C222%2C228%2C108%2C2034%2C59%2C172%2C220%2C246%2C126%2C326%2C2026&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hbx.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 24 Jun 2022 02:42:03 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 24 Jun 2022 02:42:03 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A55F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Dpba%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3DPM_UID
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=3018%2C3017%2C201%2C3%2C229%2C23%2C96%2C97%2C3012%2C147%2C178%2C175%2C2027%2C3016%2C203%2C226%2C29%2C117%2C77%2C145%2C106%2C132%2C236%2C2025%2C3007%2C2030%2C251%2C159%2C339%2C141%2C222%2C228%2C108%2C2034%2C59%2C172%2C220%2C246%2C126%2C326%2C2026&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.132.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://hbx.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=53141
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 02:42:03 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 24 Jun 2022 17:27:44 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 4A50
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://widget.us.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5a6aa517-4a2e-4510-942b-60d59c9c26e1
45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5a6aa517-4a2e-4510-942b-60d59c9c26e1
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=3018%2C3017%2C201%2C3%2C229%2C23%2C96%2C97%2C3012%2C147%2C178%2C175%2C2027%2C3016%2C203%2C226%2C29%2C117%2C77%2C145%2C106%2C132%2C236%2C2025%2C3007%2C2030%2C251%2C159%2C339%2C141%2C222%2C228%2C108%2C2034%2C59%2C172%2C220%2C246%2C126%2C326%2C2026&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 24 Jun 2022 02:42:03 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 24 Jun 2022 02:42:03 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5a6aa517-4a2e-4510-942b-60d59c9c26e1
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2515528
content-length
0
expires
Fri, 24 Jun 2022 00:00:00 GMT
cksync.php
hbx.media.net/ Frame 4A50
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Dapx%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3D%24UID
  • https://hbx.media.net/cksync.php?cs=1&vsid=2990401231455503000V10&type=apx&refUrl=&vid=60385234032990401231455503000V10&ovsid=780750410301151874
45 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbx.media.net/cksync.php?cs=1&vsid=2990401231455503000V10&type=apx&refUrl=&vid=60385234032990401231455503000V10&ovsid=780750410301151874
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=3018%2C3017%2C201%2C3%2C229%2C23%2C96%2C97%2C3012%2C147%2C178%2C175%2C2027%2C3016%2C203%2C226%2C29%2C117%2C77%2C145%2C106%2C132%2C236%2C2025%2C3007%2C2030%2C251%2C159%2C339%2C141%2C222%2C228%2C108%2C2034%2C59%2C172%2C220%2C246%2C126%2C326%2C2026&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 24 Jun 2022 02:42:03 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 24 Jun 2022 02:42:03 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:03 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
95453cba-99f7-4d03-848d-5d24329ba1b2
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://hbx.media.net/cksync.php?cs=1&vsid=2990401231455503000V10&type=apx&refUrl=&vid=60385234032990401231455503000V10&ovsid=780750410301151874
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 4A50
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=ecba0b5f-e39d-49d2-9913-8b700ad86555&google_hm=ZWNiYTBiNWYtZTM5ZC00OWQyLTk5MTMtOGI3MDBhZDg2NTU1
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFxohwKUYmQtPXMcgFnOymA&google_cver=1&ssp=medianet&bsw_param=ecba0b5f-e39d-49d2-9913-8b700ad86555
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ecba0b5f-e39d-49d2-9913-8b700ad86555&gdpr=&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ecba0b5f-e39d-49d2-9913-8b700ad86555&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=3018%2C3017%2C201%2C3%2C229%2C23%2C96%2C97%2C3012%2C147%2C178%2C175%2C2027%2C3016%2C203%2C226%2C29%2C117%2C77%2C145%2C106%2C132%2C236%2C2025%2C3007%2C2030%2C251%2C159%2C339%2C141%2C222%2C228%2C108%2C2034%2C59%2C172%2C220%2C246%2C126%2C326%2C2026&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 24 Jun 2022 02:42:03 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 24 Jun 2022 02:42:03 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ecba0b5f-e39d-49d2-9913-8b700ad86555&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 24 Jun 2022 02:42:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.html
hbx.media.net/ Frame 4A50
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fhbx.media.net%2Fcksync.html%3Fcs%3D1%26vsid%3D2990401231455503000V10%...
  • https://hbx.media.net/cksync.html?cs=1&vsid=2990401231455503000V10&type=opx&refUrl=&vid=60385234032990401231455503000V10&ovsid=8db0b5ef-ca5f-06e8-3072-7939789e8963
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbx.media.net/cksync.html?cs=1&vsid=2990401231455503000V10&type=opx&refUrl=&vid=60385234032990401231455503000V10&ovsid=8db0b5ef-ca5f-06e8-3072-7939789e8963
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=3018%2C3017%2C201%2C3%2C229%2C23%2C96%2C97%2C3012%2C147%2C178%2C175%2C2027%2C3016%2C203%2C226%2C29%2C117%2C77%2C145%2C106%2C132%2C236%2C2025%2C3007%2C2030%2C251%2C159%2C339%2C141%2C222%2C228%2C108%2C2034%2C59%2C172%2C220%2C246%2C126%2C326%2C2026&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 24 Jun 2022 02:42:03 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Fri, 24 Jun 2022 02:42:03 GMT

Redirect headers

date
Fri, 24 Jun 2022 02:42:03 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://hbx.media.net/cksync.html?cs=1&vsid=2990401231455503000V10&type=opx&refUrl=&vid=60385234032990401231455503000V10&ovsid=8db0b5ef-ca5f-06e8-3072-7939789e8963
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync.php
hbx.media.net/ Frame 4A50
Redirect Chain
  • https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Demx%26refUrl%3D%26vid%3D603852340329904012314555030...
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Demx%26refUrl%3D%26vid%3D603...
  • https://cs.emxdgt.com/umcheck?apnxid=780750410301151874&redirect=https://hbx.media.net/cksync.php?cs=1&vsid=2990401231455503000V10&type=emx&refUrl=&vid=60385234032990401231455503000V10&ovsid=$EMXUI...
  • https://hbx.media.net/cksync.php?cs=1&vsid=2990401231455503000V10&type=emx&refUrl=&vid=60385234032990401231455503000V10&ovsid=780750410301151874brt77741656038523514390a2
45 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbx.media.net/cksync.php?cs=1&vsid=2990401231455503000V10&type=emx&refUrl=&vid=60385234032990401231455503000V10&ovsid=780750410301151874brt77741656038523514390a2
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=3018%2C3017%2C201%2C3%2C229%2C23%2C96%2C97%2C3012%2C147%2C178%2C175%2C2027%2C3016%2C203%2C226%2C29%2C117%2C77%2C145%2C106%2C132%2C236%2C2025%2C3007%2C2030%2C251%2C159%2C339%2C141%2C222%2C228%2C108%2C2034%2C59%2C172%2C220%2C246%2C126%2C326%2C2026&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 24 Jun 2022 02:42:03 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 24 Jun 2022 02:42:03 GMT

Redirect headers

location
https://hbx.media.net/cksync.php?cs=1&vsid=2990401231455503000V10&type=emx&refUrl=&vid=60385234032990401231455503000V10&ovsid=780750410301151874brt77741656038523514390a2
date
Fri, 24 Jun 2022 02:42:02 GMT
content-length
0
content-type
text/html
cksync
cs.media.net/ Frame 4A50
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=1&google_nid=media&google_cm=1&google_hm=Mjk5MDQwMTIzMTQ1NTUwMzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=1&google_gid=CAESEK1cZragodmp-DP2br-sSoo&google_cver=1
45 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=1&google_gid=CAESEK1cZragodmp-DP2br-sSoo&google_cver=1
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=3018%2C3017%2C201%2C3%2C229%2C23%2C96%2C97%2C3012%2C147%2C178%2C175%2C2027%2C3016%2C203%2C226%2C29%2C117%2C77%2C145%2C106%2C132%2C236%2C2025%2C3007%2C2030%2C251%2C159%2C339%2C141%2C222%2C228%2C108%2C2034%2C59%2C172%2C220%2C246%2C126%2C326%2C2026&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 24 Jun 2022 02:42:03 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=1&google_gid=CAESEK1cZragodmp-DP2br-sSoo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 4A50
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=342529b7-ba0c-480c-99d6-cf15a7b5263e
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=342529b7-ba0c-480c-99d6-cf15a7b5263e
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=3018%2C3017%2C201%2C3%2C229%2C23%2C96%2C97%2C3012%2C147%2C178%2C175%2C2027%2C3016%2C203%2C226%2C29%2C117%2C77%2C145%2C106%2C132%2C236%2C2025%2C3007%2C2030%2C251%2C159%2C339%2C141%2C222%2C228%2C108%2C2034%2C59%2C172%2C220%2C246%2C126%2C326%2C2026&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 24 Jun 2022 02:42:03 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=342529b7-ba0c-480c-99d6-cf15a7b5263e
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
dcm
s.amazon-adsystem.com/ Frame 4A50
Redirect Chain
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D2990401231455503000V10
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2990401231455503000V10
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2990401231455503000V10
