www.theonion.com Open in urlscan Pro
151.101.130.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trib.al/GzkJZ50
Effective URL:
https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=...
Submission: On November 23 via api (November 23rd 2023, 3:25:05 am UTC) from US — Scanned from DE

Summary HTTP 184 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 56 IPs in 6 countries across 45 domains to perform 184 HTTP transactions. The main IP is 151.101.130.166, located in United States and belongs to FASTLY, US. The main domain is www.theonion.com. The Cisco Umbrella rank of the primary domain is 129312.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q3 on August 2nd 2023. Valid for: a year.

This is the only time www.theonion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.211.170.3 3.211.170.3	14618 (AMAZON-AES) (AMAZON-AES)
2 54	151.101.130.166 151.101.130.166	54113 (FASTLY) (FASTLY)
2	18.245.60.72 18.245.60.72	16509 (AMAZON-02) (AMAZON-02)
7	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
1	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
5	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
5	18.66.112.27 18.66.112.27	16509 (AMAZON-02) (AMAZON-02)
8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
5	18.66.147.50 18.66.147.50	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
1	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	54.152.130.91 54.152.130.91	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	44.207.42.96 44.207.42.96	14618 (AMAZON-AES) (AMAZON-AES)
2 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	104.26.8.50 104.26.8.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.41.60 172.67.41.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.64.124 18.245.64.124	16509 (AMAZON-02) (AMAZON-02)
1 1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	64.233.167.154 64.233.167.154	15169 (GOOGLE) (GOOGLE)
1	99.86.4.128 99.86.4.128	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.16 143.204.98.16	16509 (AMAZON-02) (AMAZON-02)
1	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.32.121.49 13.32.121.49	16509 (AMAZON-02) (AMAZON-02)
2	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
5	18.203.29.182 18.203.29.182	16509 (AMAZON-02) (AMAZON-02)
1	52.223.6.21 52.223.6.21	16509 (AMAZON-02) (AMAZON-02)
1	3.125.101.88 3.125.101.88	16509 (AMAZON-02) (AMAZON-02)
1	54.217.228.107 54.217.228.107	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.65.240.35 3.65.240.35	16509 (AMAZON-02) (AMAZON-02)
1	213.19.162.43 213.19.162.43	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.76.107.155 3.76.107.155	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	13.32.99.59 13.32.99.59	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.164 142.250.185.164	15169 (GOOGLE) (GOOGLE)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	54.80.172.124 54.80.172.124	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	142.250.185.65 142.250.185.65	15169 (GOOGLE) (GOOGLE)
2	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
11	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4	193.108.153.19 193.108.153.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.26.2.70 104.26.2.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1	178.250.1.3 178.250.1.3	() ()
2	130.211.44.5 130.211.44.5	() ()
1	35.210.149.152 35.210.149.152	() ()
184	56

1 3.211.170.3 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-170-3.compute-1.amazonaws.com

trib.al	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 151.101.130.166 (United States) 2 redirects

ASN54113 (FASTLY, US)

local.theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.kinja-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kinja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.112.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-27.fra56.r.cloudfront.net

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.147.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-50.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.152.130.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-130-91.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.207.42.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-42-96.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.8.50 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kinja-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.64.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-64-124.fra60.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-16.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-49.fra60.r.cloudfront.net

cdn-magiclinks.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.203.29.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-29-182.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.6.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8c33d2b6751b365d.awsglobalaccelerator.com

direct.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.101.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-101-88.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.228.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-228-107.eu-west-1.compute.amazonaws.com

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.240.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-240-35.eu-central-1.compute.amazonaws.com

krk2.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.43 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.76.107.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-107-155.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.80.172.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-172-124.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net

47fde2a29987a334b32e5278273fac2d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.108.153.19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-19.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.2.70 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.44.5 (None, )

ASN- ()

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.210.149.152 (None, )

ASN- ()

tps-dn-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	theonion.com 2 redirects local.theonion.com www.theonion.com — Cisco Umbrella Rank: 129312	574 KB
19	kinja-static.com f.kinja-static.com — Cisco Umbrella Rank: 32070 x.kinja-static.com — Cisco Umbrella Rank: 30373	321 KB
13	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 ad.doubleclick.net — Cisco Umbrella Rank: 154	205 KB
11	gstatic.com fonts.gstatic.com	214 KB
10	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 587 pixel.adsafeprotected.com — Cisco Umbrella Rank: 736 dt.adsafeprotected.com Failed	212 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	63 KB
7	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 496 tps.doubleverify.com tps-dn-ew1.doubleverify.com	210 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	71 KB
6	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1136 pm-widget.taboola.com — Cisco Umbrella Rank: 3595 trc.taboola.com — Cisco Umbrella Rank: 705	305 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 47fde2a29987a334b32e5278273fac2d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	43 KB
5	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 353 insight.adsrvr.org — Cisco Umbrella Rank: 584 direct.adsrvr.org — Cisco Umbrella Rank: 3477	2 KB
5	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2185	123 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 877 api.btloader.com — Cisco Umbrella Rank: 948	18 KB
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625 htlb.casalemedia.com — Cisco Umbrella Rank: 511	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	193 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 447 fonts.googleapis.com — Cisco Umbrella Rank: 31	128 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 946	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	128 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	ml314.com ml314.com — Cisco Umbrella Rank: 1908	11 KB
2	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 376 fastlane.rubiconproject.com — Cisco Umbrella Rank: 513	2 KB
2	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 957 ats.rlcdn.com — Cisco Umbrella Rank: 3275	37 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
2	kinja-img.com i.kinja-img.com — Cisco Umbrella Rank: 25419	61 KB
1	criteo.net static.criteo.net	31 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1376	201 B
1	google.nl www.google.nl — Cisco Umbrella Rank: 10244	408 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1825	607 B
1	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 757 gum.criteo.com Failed	195 B
1	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 1165	367 B
1	kargo.com krk2.kargo.com — Cisco Umbrella Rank: 2762	466 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 246	598 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502	114 B
1	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 2448	430 B
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 572	544 B
1	trackonomics.net cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 6223	28 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155	17 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1585	15 KB
1	videoplayerhub.com 1 redirects kinja-com.videoplayerhub.com — Cisco Umbrella Rank: 36549	446 B
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 2376	372 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 5530	232 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 674	14 KB
1	kinja.com kinja.com — Cisco Umbrella Rank: 30306	1 KB
1	speedcurve.com cdn.speedcurve.com — Cisco Umbrella Rank: 6204	9 KB
1	trib.al 1 redirects trib.al — Cisco Umbrella Rank: 23588	241 B
184	45

	Domain	Requested by
31	www.theonion.com	1 redirects www.theonion.com
12	x.kinja-static.com	www.theonion.com tagan.adlightning.com
11	fonts.gstatic.com	tagan.adlightning.com fonts.googleapis.com
8	securepubads.g.doubleclick.net	www.theonion.com tagan.adlightning.com securepubads.g.doubleclick.net
7	www.google-analytics.com	www.theonion.com www.google-analytics.com tagan.adlightning.com
7	f.kinja-static.com	www.theonion.com
5	pixel.adsafeprotected.com	x.kinja-static.com tagan.adlightning.com
5	tagan.adlightning.com	www.theonion.com tagan.adlightning.com
5	static.adsafeprotected.com	www.theonion.com tagan.adlightning.com
4	cdn.doubleverify.com	tagan.adlightning.com
3	api.btloader.com	kinja-com.videoplayerhub.com
3	match.adsrvr.org	2 redirects js-sec.indexww.com
3	c.amazon-adsystem.com	www.theonion.com c.amazon-adsystem.com
3	www.googletagmanager.com	www.theonion.com www.googletagmanager.com
3	cdn.taboola.com	www.theonion.com cdn.taboola.com
2	tps.doubleverify.com	tagan.adlightning.com
2	ad-delivery.net
2	tpc.googlesyndication.com	tagan.adlightning.com
2	www.googletagservices.com	tagan.adlightning.com
2	fonts.googleapis.com	tagan.adlightning.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	www.google.com	tagan.adlightning.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	ml314.com	www.theonion.com ml314.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	dsum-sec.casalemedia.com	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	sb.scorecardresearch.com	www.theonion.com
2	i.kinja-img.com	www.theonion.com
1	tps-dn-ew1.doubleverify.com	www.theonion.com
1	static.criteo.net	x.kinja-static.com static.criteo.net
1	ad.doubleclick.net
1	47fde2a29987a334b32e5278273fac2d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ping.chartbeat.net
1	www.google.nl
1	geo.privacymanager.io	ats.rlcdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	bidder.criteo.com	x.kinja-static.com
1	grid.bidswitch.net	x.kinja-static.com
1	fastlane.rubiconproject.com	x.kinja-static.com
1	krk2.kargo.com	x.kinja-static.com
1	ib.adnxs.com	x.kinja-static.com
1	hbopenbid.pubmatic.com	x.kinja-static.com
1	hb.yellowblue.io	x.kinja-static.com
1	htlb.casalemedia.com	x.kinja-static.com
1	tlx.3lift.com	x.kinja-static.com
1	direct.adsrvr.org	x.kinja-static.com
1	cdn-magiclinks.trackonomics.net	tagan.adlightning.com
1	secure.cdn.fastclick.net	tagan.adlightning.com
1	ats.rlcdn.com	tagan.adlightning.com
1	config.aps.amazon-adsystem.com	tagan.adlightning.com
1	pixel.rubiconproject.com	1 redirects
1	insight.adsrvr.org	1 redirects
1	static.chartbeat.com	tagan.adlightning.com
1	btloader.com
1	kinja-com.videoplayerhub.com	1 redirects
1	idx.liadm.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	js-sec.indexww.com	www.theonion.com
1	trc.taboola.com	cdn.taboola.com
1	imasdk.googleapis.com	www.theonion.com
1	kinja.com	www.theonion.com
1	cdn.speedcurve.com	www.theonion.com
1	local.theonion.com	1 redirects
1	trib.al	1 redirects
0	gum.criteo.com Failed	tagan.adlightning.com
0	dt.adsafeprotected.com Failed
184	69

This site contains links to these domains. Also see Links.