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=3018%2C3017%2C201%2C3%2C229%2C23%2C96%2C97%2C3012%2C147%2C178%2C175%2C2027%2C3016%2C203%2C226%2C29%2C117%2C77%2C145%2C106%2C132%2C236%2C2025%2C3007%2C2030%2C251%2C159%2C339%2C141%2C222%2C228%2C108%2C2034%2C59%2C172%2C220%2C246%2C126%2C326%2C2026&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4SYW7M0QCVQZRAGBN1BJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2990401231455503000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Fri, 24 Jun 2022 02:42:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D6A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
178611
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 01:05:12 GMT
expires
Thu, 22 Jun 2023 01:05:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 653D 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9137bdf81723024c1925485b24c63b309bba5d9a00892fae4d1e4a89b4a05a8b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6qw7TgC39187aS6fqDifhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-6qw7TgC39187aS6fqDifhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 02:42:03 GMT
expires
Fri, 24 Jun 2022 02:42:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 653D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022062201&jk=1620218889985807&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
Aq6axuIj4xdN0A4LClEu7wk1FdfqQrvSY5ZnYLGiLRk.js
pagead2.googlesyndication.com/bg/ Frame 6D6A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Aq6axuIj4xdN0A4LClEu7wk1FdfqQrvSY5ZnYLGiLRk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02ae9ac6e223e3174dd00e0b0a512eef093515d7ea42bbd263966760b1a22d19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 01:05:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
178584
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13741
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Jun 2023 01:05:39 GMT
usync.js
eus.rubiconproject.com/ Frame 1202 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b2951f530d41c1f5b6f5fe1ac77f6948c4f5936c424442cf408d796e50944afd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 02:42:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71118
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9456
Expires
Fri, 24 Jun 2022 22:27:21 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 18FF 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156512&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cksync.php
contextual.media.net/ Frame 1202
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L4RUKSUD-1G-536O
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L4RUKSUD-1G-536O
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L4RUKSUD-1G-536O
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 24 Jun 2022 02:42:03 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 24 Jun 2022 02:42:03 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L4RUKSUD-1G-536O
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Expires
0
generate_204
tpc.googlesyndication.com/ Frame 6D6A 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?M4aVNw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 1202
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/-CvY-xYhkPEsFU31QfTfecn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3666170280197444616
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3666170280197444616
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Content-Type
image/gif

Redirect headers

date
Fri, 24 Jun 2022 02:42:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3666170280197444616
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 1202
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRSVUtTVUQtMUctNTM2Tw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRSVUtTVUQtMUctNTM2Tw==
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRSVUtTVUQtMUctNTM2Tw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 1202
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYxMzYxZmE4NGNiOWM1ZjgxNWYxOTE4MTQ4NzczY2JmY2IwZTA1OQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYxMzYxZmE4NGNiOWM1ZjgxNWYxOTE4MTQ4NzczY2JmY2IwZTA1OQ
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYxMzYxZmE4NGNiOWM1ZjgxNWYxOTE4MTQ4NzczY2JmY2IwZTA1OQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 1202
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0GQ__g1dTQqRzJu9qdd8EA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0GQ__g1dTQqRzJu9qdd8EA
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0GQ__g1dTQqRzJu9qdd8EA
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
M827H25MGHMK0Y4K6GJR
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0GQ__g1dTQqRzJu9qdd8EA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 1202 		42 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=3018%2C3017%2C201%2C3%2C229%2C23%2C96%2C97%2C3012%2C147%2C178%2C175%2C2027%2C3016%2C203%2C226%2C29%2C117%2C77%2C145%2C106%2C132%2C236%2C2025%2C3007%2C2030%2C251%2C159%2C339%2C141%2C222%2C228%2C108%2C2034%2C59%2C172%2C220%2C246%2C126%2C326%2C2026&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 02:42:03 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
setuid
px.ads.linkedin.com/ Frame 1202
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4RUKSUD-1G-536O
0
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4RUKSUD-1G-536O
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 67F58CE9A568467988E553001A4AEE02 Ref B: YTO01EDGE0722 Ref C: 2022-06-24T02:42:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXiKIPyjZXo6SelGXlqJw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4RUKSUD-1G-536O
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1202
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=342529b7-ba0c-480c-99d6-cf15a7b5263e&gdpr=0&gdpr_consent=&expires=30
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=342529b7-ba0c-480c-99d6-cf15a7b5263e&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=3018%2C3017%2C201%2C3%2C229%2C23%2C96%2C97%2C3012%2C147%2C178%2C175%2C2027%2C3016%2C203%2C226%2C29%2C117%2C77%2C145%2C106%2C132%2C236%2C2025%2C3007%2C2030%2C251%2C159%2C339%2C141%2C222%2C228%2C108%2C2034%2C59%2C172%2C220%2C246%2C126%2C326%2C2026&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=342529b7-ba0c-480c-99d6-cf15a7b5263e&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1202 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=3018%2C3017%2C201%2C3%2C229%2C23%2C96%2C97%2C3012%2C147%2C178%2C175%2C2027%2C3016%2C203%2C226%2C29%2C117%2C77%2C145%2C106%2C132%2C236%2C2025%2C3007%2C2030%2C251%2C159%2C339%2C141%2C222%2C228%2C108%2C2034%2C59%2C172%2C220%2C246%2C126%2C326%2C2026&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.119.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EZ14Y8Q1P8D99QW6BTSH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
action_links.json
fr-actions.trackonomics.net/prod/www.theonion.com/ 		243 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fr-actions.trackonomics.net/prod/www.theonion.com/action_links.json
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceD~b8c65ed4.0e17cea01d7d907ed4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-19.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e996c1f859b77f4062159bf45dabe432910c44cffd1a9157c1e7ea44544e46c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:03 GMT
via
1.1 a4d8112508e8450a57296bb3736a5136.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
IAD79-C1
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Error from cloudfront
content-type
application/xml
access-control-allow-origin
*
access-control-allow-methods
GET
x-amz-cf-id
nvu4IkYfFGul7hI5cH2bOhcSObv8V5DU0Mv0KvKXecZxSltz9VYG1g==
i.png
trx-hub.com/i/m/ 		128 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DZQOAdBDPVEOLO8ebElGyApoanhqaCDoUwDwKDgkVHRsfFESAF0KTV4hCF9YGjpFEE0BLDkIdXYdQhAAJgAGauqAWlqANkbqgBYAFXrCDurCWoBmRwB2AFZagC0o5VVyiAFKkC7XAAIAeQ93NYAfNYBBGmgsTTAAciE1gDFcaiy1gDlqFCuAZSNobUcorCwFKp-DAARha4xawwAHONqkMJrVqAArRFRagAN1K6gAnrJTOwpEEhEJPDgohksr5QrB-qY8JTsGBYLVgeMwON1K5YO4SWT-lJgbT6VhGczWeyXDp0nzqqZue4QCQgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.224.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-224-108.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 11:49:25 GMT
via
1.1 366b9fc9e06517905c8f46d7549058fc.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:25 GMT
server
AmazonS3
age
53559
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
IAD79-C3
accept-ranges
bytes
content-length
128
x-amz-cf-id
-zOxKs7Filos-_PBN1q-sN7s6EiLTjgk0Iix57D5FxKXN86DuywZLw==
activeview
pagead2.googlesyndication.com/pcs/ Frame 1B6A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssy7DMxevngCenVJNS0q6vveRj-YdfhZnXKf-_q6dzvW-3tSwtnkrJM1Qzlx19-f-3HafA9YLZa_JQT4t_ML-khQ0cU_9QoQyD37QOshD8xKhbVIANlFsFBlPl4tRa7s9rKXIY&sai=AMfl-YSssIsLHr7kuIyWTwdx6v4jFFlMWX483iZHCBLzSXA0cMzMTIPenZ--POoC7pVUg_ybPrXGF4f3u_pnAEGxBZDoNFQjxgBFMdBPt8s0gBgZn3oURsZijazxhSIC&sig=Cg0ArKJSzEVDjZ_ka_yJEAE&cid=CAASJeRo-Ey1huZUKpsBQOawGCTYJ2Vp_o3UYxR72gaFaIVzhp2vWME&id=lidar2&mcvt=1000&p=178,315,428,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220622&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3099211010&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656038522081&rpt=810&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
es_encParams_L2FwX0RhdGFTaWduYWwxPTE1NDQ3Njg2MTQxL2FwX0RhdGFTaWduYWwyPUFEMUV6UlFBQUFCb0NtQUtEQWdBRlFBQUFBQWRBQUFBQUJJTUNBQVZBQUFBQUIwQUFBQUFJaE1JX2ZlRHhqbW9BcWYxN0pnQ3NBTEVybzhNUUFIU0Fpb1lBQ0lUQ09l...
evs.jivox.com/trk/73/159291/361255049d11e6/29/jvxSId_1656038522.4901/es_pId_fZjNz9/ Frame 30FF 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evs.jivox.com/trk/73/159291/361255049d11e6/29/jvxSId_1656038522.4901/es_pId_fZjNz9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE1NDQ3Njg2MTQxL2FwX0RhdGFTaWduYWwyPUFEMUV6UlFBQUFCb0NtQUtEQWdBRlFBQUFBQWRBQUFBQUJJTUNBQVZBQUFBQUIwQUFBQUFJaE1JX2ZlRHhqbW9BcWYxN0pnQ3NBTEVybzhNUUFIU0Fpb1lBQ0lUQ09lYXZaNkl4ZmdDRlNOQXdRb2RMZkVOQmlnQk1BRTQyYjJzd29vUVFBSklBVmlaZ1NBUW1QcWp6QUY1WEhJanJ5blV0dFBvNE9vWnc2dmcvcj0wLjIzMTg0NjUzNTQ5MjY3OTUzL2VzX2NnTmFtZT1DTTElM0FUTU9fUG9zdHBhaWRfWF9UU18yNTIwOTY3XzIyU0cyMkFMTVhfRUdTX0ZyZWVfdjFfR1MyMkFBTE1heF9TYW1zdW5nX0VMX0RJUy1STV9IVE1MX1hfWF9YX0NNLUNSVFYtMDAyJTNBOTcweDI1MC9lc19zZWdOYW1lPTI1MjA5NjdfRnJlZStTYW1zdW5nR1MyMit3QUFMK29uK01heCstK0VHUw==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.154.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-154-195.compute-1.amazonaws.com
Software
akka-http/10.1.11 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Jun 2022 02:42:04 GMT
access-control-allow-credentials
false
server
akka-http/10.1.11
content-type
image/gif
content-length
43
p3p
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022062201&jk=1620218889985807&bg=!CwilCEzNAAZlcKWdRXA7ACkAdvg8WthcpIA-P56FYv-ZV0ZtBiS3HXyt1451Ii_pxmn_0Vp_vN-kygIAAAB-UgAAAAJoAQcKAJ_-Sdr7Udrsh2TdRvmf76obp_cPHzKUFV-QncLfnMinr7Edv73jGzSlmb0ReaVUPSRtoivrjS8oQsO6L23Q8voMrND9XG4BkyG5ITmiRZQJXsYy4vlMRonLwf7wBirg6LHOutfkpToO0HzorPcQYJ4Q_i9bfmy8dVRcX21N8zhjH7e9uLQuf3IdZbdgpfbHCDsbB2gOOZlnAZCOpI06MimZAqcqPqlgX6481bfvSEhF8yeI0ofK_HF2D31UnPzOQbOhOje_qPr72gDsAGW3RdabEKd8Y1pWMh5_3h6I8RLOR5apoD4F69dt2TJTT74z0Hi9ByjvAemS45-v0j_J9wxbpSYDo0m_D9XSat0UoWEE0q0tDUTjVvIInoGT-T4NB44HQq4BB5AOVbuueOkxwHQ7jcwVrfiE3wJbJxJ3qxhY105cQEjrfgtuvOL1hSkdGi3OCFr2J1cG_5xaVmMnNdXfdYNuQw_b1HP8e4yXL0_Ycy8BrpAEVzbruZmSH4bzYBMAwzUMDphp7xeA3GHe72GwxGROrd8I8YiQ2q7GFnmfo94T2VFLKhsw6dgXDFIiocUfaMS0RmZCEy0aUq9liDfl7xO5O_Mvj-_aBEYlDrfMqFjRnTsfNaSCmjgyFrEjulyxfDwqo8cxpFQSz4H6DdoEr9E7FijdSauZR6-Kj9Rbxt1DGyajWlTQ1QS5suRc_Ub__683yjLLF8E4ZoodsVXQ-DVIJndiHfevvzzsLSIh03sy96KifDAiaPPaxqIgOA-z_I-w3652CxDImQh8W56LGiasduJEJEYGdnu4Jxd6WBSUymVaKC6Tm86k1r4W22a6RPUHDtBmPiQURrQICWPn8aS232yct9k1obKGVOVroo9m1-EBq9LhKRueOwx-pPD8N4xXk1PTPsAPpMiJS65bn4uNRWtfgCMtnTQweZumTmYPjTYrX9VL72Get8p5x1lM1KyrnalEucRCLXSCG8F3LDTruGoNFGyQlIDXhew7AJlHWsBE6MuHyqhGj1Vsu5aRxLg6t56UzwuNSR-niAlHLvA-vUj3UN6WIRzz3gdOu8CSNw9I7So0FblVdZtSKNElh-rsvESlBoFk8jmN4jW-hms80whQ8eR3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
id
api.britepool.com/v1/britepool/ 		0
0
id
api.britepool.com/v1/britepool/ Frame 		0
0
cksync.php
contextual.media.net/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://widget.us.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5a6aa517-4a2e-4510-942b-60d59c9c26e1
45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5a6aa517-4a2e-4510-942b-60d59c9c26e1
Protocol
H2
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 24 Jun 2022 02:42:04 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 24 Jun 2022 02:42:04 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:04 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5a6aa517-4a2e-4510-942b-60d59c9c26e1
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1230564
content-length
0
expires
Fri, 24 Jun 2022 00:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161204
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=780750410301151874
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e204589d-15fe-4de9-8d49-1bba08760a86&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.11 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 23 Jun 2022 17:29:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cksync.php
cs.media.net/
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=SRwRaWKO1O4zgJ5
45 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=SRwRaWKO1O4zgJ5
Protocol
H2
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
45
x-mnet-hl2
E
expires
Fri, 24 Jun 2022 02:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:04 GMT
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-073257b87745e76b3@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=SRwRaWKO1O4zgJ5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ecba0b5f-e39d-49d2-9913-8b700ad86555&ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10626665533280943343&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10626665533280943343&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=fdc21428-de9d-410c-b112-7aecc9791d28&ssp=medianet&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10626665533280943343&ssp=medianet&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213020604192002097966&ssp=medianet&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10626665533280943343&ssp=medianet&gdpr=&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ecba0b5f-e39d-49d2-9913-8b700ad86555&gdpr=&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ecba0b5f-e39d-49d2-9913-8b700ad86555&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 24 Jun 2022 02:42:04 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 24 Jun 2022 02:42:04 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ecba0b5f-e39d-49d2-9913-8b700ad86555&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 24 Jun 2022 02:42:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://us-u.openx.net/w/1.0/pd?plm=6&ph=76539a53-5c43-4ed5-9383-0170d0baf4f8&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJC1nof6QbgT5kNMAs9_JsM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJC1nof6QbgT5kNMAs9_JsM&google_cver=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:04 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJC1nof6QbgT5kNMAs9_JsM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
cs.media.net/
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=1b66d938d4908e5&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsi...
  • https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAADKVTf1pOetAMPafGRAAAAAAA&expiration=1656124924&is_secure=true
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAADKVTf1pOetAMPafGRAAAAAAA&expiration=1656124924&is_secure=true
Protocol
H2
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
45
x-mnet-hl2
E
expires
Fri, 24 Jun 2022 02:42:04 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:04 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAADKVTf1pOetAMPafGRAAAAAAA&expiration=1656124924&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
xuid
eb2.3lift.com/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=342529b7-ba0c-480c-99d6-cf15a7b5263e&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=342529b7-ba0c-480c-99d6-cf15a7b5263e&dongle=0cfd
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=342529b7-ba0c-480c-99d6-cf15a7b5263e&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
cksync.php
cs.media.net/ 		44 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
44
x-mnet-hl2
E
expires
Fri, 24 Jun 2022 02:42:04 GMT
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://stags.bluekai.com/site/92145?id=ecba0b5f-e39d-49d2-9913-8b700ad86555&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D452%26ssp%3Dthemediagrid%26user_id%3D&limit=1
  • https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 02:42:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
Date
Fri, 24 Jun 2022 02:42:04 GMT
Connection
keep-alive
Content-Length
0
BK-Server
b789
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
dt
dt.adsafeprotected.com/ Frame 1B6A 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=937172&asId=3059e981-e3b7-5a33-6948-e4a8d475c020&tv=%7Bc:gq4g2C,pingTime:1,time:2403,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:27%7D,%7Bpiv:100,vs:i,r:,t:1401%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1401,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1395~0,0~100%5D,as:%5B1395~970.250%5D%7D%7D,%7Bsl:i,t:1401,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:22,fm:t9DGSbZ+11%7C12%7C1311%7C131211%7C131212%7C1313%7C1314%7C1315%7C1316%7C1317%7C1318%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C159%7C15a%7C15b%7C15c%7C15d%7C15e%7C16%7C17%7C18*.937172-63662186%7C181,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:05 GMT
X-Server-Name
dt45.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 1B6A 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=937172&asId=3059e981-e3b7-5a33-6948-e4a8d475c020&tv=%7Bc:gq4g2D,pingTime:1,time:2404,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:27%7D,%7Bpiv:100,vs:i,r:,t:1401%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1003,o:1401,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1395~0,0~100%5D,as:%5B1395~970.250%5D%7D%7D,%7Bsl:i,t:1401,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:22,fm:t9DGSbZ+11%7C12%7C1311%7C131211%7C131212%7C1313%7C1314%7C1315%7C1316%7C1317%7C1318%7C14%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C158%7C159%7C15a%7C15b%7C15c%7C15d%7C15e%7C16%7C17%7C18*.937172-63662186%7C181,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:05 GMT
X-Server-Name
dt55.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
PugMaster