Domain
theonion.com
avclub.com
deadspin.com
gizmodo.com
jalopnik.com
jezebel.com
kotaku.com
qz.com
theroot.com
thetakeout.com
theinventory.com
store.theonion.com
twitter.com
facebook.com
www.reddit.com

Subject Issuer	Validity	Valid
*.avclub.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-02` - `2024-09-02`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-19` - `2024-05-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
rkdms.com Amazon RSA 2048 M03	`2023-10-04` - `2024-11-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.trackonomics.net Sectigo RSA Domain Validation Secure Server CA	`2023-11-17` - `2024-12-17`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.dev.kargo.com Amazon RSA 2048 M01	`2023-02-13` - `2024-03-12`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-10-10` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Frame ID: 1CC5CA9932214C44A2614C27E4750A10
Requests: 140 HTTP requests in this frame

Frame: https://47fde2a29987a334b32e5278273fac2d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DAC517B429633332734332FDFEEBB206
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnwU3BZ02LQw2Kbfn_mWzOz5MxLLXvgalIXNS1W0CW1vWTaVScLHPq689rXSCQfuf7-fI1YB8P--RclPtsCdCB7m8eTbBTWXsSb4pC3Ct-43-VgH563HsHUII8d5QGkpm0fE6I9YtpqnF-YbuZiltOTKG-3qFygcmPeJeEg8ZsAW7Lfk2oyEPSNus6VzWa1m2cCAvPAYn5LSbJg2WYvSeOTEqAK6Yfo5G-Rhu2VD5Vcfa-DvLukg78G3H87aMUZ1_rzv2IPhkqXORz31msQQnPLX4ScVu9BGkbQVX7m8fxahozHdkIGGettrDIUoxQQMScJVaEysG2zt1lCA-hx3I2dn-B8SAEJkDWU9enGiH5xw&sai=AMfl-YT7X0Xd7Mha6z1inRuE5I3v9sCEdE8cJE_Q_N5D5KyBppjL892oYSHTjjxzfdG2a1yMvIM5Wjf7C9uI573aqRgWAhaIYYV8JefcbHw7JX0t2ue4gJf3ouMXwB_P41i6dxAkXwiHAfsIMUoP6r0rdg&sig=Cg0ArKJSzJYjf3a0j7ohEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 9EC250E06B4D79DD1A5D7F9E3A8D12E8
Requests: 15 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931294&campId=1600x350&pubId=4920965234&chanId=22443057970&placementId=6376910866&pubCreative=138446248708&pubOrder=3248573455&cb=1379641044&adsafe_par&impId=e3d82812-89af-11ee-8d15-025c7d14b065&custom2=top&custom3=&custom4=&custom5=top-01&custom=Twitter
Frame ID: 0F503A4380B9C948B3896649317821F6
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4951.js
Frame ID: C97857634A2A7D392B6FAA671FAD6E8D
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfY_qgtRtH3LxBQ0Xp01lzc-AN5Zy4EjNNBEAnNoFYFkVlmg9mXMz7RsJIJYsMrV-1bMcb0KUNIllArAbYW1fyQv6DRrSGSFJ6g50dsP5IiWyEFKAQ7yoF15IOa5j216kZaGdnf8QEc_SKD0jZYzCZx0nuvjhhr9qxKe-fZNSwjNAjq88MAdzDkrh4CgaAhD9K766unm5bFd2KwBpkWZ95WO2ekQLxFUx0xa7ZhDGdm-vesRtxG1w5VWFyJVgfrSSFn_gU3ojOm85ebyHLCnDgJBLU_W3zK8SI3sVwS9mY9g_a4BeWNA21hkUdQVVuTDe_CEPMGghPg5j6f9RJn-OAGjaoCpnd2Em-GZvcGaFZag&sai=AMfl-YTYlshyfqPAHLppKjnTKBiVHJi0mtKCNVLa7h6yFMqPoXvkoyvEmLU8iTjPynfBIEEvGuH1El62JwB-gyJjt2hFE-oOwNCZFx5GBXrFo8MtBKvJ0NeHYvcFl3y5Udz0UR8CKAGzncM24_Nm0S5vwQ&sig=Cg0ArKJSzNHZSBN0NgnNEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 45D5B171CBCCD44BE0759BBD05E070A3
Requests: 14 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931294&campId=360x430&pubId=4920965234&chanId=22443057970&placementId=6376910866&pubCreative=138450082289&pubOrder=3248573455&cb=1549196626&adsafe_par&impId=&custom2=left_top&custom3=&custom4=&custom5=left_top-01&custom=Twitter
Frame ID: 4F00205BC302D629A580913C48CA44DC
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4951.js
Frame ID: 49CBEE649EE03B89CD5B12C9AC42DC65
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C03615795B42840A3D1A6030BF7DAD7A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C29AD7E95F3414E05A2EAD492F6810ED
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: DE1D81043B6B7FD61EADF0B7025509D0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com
Frame ID: 7C16F8C9315DB9181035E76787C29ACA
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 37D66E3FD0083A14C38CD892DDA630B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Friend Who Sent Link To 8-Minute YouTube Video Must Be Fucking Delusional

Page URL History Show full URLs

https://trib.al/GzkJZ50 HTTP 301
https://local.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_conten... HTTP 301
https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_conten... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

184
Requests

89 %
HTTPS

0 %
IPv6

45
Domains

69
Subdomains

56
IPs

6
Countries

3041 kB
Transfer

8642 kB
Size

38
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://theonion.com/
Title: The Onion

Search URL Search Domain Scan URL

URL: https://avclub.com/
Title: The A.V. Club

Search URL Search Domain Scan URL

URL: https://deadspin.com/
Title: Deadspin

Search URL Search Domain Scan URL

URL: https://gizmodo.com/
Title: Gizmodo

Search URL Search Domain Scan URL

URL: https://jalopnik.com/
Title: Jalopnik

Search URL Search Domain Scan URL

URL: https://jezebel.com/
Title: Jezebel

Search URL Search Domain Scan URL

URL: https://kotaku.com/
Title: Kotaku

Search URL Search Domain Scan URL

URL: https://qz.com/
Title: Quartz

Search URL Search Domain Scan URL

URL: https://theroot.com/
Title: The Root

Search URL Search Domain Scan URL

URL: https://thetakeout.com/
Title: The Takeout

Search URL Search Domain Scan URL

URL: https://theinventory.com/
Title: The Inventory

Search URL Search Domain Scan URL

URL: https://store.theonion.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?via=theonion&url=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_medium%3Dsharefromsite%26utm_source%3Dtheonion_twitter&text=Friend%20Who%20Sent%20Link%20To%208-Minute%20YouTube%20Video%20Must%20Be%20Fucking%20Delusional

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer.php?u=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_medium%3Dsharefromsite%26utm_source%3Dtheonion_facebook

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_medium%3Dsharefromsite%26utm_source%3Dtheonion_reddit&title=Friend%20Who%20Sent%20Link%20To%208-Minute%20YouTube%20Video%20Must%20Be%20Fucking%20Delusional

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer.php?u=https%3A%2F%2Fwww.theonion.com%2Fchiefs-fans-try-to-name-a-single-taylor-swift-song-1851035829%3Futm_medium%3Dsharefromsite%26utm_source%3Dfacebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.theonion.com%2Fchiefs-fans-try-to-name-a-single-taylor-swift-song-1851035829%3Futm_medium%3Dsharefromsite%26utm_source%3Dtwitter&text=Chiefs%20Fans%20Try%20To%20Name%20A%20Single%20Taylor%20Swift%20Song
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fwww.theonion.com%2Fchiefs-fans-try-to-name-a-single-taylor-swift-song-1851035829%3Futm_medium%3Dsharefromsite%26utm_source%3Dreddit&title=Chiefs%20Fans%20Try%20To%20Name%20A%20Single%20Taylor%20Swift%20Song
Title: Reddit

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trib.al/GzkJZ50 HTTP 301
https://local.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing HTTP 301
https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.theonion.com/undefined HTTP 301
https://www.theonion.com/

Request Chain 77

https://kinja-com.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=kinja-com&upapi=true

Request Chain 85

https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NjU3N2JhZTMtMjE3Ni00M2JkLWEyYmUtZjYwODE2OGYyODFh&gdpr=0&gdpr_consent=&ttd_tdid=6577bae3-2176-43bd-a2be-f608168f281a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=NjU3N2JhZTMtMjE3Ni00M2JkLWEyYmUtZjYwODE2OGYyODFh&gdpr=0&gdpr_consent=&ttd_tdid=6577bae3-2176-43bd-a2be-f608168f281a&google_tc= HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=6577bae3-2176-43bd-a2be-f608168f281a&google_gid=CAESENYAq6GhXmqTnxS3wV9I3C0&google_cver=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6577bae3-2176-43bd-a2be-f608168f281a&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6577bae3-2176-43bd-a2be-f608168f281a&expiration=1703301903&gdpr=0&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6577bae3-2176-43bd-a2be-f608168f281a&expiration=1703301903&gdpr=0&gdpr_consent=&C=1