image6.pubmatic.com/AdServer/ Frame A55F 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79427053&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Dpba%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f722904fa31a4236fb51200095792d3030f75cccedbe33ec2e13edaad7073f3b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:42:05 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 4C93
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2c2c22e6-f211-4326-adaa-bcf6cad9fe58-tuct9aea9fe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2c2c22e6-f211-4326-adaa-bcf6cad9fe58-tuct9aea9fe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Dpba%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Fri, 24 Jun 2022 02:42:06 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12826-YUL
x-timer
S1656038527.618104,VS0,VE21

Redirect headers

accept-ranges
bytes
content-length
0
date
Fri, 24 Jun 2022 02:42:06 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2c2c22e6-f211-4326-adaa-bcf6cad9fe58-tuct9aea9fe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12831-YUL
x-timer
S1656038527.550768,VS0,VE19
x-vcl-time-ms
19
Pug
image2.pubmatic.com/AdServer/ Frame A354
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Y2S-UUj4DH65VKuKfyS1Yg
42 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Y2S-UUj4DH65VKuKfyS1Yg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Dpba%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 24 Jun 2022 02:42:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Fri, 24 Jun 2022 02:42:07 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Y2S-UUj4DH65VKuKfyS1Yg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
pub
matching.truffle.bid/sync/ Frame CE87 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Dpba%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 24 Jun 2022 02:42:06 GMT
Server
nginx/1.21.4
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 2099 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Dpba%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 24 Jun 2022 02:42:06 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-525228ec5db8@version_1.512
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 0459
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Dpba%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 24 Jun 2022 02:42:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 24 Jun 2022 02:42:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
_
Pug
image2.pubmatic.com/AdServer/ Frame A847
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=029468b7-a675-40c2-9cbd-9b918352fd63
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=029468b7-a675-40c2-9cbd-9b918352fd63
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Dpba%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 24 Jun 2022 02:42:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 24 Jun 2022 02:42:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=029468b7-a675-40c2-9cbd-9b918352fd63
strict-transport-security
max-age=15724800; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 164D
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=D5A0BE942A9C49B4926EBA7851290645
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
  • https://match.bnmla.com/usersync?dspid=170&uuid=1EE0E30D482248EBB9B906EB91C1C2E6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=8e783a0e-e239-41df-b2da-e8ca6774fae6
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=8e783a0e-e239-41df-b2da-e8ca6774fae6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Dpba%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Jun 2022 17:53:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 24 Jun 2022 02:42:06 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=8e783a0e-e239-41df-b2da-e8ca6774fae6
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 7296
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D5A0BE942A9C49B4926EBA7851290645
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D5A0BE942A9C49B4926EBA7851290645
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Dpba%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 24 Jun 2022 02:42:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Fri, 24 Jun 2022 02:42:06 GMT
expires
Thu, 23 Jun 2022 02:42:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D5A0BE942A9C49B4926EBA7851290645
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
cksync.php
hbx.media.net/ Frame 5A65 		45 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/cksync.php?cs=1&vsid=2990401231455503000V10&type=pba&refUrl=&vid=60385234032990401231455503000V10&ovsid=C3E08DA9-D324-4D66-8134-C7493E27E7EA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D2990401231455503000V10%26type%3Dpba%26refUrl%3D%26vid%3D60385234032990401231455503000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Fri, 24 Jun 2022 02:42:06 GMT
expires
Fri, 24 Jun 2022 02:42:06 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=604800
x-mnet-hl2
E
5386
tags.bluekai.com/site/ Frame A55F
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C3E08DA9-D324-4D66-8134-C7493E27E7EA
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=5311e75cf60d0770/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=5311e75cf60d0770/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=23a0d924fe86424d61b43fedab1bdeff&gdpr=0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=c605488fe408cf48f52b6b646ca73582&gdpr=0
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
  • https://pixel.onaudience.com/?partner=252&mapped=y-qNqCl51E2pQRgxofR.kca.oy_2Pu7JHeog--~A&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=342529b7-ba0c-480c-99d6-cf15a7b5263e&icm&gdpr=0&gdpr_consent=&cver
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=9290d09f8d805d0c
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=342529b7-ba0c-480c-99d6-cf15a7b5263e&gdpr=0&gdpr_consent=
62 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5386?id=342529b7-ba0c-480c-99d6-cf15a7b5263e&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 02:42:07 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control
max-age=86400, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
35bd
Expires
Sat, 25 Jun 2022 02:42:07 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://tags.bluekai.com/site/5386?id=342529b7-ba0c-480c-99d6-cf15a7b5263e&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
221
Artemis
aud.pubmatic.com/AdServer/ Frame A55F
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&addseg=12,35,41
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&addseg=12,35,41
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

date
Fri, 24 Jun 2022 02:42:06 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C3E08DA9-D324-4D66-8134-C7493E27E7EA&addseg=12,35,41
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame A55F
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C3E08DA9-D324-4D66-8134-C7493E27E7EA&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C3E08DA9-D324-4D66-8134-C7493E27E7EA&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C3E08DA9-D324-4D66-8134-C7493E27E7EA&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:06 GMT
Frontend-ID
5
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 02:42:06 GMT
Frontend-ID
13
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=C3E08DA9-D324-4D66-8134-C7493E27E7EA&sInitiator=external&gdpr=0&gdpr_consent=
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame A55F 		43 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=C3E08DA9-D324-4D66-8134-C7493E27E7EA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-20.iad79.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:06 GMT
via
1.1 84998cd5f1fa5882ba3f758f388fd37a.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
IAD79-C2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
Sw6lEsAhzRC_Pj0lRxprr-WjbBdqmzXBRM5JnKek6AY1A11DXX30ZQ==
expires
0
d1ba4609
rtb.gumgum.com/getuid/ Frame A55F 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.244.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-244-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 02:42:06 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
px.britepool.com
URL
https://px.britepool.com/new?partner_id=t
Domain
mathid.mathtag.com
URL
https://mathid.mathtag.com/d/i.js