184 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977 Show response
www.theonion.com/
Redirect Chain

https://trib.al/GzkJZ50
https://local.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing

262 KB
61 KB

284ms
274ms

Document
text/html

151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

6224cce178620222fec2ba1a6811a00b7be49ed37b82609de03054138cf1d840

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: stale-if-error=86400, stale-while-revalidate=300
content-encoding: gzip
content-length: 62036
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 23 Nov 2023 03:25:00 GMT
etag: W/"4198e-+YYYH1YuSzcfF/3bTSptYj2FeKQ"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-UA-Device, X-Kinja-GDPR, X-Kinja-CCPA, X-Kinja-Location, Authorization
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-cdn-fetch: mantle-default
x-content-type-options: nosniff
x-frame-options: deny
x-googlenews-bot: false
x-kinja: kinja-magma-kube02-7dcdcdb687-n5rb8 #4601
x-kinja-build: 4601
x-kinja-revision: 054c774aad7c403f9473c23c0f59d7af73ce2ab1
x-kinja-server: kinja-magma-kube02-7dcdcdb687-n5rb8
x-kinja-superheroloaded: true
x-powered-by: Express
x-served-by: cache-iad-kcgs7200166-IAD, cache-fra-eddf8230051-FRA
x-timer: S1700709900.196891,VS0,VE250
x-ua-device: desktop
x-xss-protection: 1; mode=block

Redirect headers

accept-ranges: bytes
age: 0
cache-control: stale-if-error=86400, stale-while-revalidate=300
content-length: 270
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 23 Nov 2023 03:25:00 GMT
location: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept, Accept-Encoding, Authorization, X-Valid-Scroll-User
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-cdn-fetch: mantle-default
x-content-type-options: nosniff
x-googlenews-bot: false
x-kinja: kinja-magma-kube03-c946f446b-m6ctg #4601
x-kinja-build: 4601
x-kinja-removed-qs: utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
x-kinja-revision: 054c774aad7c403f9473c23c0f59d7af73ce2ab1
x-kinja-server: kinja-magma-kube03-c946f446b-m6ctg
x-kinja-superheroloaded: true
x-powered-by: Express
x-served-by: cache-iad-kiad7000045-IAD, cache-fra-eddf8230051-FRA
x-timer: S1700709900.043065,VS0,VE117
x-ua-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 roboto_condensed_ext_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 22 KB
22 KB 162ms
35ms Font
binary/octet-stream 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_reg-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cf63e82bd1a86cf85c62989cc15541677669740180c62e7855e00a967f18ba06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: E29DMFM09CRHSR8J
age: 26
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 22464
x-amz-id-2: mQ3EcOT9AgDlC3EiJuJe6gDaI3Z4JJxBI1T31kwN5fGqx82mWiFQaO+zJmVh6hTSaz0x2NZBi3U=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Thu, 10 Aug 2023 17:07:53 GMT
server: AmazonS3
x-timer: S1700709901.610159,VS0,VE1
etag: "07a9822d47ff9a6f495d0f1c04d185c8"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 roboto_condensed_ext_reg_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 24 KB
24 KB 160ms
34ms Font
binary/octet-stream 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_reg_it-webfont.woff2?11012022

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6d87c7ff3d2452025a212149a7dac507a9c36b0dcc9f851a52a29d2d87e8ba2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 96QFN5PVEV0FW71G
age: 89
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 24548
x-amz-id-2: ED7v0iAAi265WCxiKO4pB5NH6QECXDvl3+LssCmxSK8F62sOshszL6h7JExVPyFsw9Iraxgn0Qo=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Thu, 10 Aug 2023 17:07:53 GMT
server: AmazonS3
x-timer: S1700709901.610259,VS0,VE0
etag: "f8702959a16d4d4310dc4090c484eaf0"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 roboto_condensed_ext_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 22 KB
22 KB 161ms
34ms Font
binary/octet-stream 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_bold-webfont.woff2?11012022

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aa4a10fb18a7cf972ee266856700400200e09d0557441a4aed5adf6f1d4a94a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 8H3693CZ3V6HZKB2
age: 21
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 22308
x-amz-id-2: 2pc6FAbZMyuCaK0sYZQymQZMEnSakNqjNTPb+SN38SUj1d4fA831/Ox+RFGNhBPrjkSoo3zPVPw=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Thu, 10 Aug 2023 17:07:51 GMT
server: AmazonS3
x-timer: S1700709901.610173,VS0,VE1
etag: "5b89baa90ed9f475cc75193a4873c51a"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 roboto_condensed_ext_bold_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 24 KB
24 KB 161ms
35ms Font
binary/octet-stream 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_bold_it-webfont.woff2?11012022

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32a4f630fcc22ae4d318d9d3a94ab47e165cb2026c21e58de13260c54d4eba74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 2XXJ6EBEYXJQMWZT
age: 21
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 24352
x-amz-id-2: l8FmqX0gMSqWMk0mjHsDKHvA17GfqlYNc1sTmIhBhQlYxb5BzkuaGqzC6zLkY3FMx/0KOiIOrTA=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Thu, 10 Aug 2023 17:07:50 GMT
server: AmazonS3
x-timer: S1700709901.610159,VS0,VE0
etag: "3ea5bce10a12f4f87d3ca8e37e94fb83"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 18 KB
18 KB 254ms
128ms Font
binary/octet-stream 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: BJ233AP0Q6SFTDH9
age: 108
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17984
x-amz-id-2: XR/HBk2AMr0uyJHAuo+rmRUU5pEpASyeEk4Lqo9gn/v4OPoAGyvDrBmdazfl78O2tpxz+cCkZ1ce0BkGqgb76kiX+bqDOAYj
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Wed, 15 Nov 2023 21:53:04 GMT
server: AmazonS3
x-timer: S1700709901.612208,VS0,VE1
etag: "0518781cd45a71291d17ea1febfcc5fe"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ywbbelwikhhgopxznzgf.jpg
i.kinja-img.com/image/upload/c_fit,pg_1,q_60,w_1600/ 34 KB
35 KB 98ms
77ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fit,pg_1,q_60,w_1600/ywbbelwikhhgopxznzgf.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a34cf58c3b04bbd4f6592068a5e706da9fc5cd60d73c9ad56378b4b54754fb53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: 800
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Thu, 23 Nov 2023 03:25:00 GMT
fastly-io-served-by: vpop-mnz1300716
x-amz-meta-cld-transformation-id: 10000011314925
x-amz-request-id: TGXKBFJHHFC5AJJA
x-amz-meta-cld-version: 1506373823
x-cache: HIT, HIT
fastly-io-info: ifsz=40234 idim=800x450 ifmt=jpeg ofsz=34816 odim=1600x900 ofmt=webp
x-amz-meta-cld-surrogate-key: 371715247117214347782801784084554066159
age: 2534115
fastly-stats: io=1
content-length: 34816
x-amz-id-2: TAQMxiEFbaYITKAR8rlFRaHEyz9D0m03dYbyAKoHQ3HjbBFwzCSwOJNiMRa6Vwvp2arEJI97zBo=
x-served-by: cache-iad-kjyo7100038-IAD, cache-fra-eddf8230051-FRA
server: AmazonS3
x-timer: S1700709901.538427,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&format=pjpg&frame=1&quality=60&width=1600
etag: "XczFXcIMF/Jt4ID3TB5IOVJ0pVJ08wAGdxUpxY6cmZc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 12, 1

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 142ms
24ms Script
application/javascript 18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 09:28:32 GMT
content-encoding: gzip
via: 1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 64589
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: uyorCwICETgFNu3lR9K8BBz6af2I3OdF0IXvkXkxGETsrHXStUZ36A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 403ms
24ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 01:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5722
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 23 Nov 2023 03:49:38 GMT

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 20 KB
9 KB 147ms
27ms Script
application/javascript 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=527761496
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 9f415e7fe835a3f7a109c97a300be83e41b0c880fd57914376c0b076b0b9eac3

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Thu, 30 Nov 2023 02:16:28 GMT
date: Thu, 23 Nov 2023 03:25:00 GMT
via: 1.1 vegur, 1.1 varnish
content-encoding: gzip
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 4112
x-cache: HIT
content-length: 8051
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1700705788&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=bW72pYveamjiTo2fU9Ll5L08uDeE1hA23jPZt%2BAfyGM%3D
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Thu, 23 Nov 2023 02:16:28 GMT
server: Apache
x-timer: S1700709901.630317,VS0,VE0
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700705788&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=bW72pYveamjiTo2fU9Ll5L08uDeE1hA23jPZt%2BAfyGM%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 ywbbelwikhhgopxznzgf.jpg
i.kinja-img.com/image/upload/c_fit,q_60,w_1315/ 26 KB
27 KB 96ms
78ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fit,q_60,w_1315/ywbbelwikhhgopxznzgf.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68244cfc79b881022d8b1ac4e96e27580d7c58d5e9cd9c74d9a4c5a15947b9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: 800
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Thu, 23 Nov 2023 03:25:00 GMT
fastly-io-served-by: vpop-mnz1300716
x-amz-meta-cld-transformation-id: 10000011314925
x-amz-request-id: TGXKBFJHHFC5AJJA
x-amz-meta-cld-version: 1506373823
x-cache: HIT, HIT
fastly-io-info: ifsz=40234 idim=800x450 ifmt=jpeg ofsz=26914 odim=1315x740 ofmt=webp
x-amz-meta-cld-surrogate-key: 371715247117214347782801784084554066159
age: 1166675
fastly-stats: io=1
content-length: 26914
x-amz-id-2: TAQMxiEFbaYITKAR8rlFRaHEyz9D0m03dYbyAKoHQ3HjbBFwzCSwOJNiMRa6Vwvp2arEJI97zBo=
x-served-by: cache-iad-kjyo7100038-IAD, cache-fra-eddf8230051-FRA
server: AmazonS3
x-timer: S1700709901.538420,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&format=pjpg&frame=1&quality=60&width=1315
etag: "MKoT+2xAmf65KbwzCFw1eIQ/geZ1AIJL4Kf7zU4wS6Y"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 18, 1