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| headertag object| kinja string| GoogleAnalyticsObject function| ga object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| advBidxc object| googletag function| _fasttoken object| _user object| blockthrough number| interval object| yEZ06b2 function| yEZ06b3 object| xop object| webpackJsonp function| StickySidebar object| pbjs object| Modernizr function| Waypoint object| videoHtml5Controllers function| stopVideoHtml5 object| google_tag_data object| gaplugins object| ggeac object| google_js_reporting_queue function| filterCSS function| filterXSS object| regeneratorRuntime function| veritasStart string| veritas_version object| Scroll object| apstag object| _sf_async_config number| _sf_endpt string| ENTRY_POPUP object| _comscore object| google_tag_manager undefined| channel string| trackonomicsId object| scrEm object| DD_RUM object| GCB8ml2 function| GCB8ml3 function| xblocker object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| initVideoHtml5 object| closure_lm_139667 object| hyOsfE function| hyOsfC function| xblacklist function| pbjsChunk object| _pbjsGlobals object| mnet object| BULBS_REQUESTS object| BULBS_ELEMENTS_ADS_MANAGER string| waypointContextKey object| bouncex object| COMSCORE function| udm_ object| ns_p object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY boolean| apstagLOADED undefined| google_measure_js_timing object| trx function| md5 object| google_optimize object| gaGlobal object| gaData object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked boolean| creativeVendorLibraryLoaded object| closure_lm_203602 object| Criteo object| bxgraph function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| ats undefined| $ function| jQuery function| close_bouncex_ad object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id boolean| DFPSFMessageEnabled object| ampInaboxIframes object| ampInaboxPendingMessages object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| el object| GoogleGcLKhOms object| google_image_requests

226 Cookies

Domain/Path Name / Value
.resetdigital.co/csync Name: ckbk
Value: 000000B614CBA3D3
.mrtnsvr.com/sync Name: userId
Value: 55zv2Ey4M
.3lift.com/sync Name: sync
Value: CgkIOhCijNqcmTA=
theonion.com/ Name: geocc
Value: CA
.theonion.com/ Name: KinjaBucket
Value: 5
theonion.com/ Name: KinjaSetBucket
Value: 5|1656038400|v9RQHwIQEblL07juwXnwHbZkozmKbxY6jZOq10GiAcA=
www.theonion.com/ Name: geocc
Value: CA
kinja.com/ Name: KinjaSession
Value: 59f2cdbb-eb50-4d7a-91c8-1aa635c23f64
.kinja.com/ Name: KinjaBucket
Value: 5
kinja.com/ Name: KinjaSetBucket
Value: 5|1656038400|v9RQHwIQEblL07juwXnwHbZkozmKbxY6jZOq10GiAcA=
www.theonion.com/ Name: lux_uid
Value: 165603851911815849
.adsrvr.org/ Name: TDID
Value: 342529b7-ba0c-480c-99d6-cf15a7b5263e
www.theonion.com/ Name: vtas_f
Value: e317b28ff680d206e73f49db9e5a2d801a26d2b2
www.theonion.com/ Name: vtas_version
Value: 1.0.23
.liadm.com/ Name: lidid
Value: c4c04132-bc10-421a-b306-c5e0443d8827
.rkdms.com/ Name: sessionid
Value: h-63d7f3e40cce320626f4a811ce93def2_t-1656038520
www.theonion.com/ Name: _dd_r
Value: 0
.theonion.com/ Name: entryPopupSeen
Value: true
www.theonion.com/ Name: ka
Value: 4d34208a-cde7-48b7-9b4c-e9ccd0760592|5949a5d1-6283-4f60-8a1a-8f7aa70ddb05|1656038520269
www.theonion.com/ Name: mnet_session_depth
Value: 1%7C1656038520317
.doubleclick.net/ Name: IDE
Value: AHWqTUkRpZv4pnY9THpRmX1yKIdf-6NCwT7fqdYTVwoxjmgGOJJsZUN9wOH86qEZIss
www.theonion.com/ Name: pageDepth
Value: 1
www.theonion.com/ Name: vtas_kv
Value: {"veritas-segments":"1","veritas-iab":"19, 15"}
.theonion.com/ Name: _cb
Value: BGDb_GcX84QDEWXIj
.theonion.com/ Name: _chartbeat2
Value: .1656038520671.1656038520671.1.BhAzgYDurqwUBlkWXzwCaxU9CIR9.1
.theonion.com/ Name: _cb_svref
Value: null
.scorecardresearch.com/ Name: UID
Value: 136531739f0343e775166751656038520
www.theonion.com/ Name: __aaxsc
Value: 2
.theonion.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.theonion.com/ Name: _ga
Value: GA1.2.1583285708.1656038521
.theonion.com/ Name: _gid
Value: GA1.2.458885652.1656038521
.theonion.com/ Name: _gat_unique
Value: 1
.theonion.com/ Name: _gat
Value: 1
.theonion.com/ Name: _gat_kinjavideo191132
Value: 1
www.theonion.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.openx.net/ Name: i
Value: 9630e329-c8d8-03ff-09eb-cfbfae562842|1656038521
.theonion.com/ Name: bounceClientVisit3645v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgO6kB0CcApgPYB2AlvWQMY0C2Rm+A+gOYBDTABFcZAOwYALAA5c4qWQCMU3FICsSgGwAGdQE5lW9eoW59MrQFptM9TJniTRk7J07cMvOtw6ACgBOTEEIAJ7evkpKIAA0IAEwICAAvkA
ads.resetsrv.com/ Name: ckbk
Value: 000000B613DBA95D
.amazon-adsystem.com/ Name: ad-id
Value: A8uQWM7nOEhHkrtBbQ6vMZw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
www.theonion.com/ Name: _lr_geo_location
Value: CA
.bounceexchange.com/ Name: bounceClientVisit3645c
Value: %7B%22vid%22%3A1656038521215632%2C%22did%22%3A%226393143172568779478%22%7D
.rubiconproject.com/ Name: khaos
Value: L4RUKSUD-1G-536O
.adnxs.com/ Name: uuid2
Value: 780750410301151874
.casalemedia.com/ Name: CMPRO
Value: 1240
.3lift.com/ Name: tluid
Value: 2361227759780991366806
.yahoo.com/ Name: A3
Value: d=AQABBHkktWICEH8qHkABOJ-Q0nnt_xgQdGsFEgEBAQF1tmK_YgAAAAAA_eMAAA&S=AQAAAkN5a6-yAPpy0yIucM0Hmgk
.casalemedia.com/ Name: CMPS
Value: 469
.cdnwidget.com/ Name: __3idcontext
Value: {"cookieID":"2B0MP7Bib37GNURTzG6RpqsUA3W","deviceID":"2B0MP2FH2k0AVlSYXFKwhzxkZLP","iv":"","v":""}
.cdnwidget.com/ Name: __adcontext
Value: {"cookieID":"2B0MP7Bib37GNURTzG6RpqsUA3W","deviceID":"2B0MP2FH2k0AVlSYXFKwhzxkZLP","iv":"","v":""}
.theonion.com/ Name: __idcontext
Value: eyJjb29raWVJRCI6IjJCME1QN0JpYjM3R05VUlR6RzZScHFzVUEzVyIsImRldmljZUlEIjoiMkIwTVAyRkgyazBBVmxTWVhGS3doenhrWkxQIiwiaXYiOiIiLCJ2IjoiIn0%3D
.casalemedia.com/ Name: CMRUM3
Value: 1f62b5247905a0&f162b5247905a0&be62b5247905a0&2762b524790b40&2d62b5247905a0&e662b524792760&c462b5247905a0&8362b5247905a0
.casalemedia.com/ Name: CMID
Value: YrUkeQSJC6Pugzxy.maICAAA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C3E08DA9-D324-4D66-8134-C7493E27E7EA
.bfmio.com/ Name: __106_cid
Value: 342529b7-ba0c-480c-99d6-cf15a7b5263e
.bfmio.com/ Name: __bfio_sync
Value: 13C4F84C2EB00B44A8E60742AC8DC166
.bfmio.com/ Name: __io_cid
Value: 342529b7-ba0c-480c-99d6-cf15a7b5263e
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-01683972-3e48-4c27-4b3d-ba5dd27e7697.omo3dxC7Itgivjh%2F8mPyc9MeEijQJ8evznsNc39vJiI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AAWg5cj5ITCdLPbpd0n52l5U4mbs.YPx4R9lMbO9LW9WQfSNCwESBmlhpb4z9PwvHPLgnges
ssp.behave.com/ Name: tuuid
Value: 3fa15f3b-557d-44db-9021-376671e004eb
ssp.behave.com/ Name: c
Value: 1656038521
ssp.behave.com/ Name: tuuid_lu
Value: 1656038521
.bfmio.com/ Name: __187_cid
Value: 55zv2Ey4M
.bfmio.com/ Name: __172_cid
Value: AWg5cj5ITCdLPbpd0n52l5U4mbs
.yieldmo.com/ Name: yieldmo_id
Value: gad9a805795f6c1dec62%7C1656038521504%7C0%7C
.adform.net/ Name: C
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~25mq:18z8~25mq"
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YrUkeQALNGCGIgAo
.adgrx.com/ Name: ADGRX_UID
Value: 399eca3c-f367-11ec-a45c-682258f0f1c1
.adform.net/ Name: uid
Value: 8249113497166911165
.simpli.fi/ Name: suid
Value: D5A0BE942A9C49B4926EBA7851290645
.bfmio.com/ Name: __157_cid
Value: y-LTEXGwVE2pITFyu.AhGFB_Fq.Wmbekre6oxkUaaNCA--~A
.deepintent.com/ Name: CDIUSER
Value: di_d72cdcfdb80a431e8a5ef
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.bfmio.com/ Name: __141_cid
Value: E36B116FBE05449ABC9F1AE439C7B336
.mathtag.com/ Name: uuid
Value: f9ce62b5-2479-4000-b35c-bb97eafdbcd5
.tidaltv.com/ Name: tidal_ttid
Value: f9bfc24c-3361-4f92-a49f-f70a21125137
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-399eca3c-f367-11ec-a45c-682258f0f1c1&KRTB&23275-399eca3c-f367-11ec-a45c-682258f0f1c1
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YrUkeQALNGCGIgAo&KRTB&22978-YrUkeQALNGCGIgAo&KRTB&23194-YrUkeQALNGCGIgAo&KRTB&23209-YrUkeQALNGCGIgAo
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-342529b7-ba0c-480c-99d6-cf15a7b5263e&KRTB&22918-342529b7-ba0c-480c-99d6-cf15a7b5263e&KRTB&23031-342529b7-ba0c-480c-99d6-cf15a7b5263e
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-AWg5cj5ITCdLPbpd0n52l5U4mbs
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:336c62b5-2479-4900-8f51-fe240806a828&KRTB&16736-uid:336c62b5-2479-4900-8f51-fe240806a828&KRTB&23019-uid:336c62b5-2479-4900-8f51-fe240806a828&KRTB&23208-uid:336c62b5-2479-4900-8f51-fe240806a828
.sitescout.com/ Name: ssi
Value: 96c38ccf-16ea-4d04-ae14-fc854472ccca#1656038521610
.acuityplatform.com/ Name: auid
Value: 676902280705
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQGRyZ1icmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUBkcmdYnI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7093249211328985151P
.owneriq.net/ Name: pmc
Value: 1
.quantserve.com/ Name: d
Value: ENwBCwG6JvijAA
.quantserve.com/ Name: mc
Value: 62b52479-96054-e43e0-89efe
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-8983dd6b-5fb6-4ea6-a359-0becfb9184a9&KRTB&23340-8983dd6b-5fb6-4ea6-a359-0becfb9184a9
.ipredictive.com/ Name: cu
Value: 39a888a0-f367-11ec-8a25-c312b08c9a12|1656038521617
.w55c.net/ Name: wfivefivec
Value: SRwRaWKO1O4zgJ5
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjS1sDI0NQYA3GstuAkAAAA="
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-676902280705
.bidr.io/ Name: bito
Value: AAExok7FakkAABNibS4wiw
.bidr.io/ Name: bitoIsSecure
Value: ok
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY1NjAzODUyMTY0N30
beacon.lynx.cognitivlabs.com/ Name: UID
Value: f695d2b3-56c5-450f-b5f3-85ab36eefe0a
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-780750410301151874&KRTB&23339-780750410301151874&KRTB&23388-780750410301151874
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESELXgho7LkbPJvk8WLUFuWhk&KRTB&22987-CAESELXgho7LkbPJvk8WLUFuWhk&KRTB&23025-CAESELXgho7LkbPJvk8WLUFuWhk&KRTB&23386-CAESELXgho7LkbPJvk8WLUFuWhk
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:D5A0BE942A9C49B4926EBA7851290645
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7093249211328985151&KRTB&22521-Q7093249211328985151
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-39a888a0-f367-11ec-8a25-c312b08c9a12&KRTB&23011-39a888a0-f367-11ec-8a25-c312b08c9a12&KRTB&23355-39a888a0-f367-11ec-8a25-c312b08c9a12
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-2JFT-9yXBvfDmgf-25ccq9qQVP7DmwiriMbocvpT&KRTB&19420-2JFT-9yXBvfDmgf-25ccq9qQVP7DmwiriMbocvpT&KRTB&22979-2JFT-9yXBvfDmgf-25ccq9qQVP7DmwiriMbocvpT
.rlcdn.com/ Name: pxrc
Value: CPnI1JUGEgUI6AcQABIFCOhHEAA=
.bfmio.com/ Name: __102_cid
Value: f9bfc24c-3361-4f92-a49f-f70a21125137
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8249113497166911165&KRTB&23263-8249113497166911165
.bidswitch.net/ Name: c
Value: 1656038521
.bidswitch.net/ Name: tuuid_lu
Value: 1656038521
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:SRwRaWKO1O4zgJ5
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-96c38ccf-16ea-4d04-ae14-fc854472ccca-62b52479-4341
.ads.yieldmo.com/ Name: ptrstk
Value: AWg5cj5ITCdLPbpd0n52l5U4mbs
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a167cf8e-0812-4e52-9531-20fe6ac77d25-005%22%2C%22nxtrdr%22%3Afalse%7D
.turn.com/ Name: uid
Value: 7574025732850242011
.bidswitch.net/ Name: tuuid
Value: ecba0b5f-e39d-49d2-9913-8b700ad86555
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7574025732850242011&KRTB&23150-7574025732850242011
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 7J1qlBSBECLrPEsxcVEO3NhmP22asO%2FhYcXHBOGskqLp6ajZjYJ0Rp9%2BP11N%2BMeKFBHv8XT4csilqwvJzIjVb9NnFVhdWEkV5jiWZw%2BbM%2Fg%3D
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAADKPnsxfsBYwNulAmVAAAAAAA&KRTB&22713-AAADKPnsxfsBYwNulAmVAAAAAAA&KRTB&22715-AAADKPnsxfsBYwNulAmVAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23168-000000B614CBA3D3&KRTB&23175-000000B614CBA3D3
.pippio.com/ Name: did
Value: aSKlSCP3rXncz43V
.pippio.com/ Name: didts
Value: 1656038521
.pippio.com/ Name: nnls
Value:
.dyntrk.com/ Name: dyn_u
Value: 03030001_62b52479b51e9
.ads.yieldmo.com/ Name: ptrbsw
Value: ecba0b5f-e39d-49d2-9913-8b700ad86555
ssp.behave.com/ Name: um2
Value: !2,ecba0b5f-e39d-49d2-9913-8b700ad86555,425317321
.tribalfusion.com/ Name: ANON_ID
Value: aXnseFOZb3VhUEjUAvMi7lEZcnZb7qvaXZcZa5ZcuGhZdKthM2WYHYnusYUHTBpfnadoReZbDeDOrATgL908XBv2NjI4
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a167cf8e-0812-4e52-9531-20fe6ac77d25-005%22%7D
.mfadsrvr.com/ Name: tuuid
Value: 0a6afd2a-e49e-4039-9bfb-d64208c198bc
.mfadsrvr.com/ Name: c
Value: 1656038521
.mfadsrvr.com/ Name: tuuid_lu
Value: 1656038521
.smartadserver.com/ Name: pid
Value: 4053307272047313424
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAExok7FakkAABNibS4wiw
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B330_F1F3B21D_67407FE6&KRTB&23092-R1B330_F1F3B21D_67407FE6
.pippio.com/ Name: pxrc
Value: CPnI1JUGEgQIAhAAEgYI7OsBEAA=
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-a167cf8e-0812-4e52-9531-20fe6ac77d25-005&KRTB&17107-RX-a167cf8e-0812-4e52-9531-20fe6ac77d25-005
.mfadsrvr.com/ Name: bsw_uid
Value: ecba0b5f-e39d-49d2-9913-8b700ad86555
.linksynergy.com/ Name: rmuid
Value: 04bf5ffd-5a5d-408d-b3c6-f7080cc45f98
.linksynergy.com/ Name: icts
Value: 2022-06-24T02:42:01Z
.theonion.com/ Name: __gads
Value: ID=d3cbdc190598f410:T=1656038521:S=ALNI_MYHkOYVs2cT5IrjYrMzx2sgypfrIg
.theonion.com/ Name: __gpi
Value: UID=000006174fe9b9f3:T=1656038521:RT=1656038521:S=ALNI_MbYW9eVqyOW6uvWBpxQ7d9JBrkdtw
.contextweb.com/ Name: V
Value: CDW2ASkfuzRY
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ekl|7dN.0.AAExok7FakkAABNibS4wiw
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 42365cd6e6a10dd7
.technoratimedia.com/ Name: tads_uid
Value: 1EE0E30D482248EBB9B906EB91C1C2E6
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220623224202-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AAExok7FakkAABNibS4wiw
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-ecba0b5f-e39d-49d2-9913-8b700ad86555
.pubmatic.com/ Name: PugT
Value: 1656038522
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAExok7FakkAABNibS4wiw
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Ilbnqbj9!]tbPl1M>e)ZlrFUfJ+tGXxp?HjgdiUuL'G9v53fU`@B.?/kwPNaaL(A2R<u3If)y3KL9D3I?+72Ncv^
.jivox.com/ Name: jvxsync
Value: t9DGSewUTmt8
.casalemedia.com/ Name: CMST
Value: YrUkeWK1JHoA
.mfadsrvr.com/ Name: ssh
Value: !google,1656038522!bidswitch,1656038521
.zemanta.com/ Name: zuid
Value: VtnpFG_-Wy9f5qYwdcns
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAOOSMXR2dA129Uw2i7fwzHQszC738Kz0C4mvSg5KTwYAYNGsCh4AAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMStjAwMTQxNTM3sTQ3MjYyANJGQnyGuvluWeYpnhUBBZa6lgCQDS6nJQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMStjAwMTQxNTM3sTQ3MjYyANJGQnyGuvluWeYpnhUBBZa6lgCQDS6nJQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAOOSMXR2dA129Uw2i7fwzHQszC738Kz0C4mvSg5KTw7iNTQzNTMwtjA1MjawMHvFiMoHAMJlJ3o9AAAA
.mxptint.net/ Name: mxpim
Value: R1B330_F1F3B21D_67407FE6.1.62B5247B0000000062B5247A
.criteo.com/ Name: uid
Value: 5a6aa517-4a2e-4510-942b-60d59c9c26e1
.media.net/ Name: visitor-id
Value: 2990401231455503000V10
.theonion.com/ Name: cto_bundle
Value: rBEKRV9pMXdnRnJqOUJpQjB1dGR0M2p6dkhoJTJGUktQM1FHd25mdlZVSnIzeUVxT1pTUyUyRk16amxGVEJjJTJCOVRzcEJ2ZVA2ZDUxRHlJM0I3ZDdLWkhMSmJ5NXl0MHFtTVlSR2R2Z2NoZGJ3U0FWM3NuaGl5bTBBS0JLZSUyQjJ3azNLUFVKN1poeTgyJTJCRnNJZlN0Z0xLT3g5aW9veEdnJTNEJTNE
.media.net/ Name: data-a
Value: 780750410301151874~~1
.media.net/ Name: data-tam
Value: setstatuscode~~35
.media.net/ Name: data-ttd
Value: 342529b7-ba0c-480c-99d6-cf15a7b5263e~~1
.emxdgt.com/ Name: uid
Value: 77741656038523514390a2
.pubmatic.com/ Name: SPugT
Value: 1656038523
.media.net/ Name: data-o
Value: 8db0b5ef-ca5f-06e8-3072-7939789e8963~~1
.media.net/ Name: data-g
Value: CAESEK1cZragodmp-DP2br-sSoo~~1
.media.net/ Name: data-bs
Value: ecba0b5f-e39d-49d2-9913-8b700ad86555~~1
.media.net/ Name: data-c
Value: 5a6aa517-4a2e-4510-942b-60d59c9c26e1~~1
.media.net/ Name: data-r
Value: L4RUKSUD-1G-536O~~1
.emxdgt.com/ Name: apn_id
Value: 780750410301151874
.media.net/ Name: data-emx
Value: 780750410301151874brt77741656038523514390a2~~1
.rlcdn.com/ Name: rlas3
Value: U2UB2REE8AgO5Yhzlr5vYz8girVhiZ9Z0sJX4lbEXP0=
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bFB7LM88AMjKO1WuCoMxA8a+JUixCbOKdrlsURZUKs6GF3nm5UuIoH6beI3Q6RBmJsbFZ9qNVqPlmjYHTlS9mMvOh8r+cdlDDeyqVI1k5poNA==
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&fc03402d-65c6-4189-8aa7-e4cd9affb887"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2810:u=1:x=1:i=1656038523:t=1656124923:v=2:sig=AQEB37KnWFC4A013e4fqIayYdKoG8b4G"
.w55c.net/ Name: matchmedianet
Value: 5
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIpNDD1qTl6joQBRIWCgdydWJpY29uEgsIpOS_9qTl6joQBRIVCgZjYXNhbGUSCwiihozhpOXqOhAFEhcKCHB1Ym1hdGljEgsI2sau4aTl6joQBRIWCgdzdng5dDUwEgsI4vyj_aTl6joQBRgBIAEoAjILCOL0pqq75eo6EAU4AVoHc3Z4OXQ1MGAC
.openx.net/ Name: pd
Value: v2|1656038524|gy
.mookie1.com/ Name: id
Value: 10626665533280943343
.mookie1.com/ Name: mdata
Value: 1|10626665533280943343|1656038524515
.mookie1.com/ Name: ov
Value: 538a0eb41b597787078adcf85eeb8323
ads.playground.xyz/ Name: connect.sid
Value: s%3ACIaRFu3baYISsAZjj-w_cyynL7o_2JtM.bSjTpEW6dtUhRlb%2B%2BCIiJd9yXprco%2BpPToneXJv2fgE
.media.net/ Name: data-xu
Value: SRwRaWKO1O4zgJ5~~8
.dotomi.com/ Name: DotomiTest
Value: 1b66d938d4908e5
.tapad.com/ Name: TapAd_TS
Value: 1656038524577
.tapad.com/ Name: TapAd_DID
Value: fdc21428-de9d-410c-b112-7aecc9791d28
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJykMBLvyM9xHnXZ4DLFr5EZ/RQQdxNoL3+5LvPAP2udB0e1yleZ1OtERO41Tw0j/sJmu8dXUS1BGa69G61RgJfu3KXUZWqF4P1x31HP8sOknXg1BjXtW4YqJvd+Mk/J4dKLf9hXl9iDFEoFkOZjM2okhStKn/2uJpmIs1+4Sob6AzECOlE3nyA=
.bluekai.com/ Name: bku
Value: XVzO9cyA+VJVmMyL
.media.net/ Name: data-c-ts
Value: 1656038524
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.mookie1.com/ Name: syncdata_TAP
Value: 1
.media.net/ Name: data-co
Value: AAADKVTf1pOetAMPafGRAAAAAAA~~8
.agkn.com/ Name: ab
Value: 0001%3AW04SNzoqFyLn3RMsvcL%2F3A4eTrB01JBb
.mookie1.com/ Name: syncdata_NEU
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: e204589d-15fe-4de9-8d49-1bba08760a86.425252524
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: pi
Value: 159463:4
.pubmatic.com/ Name: DPSync3
Value: 1657238400%3A219_221_226_228_197_201%7C1656633600%3A164%7C1656115200%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1656633600%3A38_15_2_223%7C1657238400%3A222_238_13_48_8_234_57_189_56_21_165_96_231_104_204_243_55_166_7_71_240_239_54_81_178_99_233_22_3_5_220_176%7C1656460800%3A216%7C1657324800%3A35%7C1656892800%3A63%7C1661212800%3A69%7C1658620800%3A224
.onaudience.com/ Name: cookie
Value: 5311e75cf60d0770
.onaudience.com/ Name: done_redirects104
Value: 1
.taboola.com/ Name: t_gid
Value: 2c2c22e6-f211-4326-adaa-bcf6cad9fe58-tuct9aea9fe
.fiftyt.com/ Name: fifid
Value: f578a07e-c335-4f64-580f-1507ea019a47
.fiftyt.com/ Name: cs
Value: MTY1NjAzODUyNnxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fNG5PzncFu3M_2cjyvo3dzxQr4oYL2E2Qi3rNx7TP3VK
.media.net/ Name: data-pba
Value: C3E08DA9-D324-4D66-8134-C7493E27E7EA~~1
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D8e783a0e-e239-41df-b2da-e8ca6774fae6
.bnmla.com/ Name: rx_uuid
Value: 8e783a0e-e239-41df-b2da-e8ca6774fae6
.bnmla.com/ Name: rx_maxage_10738
Value: 1657334526
.inmobi.com/ Name: idsp_c
Value: 029468b7-a675-40c2-9cbd-9b918352fd63
.semasio.net/ Name: SEUNCY
Value: 56E3D47A1C722134