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~251de3ca.8ad766a322c348abd8a2.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 16 KB
5 KB 40ms
35ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~251de3ca.8ad766a322c348abd8a2.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9b3e7f6528c49730d8109c98014ee95a319a7d1d8a08cb6d4a268dd0918553c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: DSMQFN5WTM88T43K
age: 618721
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 5086
x-amz-id-2: /HjgPHTb8uzcrEkIXgRU5OGYFFfOIBbCtmEaNYd4b8zM7TiXdYZzjrUia36E4RH5PXzj6rSBNpI=
x-served-by: cache-fra-etou8220106-FRA, cache-fra-eddf8230051-FRA
last-modified: Wed, 15 Nov 2023 21:52:58 GMT
server: AmazonS3
x-timer: S1700709901.530187,VS0,VE0
etag: "6e72a53de2de855eb31640a97bb33425"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 2

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~8b2687c0.8653cfdb00c890a8e687.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 5 KB
2 KB 43ms
38ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~8b2687c0.8653cfdb00c890a8e687.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

353c493b7ff3cc76c99b3fb094406e6536a6623344919dfa1f0f175c3bd2916c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: 107MY7QPWW1C92RP
age: 1372960
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1729
x-amz-id-2: pfjf5mKsOwnWAYiZccrto3/wsYidXRSNeHrpDDkEFyZ3AMOKFEb8B60bfL0YpcfeC1NNV4L/sRs=
x-served-by: cache-fra-eddf8230131-FRA, cache-fra-eddf8230051-FRA
last-modified: Wed, 25 Oct 2023 16:18:36 GMT
server: AmazonS3
x-timer: S1700709901.530463,VS0,VE0
etag: "0b7f37a8e0f013f57fc9706b2e420a76"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~1a7700aa.e1cabbc1d3ae99833f4a.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 7 KB
3 KB 38ms
34ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~1a7700aa.e1cabbc1d3ae99833f4a.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

557f64e58e17972bffbe930e0534973a28d06da7e906ee34414a57d6cc245ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: 24C2GHTC4Y5YE5EE
age: 1393085
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2561
x-amz-id-2: yr9ZktCCCHmNHj51p5z4tu578I1B1sfCWvNx/KH9mkK35Lf0CTEoVIuGDN7133oKM77Tp6gfB0k=
x-served-by: cache-fra-etou8220087-FRA, cache-fra-eddf8230051-FRA
last-modified: Tue, 26 Sep 2023 11:19:04 GMT
server: AmazonS3
x-timer: S1700709901.530424,VS0,VE0
etag: "840e74d9ff2cecb97ccd917764a05236"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 2

GET
H2 200 runtime~ga4.4fa95d1880e01ab1fed8.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 131ms
27ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/runtime~ga4.4fa95d1880e01ab1fed8.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63710710890c4cb490bcbb990c93396d49f05cff1a2f7206d5de257107939d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 10RWNSJNPHYHCXGQ
age: 43
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 686
x-amz-id-2: PhZi0oXSQfiu5ezxD5F71US4yyq/ExKHYZKPQmpMLCdr0Bk02BM+8WwYzXrmBLWpSRHQmYDIb0o=
x-served-by: cache-fra-eddf8230096-FRA
last-modified: Tue, 07 Nov 2023 06:10:40 GMT
server: AmazonS3
x-timer: S1700709901.630859,VS0,VE0
etag: "e171d6d4875754d065c7446f329e6e90"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 ga4.b60369697f1d1eb7bc00.js Show response
x.kinja-static.com/assets/new-client/ 7 KB
3 KB 141ms
38ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ga4.b60369697f1d1eb7bc00.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4c8e3116a2a89e1f2aeb829f9f6f5a846a1af34238435f7c80dff700787a4d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: F55T1NBYAZN3Q4X6
age: 64
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2551
x-amz-id-2: 9s1FntqXU2QbKRH/wzef6aclsB8l8RXbT/zaT8Y1jXMf9caM/nFPW+rAAhRXz1Ea0jcBLRlVcfE=
x-served-by: cache-fra-eddf8230096-FRA
last-modified: Mon, 06 Nov 2023 23:57:29 GMT
server: AmazonS3
x-timer: S1700709901.630862,VS0,VE0
etag: "e07e73766b4fc9046ad4f5ce1c7ab9ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 adManager~video-html5-playlist~videoHtml5.f8ca5d1b7c1c3b8152c1.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
2 KB 41ms
37ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adManager~video-html5-playlist~videoHtml5.f8ca5d1b7c1c3b8152c1.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e600bcf2ed8f86a2a1ed40e71039df73a9bbd9800fcac01d960f0a133521f660

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: P6J0YW91VRAJN0VC
age: 789489
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2059
x-amz-id-2: xCSgh4anVSUcmLoAu90LSgMjF8dUf5hc0f7hKZnNu+RZgV2S61a36ahda1nS6958Bde+3IlLjmk=
x-served-by: cache-fra-etou8220094-FRA, cache-fra-eddf8230051-FRA
last-modified: Mon, 13 Nov 2023 03:04:38 GMT
server: AmazonS3
x-timer: S1700709901.530819,VS0,VE0
etag: "c39630b890ced0152f8f25b88b613eb0"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~c0e5e8c7.2affe01a1383941b28fa.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 28ms
25ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~c0e5e8c7.2affe01a1383941b28fa.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

742bdcd300d7076fe7fffd2a846e4a47944030dfea4eabb1a93daf236bdb4782

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: KNN29QMHS62KXS92
age: 1301252
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 881
x-amz-id-2: Wp/3SjwEcHUsWM5IeJHbvg4rt+kY9NZCsy1mF9cXQb4JKG7FCWUzgSgi1T1dlqLD0p2wC6n/NvQ=
x-served-by: cache-fra-eddf8230055-FRA, cache-fra-eddf8230051-FRA
last-modified: Tue, 07 Nov 2023 16:02:05 GMT
server: AmazonS3
x-timer: S1700709901.530128,VS0,VE0
etag: "81634d3f9c34ec97f59742304f4fbda4"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 2

GET
H2 200 runtime~taboolaLoader.683b559fe2d66b7544b6.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
2 KB 38ms
34ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~taboolaLoader.683b559fe2d66b7544b6.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d3e6ff2649ac9a0611e35d957b3a5b693d0efb3a53c2ebe79e990f178a7e5768

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 4WNWB923A8MAW2ST
age: 696577
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1062
x-amz-id-2: UZrrAK1w+lof0UBIuSKmsez92gvnS9uqV2wvc/SfQrs/cf9kV8UHiCtRd8OhUPRtPcF9rsGIPzLKtPdmIf26yQ8RwmcqF3kAlaTYWePYYhk=
x-served-by: cache-fra-etou8220034-FRA, cache-fra-eddf8230051-FRA
last-modified: Tue, 14 Nov 2023 22:46:45 GMT
server: AmazonS3
x-timer: S1700709901.530125,VS0,VE0
etag: "89cace423b1d656236b9a1d1c4e41ce8"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 2

GET
H2 200 taboolaLoader.3c56ecb82aa09a2d6112.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 17 KB
5 KB 29ms
25ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/taboolaLoader.3c56ecb82aa09a2d6112.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0b4bd8a10e3c42db650d2b1de8861c1356ab421d4329b9b4a04aeab88349e01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-amz-request-id: BVGJJAB76KPARH3D
age: 1773752
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 5159
x-amz-id-2: MZU4WYM4xFCd8I3enHjEk17yw8ZYR/5dEYnQ97ROGNV4uA/GxLughWjHSjsleRX5wR1TjjLlYE0=
x-served-by: cache-fra-etou8220060-FRA, cache-fra-eddf8230051-FRA
last-modified: Thu, 02 Nov 2023 14:39:04 GMT
server: AmazonS3
x-timer: S1700709901.530100,VS0,VE0
etag: "3b72c1b576b450f0167c74b93d720cc8"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0, 2