.fiftyt.com/ Name: fppm
Value: 20220624024206
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 23a0d924fe86424d61b43fedab1bdeff
.bnmla.com/ Name: rx_sspid_10738
Value: 170
.onaudience.com/ Name: done_redirects161
Value: 1
.onaudience.com/ Name: done_redirects252
Value: 1

12 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://px.britepool.com/new?partner_id=t
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=780750410301151874&pn_id=an
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://mathid.mathtag.com/d/i.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://fr-actions.trackonomics.net/prod/www.theonion.com/action_links.json
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://api.britepool.com/v1/britepool/id
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.resetsrv.com
ads.yieldmo.com
adservice.google.com
adservice.google.fr
aep.mxptint.net
ampcid.google.ca
ampcid.google.com
api.bounceexchange.com
api.britepool.com
api.btloader.com
api.rlcdn.com
as-sec.casalemedia.com
as.jivox.com
assets.bounceexchange.com
assets.jivox.com
ats.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
btloader.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn-as.jivox.com
cdn-magiclinks.trackonomics.net
cdn.jivox.com
cdn.speedcurve.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
contextual.media.net
core.iprom.net
cs.emxdgt.com
cs.media.net
csync.loopme.me
data.cdnbasket.net
dfp.bouncex.net
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
ea7c9cdb38c09d24f198f111e02fea78.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
events.bouncex.net
evs.jivox.com
f.kinja-static.com
fastlane.rubiconproject.com
fr-actions.trackonomics.net
fusion-media-group-d.openx.net
fw.adsafeprotected.com
geo.privacymanager.io
gocm.c.appier.net
googleads.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hblg.media.net
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.kinja-img.com
ib.adnxs.com
id.rlcdn.com
id.sv.rkdms.com
idr.cdnwidget.com
ids.cdnwidget.com
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
insight.adsrvr.org
js-sec.indexww.com
kinja-com.videoplayerhub.com
kinja.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mathid.mathtag.com
medianet-match.dotomi.com
mug.criteo.com
mweb.ck.inmobi.com
odr.mookie1.com
page.cdnbasket.net
pagead2.googlesyndication.com
pb-logs.media.net
ping.chartbeat.net
pippio.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
playercdn.jivox.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.media.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.britepool.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.mnet-ad.net
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssp.behave.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.scroll.com
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.resetdigital.co
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
tag.bounceexchange.com
tagan.adlightning.com
tags.bluekai.com
tags.rd.linksynergy.com
theonion.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trx-hub.com
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
vid.kinja.com
view.cdnbasket.net
visitor.fiftyt.com
widget.us.criteo.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.theonion.com
x.bidswitch.net
x.kinja-static.com
xch.media.net
api.britepool.com
mathid.mathtag.com
px.britepool.com
104.127.172.242
104.127.64.185
104.18.18.126
104.18.19.126
104.244.36.20
104.36.115.109
104.36.115.111
104.36.115.113
104.36.115.114
104.45.178.220
107.178.246.49
107.178.254.65
108.168.159.145
130.211.23.194
142.250.176.194
142.250.64.102
15.235.15.221
151.101.130.49
151.101.65.44
151.101.66.166
151.101.66.217
159.65.197.210
162.248.18.10
162.248.18.11
167.99.21.53
169.197.150.7
172.105.221.240
172.217.165.130
173.231.178.77
174.129.154.195
178.250.0.163
18.233.244.171
184.29.132.212
184.29.133.6
185.167.164.39
193.122.130.38
195.5.165.20
198.148.27.139
199.127.204.142
199.187.193.166
199.232.198.217
199.38.167.129
204.2.255.224
207.198.113.86
23.209.184.224
23.22.255.185
23.34.248.177
23.34.59.26
23.41.168.23
23.57.136.222
23.88.75.189
2600:1f18:1c96:4102:49f3:ecb9:1797:d45
2600:1f18:4e9:5a02:7048:1629:7931:e6d0
2600:9000:2073:f000:8:48e:53c0:93a1
2600:9000:208f:e200:1d:8c8c:47c0:93a1
2600:9000:2199:6800:18:1fcd:351:7bc1
2602:803:c002:200::42
2606:4700:20::681a:246
2606:4700:20::ac43:4686
2606:4700:20::ac43:4acf
2606:4700:4400::6812:230b
2606:ae80:1471:15::440
2607:f8b0:4004:c08::9c
2607:f8b0:4006:806::2002
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::2003
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::2006
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81f::200e
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::2008
2607:f8b0:4006:824::2001
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2a04:4e42::300
3.209.99.106
3.219.23.242
3.82.180.220
3.86.123.228
3.94.241.28
34.102.163.6
34.102.253.54
34.107.136.65
34.107.148.139
34.107.191.194
34.111.8.32
34.117.175.218
34.120.155.137
34.120.234.209
34.120.253.250
34.149.130.207
34.149.148.173
34.198.184.125
34.204.59.188
34.236.83.94
34.239.59.172
34.98.64.218
34.98.67.3
34.98.72.95
35.170.174.103
35.190.60.146
35.190.90.30
35.201.96.126
35.207.10.239
35.207.24.140
35.211.165.199
35.211.178.172
35.71.131.137
35.71.139.29
38.27.122.126
4.78.226.233
44.196.141.245
45.35.192.162
5.161.54.172
50.57.31.206
51.178.20.140
52.0.156.250
52.4.54.89
52.45.33.138
52.46.130.91
52.54.42.45
52.72.91.74
52.85.132.100
52.85.132.54
52.85.151.63
52.95.119.178
54.171.206.228
54.225.93.213
54.243.191.164
64.202.112.127
68.67.179.133
68.67.179.87
69.173.151.100
69.90.254.78
74.119.119.129
74.119.119.139
74.119.119.150
74.121.140.14
76.13.32.147
8.28.7.83
8.28.7.84
99.84.103.191
99.84.108.20
99.84.208.120
99.84.208.19
99.84.208.37
99.84.210.121
99.84.222.80
99.86.224.108
005b726c70c365b5d60379d98a24232fbcd74703605b34551575b77f3dd1d704
009801fbd69b1ae8aa64ff505b0b574639b29687607c4886ecf305173726111d
02168ed0848731bbbc4eb630fec028db119f02673ad3cb558d21546d59df7d42
02ae9ac6e223e3174dd00e0b0a512eef093515d7ea42bbd263966760b1a22d19
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
04a003543a579ddf388564b183fc42330730565e014f2f9870eb63c9c587bf58
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0633c49d241ff7631b803b1ff99d2ebca713d7f01e70fc70c49702bda7945f6d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
073b21c537d95d2274fb5b5392f51ce22a873199388cbe0db242427dca9fdb11
09e5d7759c3bc652a195284481342562b628aace13850b643cc8ef5318abd58e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8db4fb7b462b2e87a758a1968e83f666a95ede8539802dd8b9eec1ae6971ce
0ca04cbc52d0db4ddb0d13e73d51964a224c66c2474738af21c36839a3c15dda
0f09fe2c1df1e1241d4a8720cd25c80d03c8aec5bc128be51a1f97d5c3c9a5af
1028692b99de9ad9b21a70d17cf2598418d30127bc0e78d94fecaf38328d53af
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134a42905c70de4301c37f3a6388c2e501b07742cb9ef79595b5f2ecee89e996
13ae7d8d4406fcf533fe119dbefc049b680954e2229df6bfb3f9208435fd7cac
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b61c14a1c18c7d16e5ceb87786d42a2012b99ef2e2d7f387172b09aed940cbf
1b871a3915bf2f2ea3125266f109c1f33226304f1fa99ed0cbafa0aee9fb883a
1b901edf234cb849cac6825e7a10c109d7dbef953504ebb47dd8c673bb1a7858
1ca5004175d26f368904237be2f30babc58c218aa7481a39dbe45fd4d9496401
1eee0ebb0f62102fc8a60b840040879ec2006393a094e14246e614ad2d786787
1f746f19a69181dc803ed4b8c9cf041710d0e41e572494315dc383c2097b6e29
202060db07e37bb7aae11c3a174ca6c047072570c4857e413b5a2a035f197636
22a5522f73319b262da3aff3beddc419078ee817f7de265c25c8d99c0dfb084b
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
25dd534b54365a2dad31b02d486a2278447d9b697348d820bf4089708021b101
26301956e39ac9265de361fbca1ff6e8ba27c3b4095b384c5537f1556424130d
26a044c77387482361a14944149abad392038c2c3994f62dc8ee22cf5794ede2
2927d7462119e316f133f948ddc045aeb2152789468326012a4da3d8525e745b
29e144d7a4e59f6c6a2959cd7f4bb91f9419945f1e106658fc6a0fb4644f168b
2a9155f50ff45150c98d3e5e9800022fcf7610f6c348d99e2f988051b9799aaf
2a9b5af79946512402b6b8336c785370b6a7ae3fc45e4625e84555856cf7872b
2afe57c56ff07cfc14c5f6fe8bbc9aebb4f29feef122bca929fd741d996a1c77
2b4ae0416425af570bf943a6892376366b92e2deca08d9ced15c63cdaf06502c
2d52b68d038913ca950b6971f7fdf46b7fcad9a3d90e7494b23c9234362f9607
2f54a755b9dad94a917f22670875f3e77e6bcc69ab1039d2a6415069ab0c0026
3000b1b9efc5af18e1e72b35583b66dedf7a4e44906f570d200a8ecf765cbdd0
34fdabcecf8abe48ca921b23839ca6304ae4942011b527b1ec160a991d53bb53
355cc61b02b30847958913891715a41352be8e4f45f118e7ad05aec2b09cae19
366d0ca7a7f95f1a99b1722276601747fa14752e174f4a377767b20c17a42eca
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3737e1bae07e1b14fc5c974e1410ea6cbac8575d8f29137077098c300fafddeb
3a31965c2ec17cdc744cfa7e644a06a6bdc40be870996427d1a808efbd161b3b
3d764be1388f0488c90be29ca58c3ad082f9d954ece8448448779bb79e3ca7a4
3f5dfc1b13ca46ddc104a9f6abb84bf87cce0ac13141af4e243d36f415caf6d1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ffec19432c6a816742224c1b7737ee3557d7e641cd28b6f4d549bd125d38898
415ba7668eb39df545178584a30aa5787d99267e4ca6083df9653b5bb4f5254d
438df25b47900f4169b4d8dd19a6041e2cf91a4f4bbb0e45473a475396ef6efb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d0bd5bb121914636533012598b76ba697a956b792fae1c44051f9120e73cd1