GET
H2 200 runtime~videoMediaQuerySupport.87053d08d5634a107c35.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 37ms
34ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoMediaQuerySupport.87053d08d5634a107c35.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: R2F0PQJY40BC3C0G
age: 1398447
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 774
x-amz-id-2: oDPx2miqj4VyGfVgE9o9wi0BLlfAxjOHATxjZKFUxiZV0dkOpg1J/u/S5M4sd8RlmQDOnUeZSvSWqMyxtNZI2w==
x-served-by: cache-fra-eddf8230083-FRA, cache-fra-eddf8230051-FRA
last-modified: Fri, 06 Oct 2023 21:12:51 GMT
server: AmazonS3
x-timer: S1700709901.530113,VS0,VE0
etag: "df042ee2742c71b59300a1b35069e3aa"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 videoMediaQuerySupport.b68e2424feab32dd0c91.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 1 KB
986 B 38ms
35ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/videoMediaQuerySupport.b68e2424feab32dd0c91.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: 2WW8SHX0E5K4YX0F
age: 2503844
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 683
x-amz-id-2: uv90bpOnAA3GPC6wHsxVEhq1mRt0AGKAp12vokugw+qD85HL0Qk1uStJxQJ7UNz1Azp2XnrZPe8=
x-served-by: cache-fra-etou8220068-FRA, cache-fra-eddf8230051-FRA
last-modified: Tue, 26 Sep 2023 18:28:14 GMT
server: AmazonS3
x-timer: S1700709901.530079,VS0,VE0
etag: "cd8a0c9965106e2f8e59fd060ddad4f1"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 runtime~videoHtml5.9d1a68a0784c206c05bf.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 7 KB
2 KB 36ms
33ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoHtml5.9d1a68a0784c206c05bf.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c47e677440f4efdd47797b9bde0400163100ea387b2b8dbcb0e9d2c5e2f62a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: PM1M7JS5C7Y6VNWP
age: 559745
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1921
x-amz-id-2: QVBsTdCTSjJtOifqKQ+kH23qbxC0no3CTnneGnt2RmVhmmqRxTZN5GiESJaoIumkwr8G0zjUBHM=
x-served-by: cache-fra-eddf8230078-FRA, cache-fra-eddf8230051-FRA
last-modified: Thu, 16 Nov 2023 15:50:20 GMT
server: AmazonS3
x-timer: S1700709901.530071,VS0,VE0
etag: "f113ec7a65d8ae16cdbdcfff99734ff4"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 2

GET
H2 200 vendor~video-html5-playlist~videoHtml5.d8af3e4197ba529c0bd4.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
3 KB 72ms
69ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~video-html5-playlist~videoHtml5.d8af3e4197ba529c0bd4.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ab6de8eec44f4e06e08799f338541cc03952d7e2522ffd3f3b113a2c1a01cd14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 8ZP16H0E4N0DWWJ1
age: 687950
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2188
x-amz-id-2: Ustc6Mt62HHMr817Viatb/Htvpo7j+83tyS+A2NaiGWWDkU0/I4fppx+QfgjVxu6W6QpE0LDL6Y=
x-served-by: cache-fra-eddf8230022-FRA, cache-fra-eddf8230051-FRA
last-modified: Tue, 14 Nov 2023 20:51:47 GMT
server: AmazonS3
x-timer: S1700709901.538459,VS0,VE0
etag: "5e4139cf5491f3d40e4d8f3fc1b52fc9"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 video-html5-playlist~videoHtml5.eddc6f9132c4681259c4.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 48 KB
13 KB 41ms
39ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.eddc6f9132c4681259c4.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0ee729052c49b8104ebd6ec49249d6383a982afc8b1e08905f1f00ace536a62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: DAM0VHSKJRDSV4CP
age: 1987871
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 13368
x-amz-id-2: pzXCJxgYaRhnyqld6+n0J3xMrJEPENGd3XqyKnM1n3v8N7kjVseLW8VFGC1GX7oRkfNkIFAz/AQ=
x-served-by: cache-fra-etou8220101-FRA, cache-fra-eddf8230051-FRA
last-modified: Tue, 24 Oct 2023 17:03:09 GMT
server: AmazonS3
x-timer: S1700709901.538447,VS0,VE0
etag: "825a0787bb636588fcee75c1cd668333"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 videoHtml5.a9ba8849357e3598586e.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 12 KB
4 KB 72ms
70ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/videoHtml5.a9ba8849357e3598586e.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2344d02f9553821a1a2c157f178ea59766ca0a789ddfcf64d6cb5423ccece952

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: C9P3NEYFESBW93S8
age: 557842
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 3618
x-amz-id-2: y9puDlQW3kMaRNs8DOHmb0CraXbagnRqJDM7vdujg3VbjPPpATX4BgMeAGCjPfM+gQn7IGaVkDA=
x-served-by: cache-fra-etou8220047-FRA, cache-fra-eddf8230051-FRA
last-modified: Thu, 16 Nov 2023 16:23:50 GMT
server: AmazonS3
x-timer: S1700709901.538454,VS0,VE0
etag: "f0bbfeb0379a9e61774d82e4e26cbae1"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 accountwithtoken Show response
kinja.com/api/profile/ 253 B
1 KB 132ms
125ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja.com/api/profile/accountwithtoken?jsonp=_thirdPartyFastToken&newFollows=true

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

33033de9b814f6768cbb1cd19d04ed013aef83db675159c7d880dc0cf3d6f435

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 03:25:00 GMT
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: master-only
x-cache: MISS, MISS
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja-continent: EU
x-cdn-fetch: mantle-setcookie
content-length: 229
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100059-IAD, cache-fra-eddf8230051-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1700709901.538404,VS0,VE96
x-frame-options: DENY
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-kinja-country: UA
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 32ms
32ms Image
text/plain 18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6770184&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700709900646&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&c8=Friend%20Who%20Sent%20Link%20To%208-Minute%20YouTube%20Video%20Must%20Be%20Fucking%20Delusional&c9=
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:00 GMT
via: 1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-amz-cf-id: dgeFQND8MEsWQFQBBSlrpA6qve8K7R6MeN4Z3QfjGSpX7BM-zIqFyg==
x-cache: Miss from cloudfront

GET
H2

200

/
www.theonion.com/
Redirect Chain

https://www.theonion.com/undefined
https://www.theonion.com/

273 KB
273 KB

112ms
111ms

Image
text/html

151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theonion.com/

Requested by

Protocol

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-kinja-server: kinja-magma-kube02-7dcdcdb687-ppw8k
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 03:25:00 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-kinja-build: 4601
x-powered-by: Express
age: 0
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube02-7dcdcdb687-ppw8k #4601
x-cdn-fetch: mantle-default
content-length: 64285
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000116-IAD, cache-fra-eddf8230051-FRA
x-googlenews-bot: false
x-timer: S1700709901.801261,VS0,VE87
etag: W/"62a3e-BJts8pvOZvzkYKd2AW4zZ+CzbCU"
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-UA-Device, X-Kinja-GDPR, X-Kinja-CCPA, X-Kinja-Location, Authorization
content-type: text/html; charset=utf-8
cache-control: stale-if-error=86400, stale-while-revalidate=300
accept-ranges: bytes
x-kinja-revision: 054c774aad7c403f9473c23c0f59d7af73ce2ab1
x-cache-hits: 4, 1

Redirect headers

x-kinja-server: kinja-magma-kube01-ccb5ff9fd-qtldg
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 03:25:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-kinja-build: 4601
x-powered-by: Express
x-cache: HIT, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube01-ccb5ff9fd-qtldg #4601
x-cdn-fetch: mantle-default
content-length: 35
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000150-IAD, cache-fra-eddf8230051-FRA
x-googlenews-bot: false
x-timer: S1700709901.686997,VS0,VE88
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-UA-Device, X-Kinja-GDPR, X-Kinja-CCPA, X-Kinja-Location, Accept, Authorization
content-type: text/plain; charset=utf-8
location: /
cache-control: stale-if-error=86400, stale-while-revalidate=300
accept-ranges: bytes
x-kinja-revision: 054c774aad7c403f9473c23c0f59d7af73ce2ab1
x-cache-hits: 2, 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 457ms
42ms Script
text/javascript 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.eddc6f9132c4681259c4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

sffe /

Resource Hash

4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128094
x-xss-protection: 0
expires: Thu, 23 Nov 2023 03:25:01 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/gomedia1-network/ 344 KB
103 KB 121ms
27ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caf4b166e94b9c939010f51318063e5c7103009e583a1fc87179ffcd824acbe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: mwBKZvOKr7iJeLfR4nxbBdW5ngHrzg7H
content-encoding: gzip
via: 1.1 varnish
date: Thu, 23 Nov 2023 03:25:00 GMT
x-amz-request-id: 6FWX07TDDXZYMBWX
age: 72
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 105069
x-amz-id-2: Yc9Xn/rVatGT2WMfYJQGLMOhfunyIaflrZP9HcduzwoeWTqB6YnK3XjPytKe6EsMuG7Z/fJrVww=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Tue, 21 Nov 2023 11:54:12 GMT
server: AmazonS3
x-timer: S1700709901.782463,VS0,VE1
etag: "e64ed31788e4abed3c0a670522ab6f88"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 81
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 load.js Show response
pm-widget.taboola.com/gomedia1-network/ 3 KB
1 KB 30ms
28ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/gomedia1-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e2558431fa15502b287eaffaf838d80ecad4bfcd26ce1543bcb206ca98dcb83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: EorerB.D3w_N35bqJQH23FSZ.N.fIup4
content-encoding: gzip
via: 1.1 varnish
date: Thu, 23 Nov 2023 03:25:00 GMT
x-amz-request-id: 8E35YY54XG1PMGGN
age: 2555
x-cache: HIT
content-length: 1106
x-amz-id-2: EgkhX/dC/ZoicNjyCgUYoRXztmdrIxmZQCRjSkYJ5SnsfUwEkaUunTJhVEb1x7/k4X34cv+V6zQ=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 27 Sep 2023 08:06:45 GMT
server: AmazonS3
x-timer: S1700709901.924746,VS0,VE1
etag: "942403da10227099832480d4c9d0208c"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 impl.20231121-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 819 KB
170 KB 30ms
29ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ca0c978c9d8361a0509dad2dfac066d4a8968fc6a870bc893c4b5f40cff42419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: Goo1gyH5Mb13alrQ0W6zOWkgXcD8DEn0
content-encoding: br
via: 1.1 varnish
date: Thu, 23 Nov 2023 03:25:00 GMT
x-amz-request-id: 2DT8Q5S0E2D8RNCZ
age: 2339
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 173606
x-amz-id-2: mwihbDPG86wbqTFFkJwlQKv7Co+BELgA78GVz+oz+7VpwZpf7gRpNYseBtFWa2YYmy/p+skRJF4=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Tue, 21 Nov 2023 10:24:38 GMT
server: AmazonS3-br
x-timer: S1700709901.927314,VS0,VE0
etag: "e14d5158d1e05939397417dd5bb9b1d9"
vary: Accept-Encoding
content-type: application/javascript
abp: 96
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 2141