496a55670b5babb1da589f0d90cae3b84b01d4710b9c50f7a6e91e551991c349
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4caad4842547c6c35284766da0ca71d53fe604e892646808fbf2aaa766d7ae3f
4dbc9f1cd61faa65988b09b34e18afb89b2461f5be713f3b50a5fdb3bf3850f8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51369afbad2e903c1f66746fc82f39d7e4575f41b5085aca7dc9f48576affbf3
528edd8dd7457b4985c6469fb36ee8d40f871a3071b7ae4d427df6aa1b682e01
5338cf28185a0f0aee716e5ea8592b898b678b6e67925633a13925e4dab253a2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a2bddadbedd2518cc2b1b523defd088477fc3cf65213d4fb6103fa05f129cc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d
571bf2874f0d17d36e34dd86a44c881aebd2a741703b7685335d024b10b313b3
594fdcdb209b6650649d47cae551fac383c03889007602c13dd7a430f0ceb846
5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc
5c8d7341a586646a7352cff98828c3a2b40e11c470a7135f6a8ff35ee038ed56
5cda4d2f6d3370bcd7037f155ab99b0a169216fb24beae59273e96a208ada2f1
5d8b255182de2684e2e17f2d36273f83d72287116879d7ef038c4c24dee84cee
5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549
5f9cfd831bac63a8fb2113e8e6bb303f8e8585db21e60adcf4a75a910d7de5cb
61af5383be54034e7824003c127930aa1dfe7c0fc3aee783aafb50a12df04a98
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad
63a7de33b0b878b6a99ff9129132bd58adddd1d9c94312ed74212d730f0285ae
664ef2bc50d354920f872de049e1d7e806f64666ad0df0be053b79213e4400b6
667ade71ffe22726d280d30aeb8d49c43a35e9b6e1b87f1bd6e0a1baf898a02a
66c1200e7395dd9bfc9ef31a69a4d81009a044a8c47e70a73ccaa5a413eecda4
6865fdaa619738961b7a2b2ce90803745a2327084d611f55145b09750505f5a0
695d18fc0d3253ff18ee97cfc66179c16f4aa1e823820bcee093e9295ca947df
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c801218dc5017f81047f7c9b21458e07e4a72e757004f15ecb4796bbdc6800f
6cad8f307be75a8f9c12ade1f85e54fe0892e6c397f1119b79a6a4db76c5751a
6cff26cdfe15ead79e8b3f31783171f6eae4bafb774a7dbd5c8f48ce92ae0b2d
6da1a2466594a859fe55e319b7475ffcb05bc8ad872d74047262df58b7b4c6e1
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
7114e74aca0863465b98e9d607d1eaf7a47d0d30fbd6299416e92b87cae7e8dd
78e6123d398df1e88034710dcc3591bb4acf4d6f621a00562d8d99defafcb8b0
794988cdd4276662be72313c3fe92c673a2d64dad47a7b3030423a4feab406d6
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7994405d1523f6daebb92e945c9301ff76d0ec0797cc5feac0aeed5a8230183b
7ca5cbfb2f8ef9ce4418ad8914ac5fa3b736b38cdb71a7d7b1d38a090bf59ba3
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
7f8f7b0b3ed9cc7c0de194471aeb8deb5bdc5578ccccda76bfa5fcba26f22426
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c742aec98cc6e80ec9c48994c6bf8e47d05f49210895536158df9d9baab8d0
8628ce0be54c615bcf7cfef10e7306141208b6c0302fd60d32794cd4a2b03e42
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
878eca272b777cc8477c5230448c0699fa5ab65ea0078eb81c252f7edc52dad2
883d627e0da276e00b4d73dc684f283cfb7d537a59ef01dd28432034942c7a19
88cc184af2fe5d0dca6d0b82d4095c1e3186ee14e54b2ff5bf6ec94f308134ed
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8adbca7c94a147c083f537865f279f6be4a4fd50bb39e5c4e961f2c76a28292d
8bc857b4d0e88a228918bffcd18989a34eb6458bcde621e8ab7ef8754c6a0f6f
8c55d5d2a5bfb0e75629cedc6020ac57678d386ea8e6e0c4655a1efe5f693f28
8ccfa1665927100d8ff8a0377c8e70b2d6c77a9731344ace8208ba48509f76e3
8d3930c36cec3973ad57efc6aa7db089903983c71e5ca043e59e705fcbfe6895
8d605ac6364a4cce77b9a2840829a2082070672a3041fbdcd49e832180ed19d1
8df11986d9c304a2d7364ca836107597a47f032809e24dad86fc03486c8fbadf
8e8d2c867ae480b6b318900eb4168d5645f635420bdb1626976c9c0af71c45eb
8fa353f71e74d48c21c91bffcda604c38aa4213921ce24014fda75b1aedc6f45
8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9137bdf81723024c1925485b24c63b309bba5d9a00892fae4d1e4a89b4a05a8b
92cc22507e69f2baa9a37f4dd7767bad45f4531a1667fd8cfb0665dd7bfd52d1
936add2ae980ead3784809a3cd9d76d3bb7a93685c5a6570b8613955608486cf
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f6e84fd28977cf53aefadb395effc75c1c1a9d66316b4ef1e208074d43b008
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9de17ab4cd37bb8a6a102cbc9fff239f23204fa786f85574dc77c25508dfd0da
9fb447aa283d2c4a8e19f86f5d02223797a6e4834731642b5213414d7ad8a744
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ad79f8595bd0e292ee596db63d06f80e8a3ec4a6cf84621a4d2af673562a87
a2f27733e05a3a7058b6bd3d8f99b383d3a2761d04338ed5727a2f2c2bb6195c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a4fc5f462dd0ea8eb6cad29a793f059946ebb69b7da212fe530f2ddcf3440f14
a4fe275accd55a346519a10dcddc62f1dca9208793cf4f7c1227db825bfa0ffc
a6fa873d38073539d9e87f43fb07e63ed486127a74d7644c4c9be28a1aaac334
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7eb54b19ce3206a32381d4fe45bd913fdbc714fd492c71d5d0721158a888fbc
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a866ca1136e806e9828e414cc01cb80545d02cec04818a4522e8f56d6fa6f9ae
a88b04c6028922191091e1e99b45742294f56636bfd0324263f123b2c8bc30c0
abaab5f3c359d6a476edcedc9e159956652bae284abe355f1774aa2fc1316dfd
ad4445bb8aefb0915922290b47212311edcd2931fcf8f22f59588be7ddc81ead
ad9179d5714c6872d3b71d91ac30087f3c9751d34fbf044fd91955844e7d0561
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe80cc4efffa62ffc67e3a61179939c08d3fa2d207b5edbe0aa1a856cb16534
b01ef7916c2e4d5e7b97fbcdb95caf8e24f184a773b9ca533a9a416b4aea4218
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2951f530d41c1f5b6f5fe1ac77f6948c4f5936c424442cf408d796e50944afd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be365686b6806f5d99352bbc34dfd5dd25db8060c8061a27d07955876a32dba4
beb323148aee40bdf1fd04fb5263d7971a5a37bf305f680346ec774fa4db3bfe
becaecc6663d091f14a00c80317ebc9fa3beeab411becf786f6df9f266192a6a
bf813a5aec2150af513f7b845e176a7ba48ffce729ca830a2e3d0729562765ce
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c26bc2777466506b367f46437b9780bba7bd174e1eb5f097956a9683023107f9
c347576707c3ced59ecd466e54efc82ef26630eb9c4672cd2c26e577b914dc26
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
c92569f3bf39abd4418f11d271ea1047662b15c4986a6d708ac3dcccfa49c48c
c93530e469af3e79ceb1e629370e04da374aa0629e92a6fa4c645246474f233b
ca192dfac9cd86a22ece1f99cb1f3bc0042a78062dd0efcc75f5c3994f48f0d7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd2b62f8b97109b3c256b6907602a2fe4de7999c88050402b0d5efcd94009eb1
cd7ef1344c39be1d57da91ea1fb5f5e69be37512d670242dec44a91e28bacf44
cdab249eb2ebb19b28d1799a3395332f8158f92bb2ac2003c2651c7762a3e6cb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09b273f9858b0cc409dac1ad936d2c56708934debb98da0283c16eb61bab1e7
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d21d99ac54f111bdda38b3064999c174301d5fe3762913fea562c43422a3ca98
d7685d961a175a9df933dc1ecc9bb703db5496c5c442961232c2c204b126fcb3
d7d70191c4ae206d1bb0fe914396baa00deb1cfd2bd4ea9a340b72e4d9c577c5
d840f0d6fa9d269bbb3ba942393b71e93c77092408a5cb15d7017bce287174b4
d924f0a8b2ea7ebdbca0cd7344422edacbbaa19de8679ad79b1fa3dddd0e6e19
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dc99b40b87c5fab259039ebb6b41e96d80f245956285500219e26b8bb34a546e
de07b0598813f5f5e306457369142146784ba2bd3955ebe0a03e7405bb2365cb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e048322e1f775c081a251977ac8dcaa89a38d8f3c94c364627c3fa42cbc17750
e14be9e8f91d3649c96f7c89191f211bfd2943687755a6bd5177203c5adb57af
e1e505eb5a57e86177114498d793a00952d85c55ce7f0282afa17af9109b649f
e23279b70cc075a69239a1a0b47d9e2354c8a2e5debe828fee80aa8a84dc721d
e2d54a429e2e49810bbb36bd0b7b33a8b94abde8d386a1e2eff7ba09b0aeb553
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49c8515f0abc0adaea6451f3cae2ba7ae89a5f3ad8322c811dd41ba1c501a7a
e5fa1b90217bb9ee7ec9bc013916964ddb9e2605d81c01c75242a05083a9ce78
e5fb2c716bd5857cb276f3cb6ca76b9bc584356d5506067bd22fba52dabfce50
e6b4b912bd8becb17141bbe77e6352b2b5e3182ffb41087bec8a958a4f77faec
e6f6bcacd16d4885735c8bf34e64b14598bc75b360bb02da44bffb9ab73dc1fb
e73f726b25754f8c4de789b1057a2bea169997a71412b2b4a404a1e0b80d0f2f
e781beb642740f7aa7395c523d722f2df0811526898f9871867ca49608bea019
e996c1f859b77f4062159bf45dabe432910c44cffd1a9157c1e7ea44544e46c9
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecca2db6293aeb8d4af72107cb4ddfe7236fdef4f866e7d76668b17d6433d4dc
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8a5c6a8e3f506ff17160402e515cba52a8f998af33c36906d532d35d64426f
f0ebb5be95d86d4c05f3e6888a6b46e39f3ddb32404956a96dd18ab4dd1e12b0
f23a96343ab17bfed4aef1d6e9afd72ef022992bbc56466cbab5f1f20260d302
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f3dcc6bcc1e11c2b659aa18bc697624b73528dedc5ef2356ef96acc7fc0c169a
f4539e54173149bbb80d122258adaf968064ba8424f62d17cfede1f68c08fdb5
f5db5a470d7bb2196090b1fbb97ed9d44386cf975e3538563698a369665dcf5c
f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b
f722904fa31a4236fb51200095792d3030f75cccedbe33ec2e13edaad7073f3b
fa2a1fe1c0e3d33b927e32303167b4fd3627841e07729749019677cbfed23738
fa7d9bd2cb33c921b9344cccd91566456718083452bb63176be14d5c4357b2d3
fa85a4366200f608a99ecf4b1b933babdd9c5662cbe5d518b3daa57e53dbd85b
fb86633ecb74692134067335cb70dd9fd869f3108a4863588433fdc9e6db2e4f
fcf7264e8bbdb639f80a0983b493218d51fe9cc8b3f19e6291a1cc8e51d6e905
ff22771b825d214b07ef4ea19e28ae0fa1b434d7f01f07cdd1720e8fa4d1bdee
ff73bad095a970753de1f9ab5e9bc4864af2738b951b44c8ffa952a5b2b9cb17