POST
H2 200 json
trc.taboola.com/gomedia1-theonion/trc/3/ 4 KB
0 348ms
334ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/gomedia1-theonion/trc/3/json?llvl=2&tim=04%3A25%3A00.924&lti=trecs&pubit=n&t=1&data=%7B%22cmps%22%3A2%2C%22id%22%3A%2226966%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1700709900924%2C%22cv%22%3A%2220231121-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing%22%2C%22vpi%22%3A%22%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8215%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22gomedia1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22cd%22%3A2175.39%2C%22mw%22%3A800%7D%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22text%3D%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1700567646446%2C%22wc%22%3Atrue%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 306
date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.3822916666666667
x-fastly-to-nlb-rtt: 69029
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230029-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1700709901.957536,VS0,VE306
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pmk-20220605.2.js Show response
pm-widget.taboola.com/gomedia1-network/ 102 KB
29 KB 106ms
29ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/gomedia1-network/pmk-20220605.2.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/gomedia1-network/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4edc4e8c804d59ff0dbb24ca8d4a6c9c4f25ed238e353426e6eaf7bcda88df3c

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 7jIm5sY5l9qw.61OrHjZvFYwnPjaKWSP
content-encoding: gzip
via: 1.1 varnish
date: Thu, 23 Nov 2023 03:25:01 GMT
x-amz-request-id: 8S3QCN7ETB9K0V5B
age: 705381
x-cache: HIT
content-length: 28810
x-amz-id-2: enQbZfxJTuEjR5gHO2N/ld1sKx2VZHc88Emm+xzM1VqRaHqe28D/ypC01ThtuYvhB6udE3znxIg=
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Wed, 27 Sep 2023 08:06:44 GMT
server: AmazonS3
x-timer: S1700709901.032638,VS0,VE0
etag: "ec013cc2f4a091f102d60309b9313da0"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 64

GET
H2 200 card-interference-detector.20231121-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 28ms
28ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20231121-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa5d358f6f6f121919bb293c3c01de8dccaa421eb7aa0ef0c28756fcad4865ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: vtqVKpx8v2_BDNiQ_n4iYmoJpO41fII0
content-encoding: gzip
via: 1.1 varnish
date: Thu, 23 Nov 2023 03:25:01 GMT
x-amz-request-id: ZYK4VXVD2RJX67TJ
age: 56597
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2180
x-amz-id-2: t+pewe0FWdvAaXKFaHFKxG99geArirMV+gMhovzjqxztNAc9/Iu9fn/uNymUkzrAeeDBFelTsCA=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Wed, 22 Nov 2023 11:41:43 GMT
server: AmazonS3
x-timer: S1700709901.017912,VS0,VE0
etag: "4c8cc25d10f69755f64ccb719134863c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 51
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 34344

GET
H2 200 vans-adapter-google-ima.js Show response
static.adsafeprotected.com/ 19 KB
7 KB 463ms
33ms Script
application/javascript 18.66.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.eddc6f9132c4681259c4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
date: Sun, 19 Nov 2023 06:49:15 GMT
x-amz-cf-pop: FRA56-P5
age: 333347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 08 Jul 2021 19:25:58 GMT
server: AmazonS3
etag: W/"8ec0c211dda60907ae57f46e621bc794"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: pD2kxQTSrCzyESlz-xD8SOeTlpD7U_bL5i9T-NTDkC5ghcXHxdCGGA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 436ms
54ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1c79b64610995dc9e6b2e2017c163093a018dd03cf8329e3a01b3ad0163cdbf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31463
x-xss-protection: 0
server: cafe
etag: 834 / 19684 / m202311090101 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 03:25:02 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/gomedia/ 20 KB
9 KB 134ms
39ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/op.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf192a93a0826875d80ff216dfea7b9b3490d74f2086d78a1da6c18d49ea2902

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: RT75.qOykwxor6WZkn3gSN5g9Ov6TLaL
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
date: Thu, 23 Nov 2023 03:24:21 GMT
x-amz-cf-pop: FRA60-P4
age: 53
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 9028
x-amz-meta-git_commit: cf1706d
last-modified: Wed, 22 Nov 2023 20:41:41 GMT
server: AmazonS3
etag: "54d5b6976ce63e343cdd7610f6311af3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: LMfBEEysmEv9qJ7t2opp4cZm3K_02T31k0RdiAzTSD0aDV2STl-naQ==

GET
H2 200 runtime~adManager.da3db87d41ef042b00b0.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
2 KB 35ms
33ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.da3db87d41ef042b00b0.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

278297cb907ff7c5eb8f8444423995c281bc5fa6cf01ac31f5357e1dc3c25d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 21AYMYW14G7879D0
age: 103962
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1686
x-amz-id-2: OVt27RlNtcFw8Oc+XhUg5MkpkV2MK8kpDVq6Y7n74m6CFpfH6xZvUIPqUUbqwVzKhqhrcBHCF1I=
x-served-by: cache-fra-etou8220086-FRA, cache-fra-eddf8230051-FRA
last-modified: Tue, 21 Nov 2023 22:27:16 GMT
server: AmazonS3
x-timer: S1700709902.832171,VS0,VE0
etag: "68f53e4c142def61372f125d5054be6a"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 adManager.debf8438553c4c88fa24.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 29 KB
9 KB 33ms
31ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adManager.debf8438553c4c88fa24.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d444c6857c7f163cc89eb91f9de7ccd7d038e8c2619d4d92d6d508ec285a1fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: CFGZRK0R1BYTTD0N
age: 40658
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 8589
x-amz-id-2: 0961P4oECrOBJJR3YdccOdnp1a4NKvp3UTz+EBbBRmhGd+QPtgXeAy5MbeGQxLJpdrvz0cNgekY=
x-served-by: cache-fra-etou8220117-FRA, cache-fra-eddf8230051-FRA
last-modified: Wed, 22 Nov 2023 16:02:33 GMT
server: AmazonS3
x-timer: S1700709902.832133,VS0,VE0
etag: "12158bc8b741a74f512a5fce664a83a0"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
45 KB 434ms
33ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1f5522837c25c6b7abce9c05d02d310d0533ccfa9f76afb9fe8452589176878d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45405
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Nov 2023 03:25:02 GMT

GET
H2 200 183957-47751755686051.js Show response
js-sec.indexww.com/ht/p/ 42 KB
14 KB 142ms
52ms Script
text/javascript 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4300454348aab742b1eff507c0bc32134b45a5d6aca003be799d9ff24af4a10d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 03:16:02 GMT
server: cloudflare
age: 407
etag: W/"76325e-a904-60ac94164027f"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 82a64d770954383d-FRA
expires: Thu, 23 Nov 2023 07:25:01 GMT

GET
H2 200 runtime~trackers.cab236ddab54d9b50be3.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
2 KB 39ms
38ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~trackers.cab236ddab54d9b50be3.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

684b4de220f2acb97bbd72a8d06ad77da72693f611a47ada428892ba3018c9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-amz-request-id: GYJ67CBZNKFRB7MT
age: 2581664
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1237
x-amz-id-2: KkpRPhQ7kRI0dV251eTdWANRK9085HjN7KrbjsctbWrj4gAzD6KkMvmdgD5/q8EX1PLOvOGLkKa6l/eg2grpdwU4ZDLF/Bl0yfu0fkEyT6M=
x-served-by: cache-fra-eddf8230088-FRA, cache-fra-eddf8230051-FRA
last-modified: Mon, 25 Sep 2023 20:30:02 GMT
server: AmazonS3
x-timer: S1700709902.836078,VS0,VE0
etag: "3aaaeafd41360ff85f54800f5cea93b0"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~4ea66be1.bc22efab6ca478cb569c.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 38 KB
14 KB 37ms
36ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~4ea66be1.bc22efab6ca478cb569c.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1ace9e08da91ddfaadf070b93307666c4bbdbe83b14c975d703bbe884ae90926

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: 9KQBEPX34XBVDH7Y
age: 2579002
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 13985
x-amz-id-2: N8szGttdUsSH9medzmrH0PD+YhSH+E4Fxz7ETCRPibWLWp119Ed4NEAkcIuxWYUWPqRsCvGmGO2d31eW85pJ9fkpGmT0JikC
x-served-by: cache-fra-eddf8230096-FRA, cache-fra-eddf8230051-FRA
last-modified: Wed, 11 Oct 2023 12:58:54 GMT
server: AmazonS3
x-timer: S1700709902.836050,VS0,VE0
etag: "ff823184fadd2ca25405cfb78d0f2ac4"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 2

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~3b8fb7c5.0ef97014e63785d98dba.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 179 KB
59 KB 41ms
40ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~3b8fb7c5.0ef97014e63785d98dba.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

21a51bfa6dcd95b688f195e3290e70e30ab422101b86b5194143fb1aa364068e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: YR5KN49QF5WWYZ6N
age: 2458987
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 59787
x-amz-id-2: srCHg6KFjDyDGPzI3vXT77450m/eWj9kMvatjbEd4nCuHUqHt/hXs8hIEZxIUQeh38wh23TeGfI=
x-served-by: cache-fra-eddf8230080-FRA, cache-fra-eddf8230051-FRA
last-modified: Wed, 25 Oct 2023 16:18:36 GMT
server: AmazonS3
x-timer: S1700709902.836375,VS0,VE0
etag: "911ceb18d4676a1604e6484a620d751d"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~5dd230b7.946a9e54a94b06c2c450.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 5 KB
2 KB 38ms
37ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~5dd230b7.946a9e54a94b06c2c450.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f1e50535cd96094998245d0149c8eaf14e51fcd01a9b1286936ef2754b282823

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-amz-request-id: YR5X805QK5GQQHVP
age: 2458986
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2137
x-amz-id-2: iafEta59asYAHr7FQU7bkEDc3K2MvHnQmvYs6Yn8vbQAk6IDgvU45mf5bb7vyq9v/dHbh1VN1Pg=
x-served-by: cache-fra-etou8220111-FRA, cache-fra-eddf8230051-FRA
last-modified: Wed, 25 Oct 2023 16:18:36 GMT
server: AmazonS3
x-timer: S1700709902.836378,VS0,VE0
etag: "6c3566c414014aae4aca5802ccbc5d8a"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~a57849c3.0b4e19480a094968d8c7.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 5 KB
2 KB 50ms
21ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~a57849c3.0b4e19480a094968d8c7.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b58135e4d0d328264b9783a8dc11b875c3f2204279c44c9b6d2bf3d7b967e198

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: YR5W443JQKMCP8PE
age: 2458987
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1789
x-amz-id-2: KyGzOgy39NhH3mN3s+iVNbDFlTl8yqFZnEs+OCYkWpTiIjtjoTmEsSqeXnwy3yEoB1RibYGsaWE=
x-served-by: cache-fra-eddf8230116-FRA, cache-fra-eddf8230051-FRA
last-modified: Wed, 25 Oct 2023 16:18:36 GMT
server: AmazonS3
x-timer: S1700709902.908120,VS0,VE0
etag: "c788288d8ffee112e8c430c797871785"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 vendor~biztools~capPage~capRoundupPage~commerceDashboardClient~featureSwitchPageClient~renderThumbsM~fa7c618c.5bf9370c17b74188ad99.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 22 KB
7 KB 48ms
22ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~biztools~capPage~capRoundupPage~commerceDashboardClient~featureSwitchPageClient~renderThumbsM~fa7c618c.5bf9370c17b74188ad99.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3808183c4e2a5463ca4622d4802e1c5ff8d668870a096ac90f281b886d6e0111

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-amz-request-id: AHVYZRQBTY7YT2YD
age: 1773776
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 6984
x-amz-id-2: +aBcXAZS4sxduaiUn7PexxfFjz/8wkQwjVZQEiB7ZythuoYMwEiZWLQatd7REs2+71M6OP34kvk=
x-served-by: cache-fra-eddf8230089-FRA, cache-fra-eddf8230051-FRA
last-modified: Thu, 02 Nov 2023 14:39:05 GMT
server: AmazonS3
x-timer: S1700709902.908107,VS0,VE0
etag: "7e1214c8d3f1f5c83f28d8a7cc74ef0e"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 vendor~trackers.3c1df5cad1584161e519.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 111 KB
35 KB 48ms
23ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.3c1df5cad1584161e519.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2dc9ce6ff07aa809dfdfad4e380d74ba7df1bcace68085a8ef1ac8b4ee785bae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 24893FQFNCN9YMWX
age: 714404
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 35688
x-amz-id-2: 0dem3l3Ef5rDZ+z1vqTLMP/bPIGX8SCVhzENTOQiiYK5lFuR94BTP4lBvaLjDe/vKT+Yw0y0I8A=
x-served-by: cache-fra-etou8220056-FRA, cache-fra-eddf8230051-FRA
last-modified: Tue, 14 Nov 2023 20:51:47 GMT
server: AmazonS3
x-timer: S1700709902.908091,VS0,VE0
etag: "b838b0611ef716ba82e1c0c4a8fcbc37"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~23711350.c837c84b6b92a4ccc895.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 15 KB
4 KB 47ms
23ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~23711350.c837c84b6b92a4ccc895.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1f02bbb488437048485111d3ecdb1136fae1261e5ba9295f7cb08e6e81cee81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: PEE1G1585E3CZE7W
age: 559753
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 3980
x-amz-id-2: LhpMjbWzmzqCuecz+LkbdkO8iELwRNMjPtSDWDQKXcuE1w93yAMo2YyUem966f9oe/vbFd5LLx8MxxU5DCLrtg==
x-served-by: cache-fra-eddf8230033-FRA, cache-fra-eddf8230051-FRA
last-modified: Thu, 16 Nov 2023 15:50:15 GMT
server: AmazonS3
x-timer: S1700709902.908075,VS0,VE0
etag: "deffcff336b42fdd4e17bb5281aec766"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~fb1edace.48bfda91c7e94a9aa92b.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 53 KB
13 KB 45ms
22ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~fb1edace.48bfda91c7e94a9aa92b.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2aafc3889b2ed0cdca5c90cd5369370bae84a7ca777e96fd082c7d4e9fc27ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: SYBNZAJMRVDSJK2N
age: 776319
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 12637
x-amz-id-2: ndtNsFmg1+9+gP/4kJjBQQboC/IsBRO5d7CYKj4n6SwnnYApl+Aif/OVv7S8M1Y1QWa5OjwRxws=
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230051-FRA
last-modified: Tue, 07 Nov 2023 04:28:12 GMT
server: AmazonS3
x-timer: S1700709902.908051,VS0,VE0
etag: "ff57b9bf3a9c53a1063e45658c1e1ec3"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~1e1f3b70.9da663e583a6a7ac7059.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 78 KB
9 KB 51ms
50ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~1e1f3b70.9da663e583a6a7ac7059.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

51d62eb6d89c9f6ed16b87ce68a3a41e613f5972048674b41a5441032a5596e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: KJ5CSAHKKWXJCF2K
age: 864826
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 8464
x-amz-id-2: iPAI6upvjFK+iGN2gPdbDJjBsWmnn+mo2ZUS3dqGR85x2PJ78TxM//OkOnB1xG8B21MboZw0h4M=
x-served-by: cache-fra-etou8220043-FRA, cache-fra-eddf8230051-FRA
last-modified: Mon, 13 Nov 2023 03:04:38 GMT
server: AmazonS3
x-timer: S1700709902.916091,VS0,VE0
etag: "32f4e8cfdc72be3128a72cad4c069e52"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~a0b3c1e7.6ac22456dd15439ffbb1.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 118 KB
28 KB 39ms
37ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~a0b3c1e7.6ac22456dd15439ffbb1.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

270f9ef779c1eec63161e63a842f95578aee0ede1b4e25559346ec71478612f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 3TYEAXFFSRCBQQY9
age: 557875
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 28384
x-amz-id-2: hpoKdHKzMoYDxOxrO8J/T91pRx0SdUmm7jb8ssX/tp6ShmhSS29OL21Ax7l+lUo7k29hEFRtsi8=
x-served-by: cache-fra-etou8220055-FRA, cache-fra-eddf8230051-FRA
last-modified: Thu, 16 Nov 2023 16:23:41 GMT
server: AmazonS3
x-timer: S1700709902.946685,VS0,VE0
etag: "f5292f252a5f657e16616cb3a7bdedac"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 4, 2

GET
H2 200 carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.430e633af3bf2dcd42d5.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 12 KB
4 KB 39ms
38ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.430e633af3bf2dcd42d5.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4331bac2193cbde53c6e8bcd7f79ec503a4aec25a9eae47b557e4f118f5d2a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: V560839SJ26A26JN
age: 702884
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 3979
x-amz-id-2: h/cVHwyZRuvneUirvKpvM4ETYZ8IeBktWgWo7U8TSN6UjP60cNO4MQLyFtDsp9WQ7CJVNrYWccalL5XmFacdkQ==
x-served-by: cache-fra-eddf8230086-FRA, cache-fra-eddf8230051-FRA
last-modified: Tue, 07 Nov 2023 06:10:37 GMT
server: AmazonS3
x-timer: S1700709902.946676,VS0,VE0
etag: "4a907d32b257b9799ec37089e833b1f4"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 trackers.e750d524e2a62ab803a4.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 14 KB
4 KB 33ms
32ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/trackers.e750d524e2a62ab803a4.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4928e318e24ee71aea66837ef00ec4a702cb700147993ce527db8710222e16db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: PEE2X400HM9TH6E2
age: 559753
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 3981
x-amz-id-2: e4vAdW093CLoocBCMJh1Oz4ExuC8Tsq4NWQCGvq1kfR7EbjgZsV5hAhus1MjG+0zpHc4J41TVV0=
x-served-by: cache-fra-eddf8230113-FRA, cache-fra-eddf8230051-FRA
last-modified: Thu, 16 Nov 2023 15:50:20 GMT
server: AmazonS3
x-timer: S1700709902.956814,VS0,VE0
etag: "a096e96b6ff3dab7d65322128ab5d82d"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 runtime~permalinkPage.a0e7e01dc9b004ec3483.js Show response
x.kinja-static.com/assets/new-client/ 33 KB
6 KB 55ms
52ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.a0e7e01dc9b004ec3483.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fe00702e6401e80739fb894ce02be75ebbcee8712342cbc37a7571affbfca3e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: TV51D35R0461G8KQ
age: 49
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 6063
x-amz-id-2: uA/w6LIdW4UUp0Prmbwhk4DUbdFjLGrvD9DKdj3F8vL72x+XdQWpLZlQc8OWlYpkZM0dG3zlhKDPWkxagqgDiTRjtVqFTqes7dKSFZI4qPI=
x-served-by: cache-fra-eddf8230051-FRA
last-modified: Mon, 20 Nov 2023 09:59:33 GMT
server: AmazonS3
x-timer: S1700709902.846476,VS0,VE0
etag: "9ddcd8c77854a01b63c0eb5913c75706"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~58afd02a.d643cf95185d98203e93.js Show response
x.kinja-static.com/assets/new-client/ 3 KB
1 KB 69ms
67ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~58afd02a.d643cf95185d98203e93.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

83992d5da583494b56f97997360b7299e8d666022125e0910d44fb765a7a227b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: DP3R8367Z74WZ089
age: 95
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1036
x-amz-id-2: Py1PNyBLV/zr1akYYo+le+G2pWroHlBGsFy5rdqUVlVC6t08yhFVTQshCAui6X2AAZPcdFcgukg=
x-served-by: cache-fra-eddf8230051-FRA
last-modified: Tue, 07 Nov 2023 22:13:08 GMT
server: AmazonS3
x-timer: S1700709902.846711,VS0,VE1
etag: "c3d4ecea770493510b5c0015e06f6d85"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~01efa28b.960d49be6904641cc1e5.js Show response
x.kinja-static.com/assets/new-client/ 7 KB
2 KB 69ms
67ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~01efa28b.960d49be6904641cc1e5.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4e26deffb409d54bad3ee0136cb720a41853e80674879efe763d44a80e079c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 5WW9NHWXFG9B1AFA
age: 95
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2112
x-amz-id-2: hlkgHQl+3lS2PDS/B0uuvdLEc0HzBwIcReHCrQrRrlQal+so2oJ6Ad7bxqhKOTqHFDmhX9EXruVsz2/6sB6uJw==
x-served-by: cache-fra-eddf8230051-FRA
last-modified: Mon, 30 Oct 2023 16:07:25 GMT
server: AmazonS3
x-timer: S1700709902.846645,VS0,VE1
etag: "317d47a6a0a62e3cd959c3c6019d9ea9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~editorPage~errorPage~featureSwit~35550ec2.d5e7dbe9606a54eeb519.js Show response
x.kinja-static.com/assets/new-client/ 59 KB
13 KB 64ms
62ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~editorPage~errorPage~featureSwit~35550ec2.d5e7dbe9606a54eeb519.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

da2086b575813b2305cccda2cd13e026bb10db9b0b8ad9a8052c154c2909c7b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 3TYEMSB8YTS8D479
age: 86
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 12749
x-amz-id-2: biA3N6K3a5gOv/w7k508ruc/60jtjREHmay2d0gHaBcZkE4mW3+gniHW4dayUmTJgn+WZNo7gbg=
x-served-by: cache-fra-eddf8230051-FRA
last-modified: Thu, 16 Nov 2023 16:23:41 GMT
server: AmazonS3
x-timer: S1700709902.846580,VS0,VE0
etag: "4b7cd76f704bbdc8130b3ecadfcfdbe7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 featuredPermalinkPage~permalinkPage~slideshowPermalinkPage~videoPermalinkPage.02ae9c63089846badaac.js Show response
x.kinja-static.com/assets/new-client/ 18 KB
4 KB 67ms
66ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/featuredPermalinkPage~permalinkPage~slideshowPermalinkPage~videoPermalinkPage.02ae9c63089846badaac.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

37c39ff96587d3bbf3ff13d7e2d3d19ae903f54d90f2052efde272b8a47d1489

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: PEE74K6S5Q82B19T
age: 2
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 4155
x-amz-id-2: tDII9OtGayc678unuJ85V5YVdsUB2acDw7GsPjSxWrWljmTp5J+MImlbT9Zkok5Hs9+f9PDGjDT/STUf9kh6uWid3C50qvR++4T0n2YEfPQ=
x-served-by: cache-fra-eddf8230051-FRA
last-modified: Thu, 16 Nov 2023 15:50:17 GMT
server: AmazonS3
x-timer: S1700709902.846544,VS0,VE1
etag: "17580f90ad1a5e3308bb117a862479e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 permalinkPage.3d7923109634cf465d66.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
711 B 66ms
65ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/permalinkPage.3d7923109634cf465d66.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0ab01d6625b0bfeefdb912790a26aa0fb117deb0b70add3fc4b616a23981242

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: PEEA74JH81R37FY6
age: 21
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 509
x-amz-id-2: xC65KRTA1QBZU6LK+hI/Z1qt8iEsUUGDZzlXBiLnTbOBA5SUHLotSq9/J6vXwudybtdSD6MWn0Q=
x-served-by: cache-fra-eddf8230051-FRA
last-modified: Thu, 16 Nov 2023 15:50:18 GMT
server: AmazonS3
x-timer: S1700709902.846518,VS0,VE1
etag: "fb3b6d494d0b23b40c85200aa1ccdb52"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET runtime~connatixLoader.b7fa188f5acdb8ee0da4.js
www.theonion.com/x-kinja-static/assets/new-client/ 0
0

GET connatixLoader.38915cdaf549293bc9db.js
www.theonion.com/x-kinja-static/assets/new-client/ 0
0

GET
H2 200 vendor~browser-logs~datadog.b18b2c33d208a02a224c.js Show response
x.kinja-static.com/assets/new-client/ 51 KB
14 KB 58ms
57ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~browser-logs~datadog.b18b2c33d208a02a224c.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4382d9e0849ba6fdaf86d0a396112ab11aeaedbb8cee35bb4ea992d019df91f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: P2NJQM20D62EHQE1
age: 56
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 14572
x-amz-id-2: 618Sv/SwZGwLycA6Z/1La26eNYP2ooYxNAU53Z/UunA+I01BzSI97RIIkY8LOcVNYVCTx3iQ8P8=
x-served-by: cache-fra-eddf8230051-FRA
last-modified: Mon, 06 Nov 2023 21:13:15 GMT
server: AmazonS3
x-timer: S1700709902.846483,VS0,VE0
etag: "e54c8217ce9c2a8dfef877f38c249c85"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 ad-units-default.e36b81af0871a203faba.js Show response
x.kinja-static.com/assets/new-client/ 13 KB
3 KB 56ms
20ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ad-units-default.e36b81af0871a203faba.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.da3db87d41ef042b00b0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f9b3f4197084bab71820a0b8a569778cac6ce5dd6075726af7de203b50d9b39f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 8H31AFEYXHPNXPNG
age: 90
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2683
x-amz-id-2: GjSWW8cNUVJvtmPIPby8QlUcsuOXrUJzMWH43NhuJ6Vw5TRR9YV5YTbcyAEETCFCUJA01EEqw7o=
x-served-by: cache-fra-eddf8230051-FRA
last-modified: Tue, 21 Nov 2023 22:27:11 GMT
server: AmazonS3
x-timer: S1700709902.906398,VS0,VE0
etag: "2e8fac8174e9bd7ee78516f3cd24d3d3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 display-theonion-desktop-config.c3ea742a568e1952e8fd.js Show response
x.kinja-static.com/assets/new-client/ 11 KB
1 KB 54ms
20ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/display-theonion-desktop-config.c3ea742a568e1952e8fd.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.da3db87d41ef042b00b0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

622fb51880ca649d2bec903515a6ce45ceb17a8b146b38f1909f08cc96874c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 8042YBS8SRDG4RF2
age: 109
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 919
x-amz-id-2: n+vTD9gNv41pJfb63bFuFqmEOezr3b6N/9fa1mpfhBIiWmoV1dx3j/tj/EHWTwFsRgEoUQxAfr9MfaCooXidk7MoRdMF7kxgVp1YQYp00lg=
x-served-by: cache-fra-eddf8230051-FRA
last-modified: Mon, 06 Nov 2023 21:13:08 GMT
server: AmazonS3
x-timer: S1700709902.906398,VS0,VE1
etag: "9468c3e024d25849ffa665f5a086c9cb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 170ms
42ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/adManager.debf8438553c4c88fa24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:28:43 GMT
content-encoding: gzip
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 3380
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: n_qHpIpARHPbjJ2rSfPnv5A4xF60CNoJxgYHkqrckAl7q_hfv6ZIyA==

GET
H2 200 prebid-js-prod.a8306d741abb4944d94e.js Show response
x.kinja-static.com/assets/new-client/ 464 KB
117 KB 49ms
20ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.da3db87d41ef042b00b0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3158a62a353701d639f6613783a002ad5d51429634080717bf973e887b8685ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: PQ48QZ6EQAX48EP6
age: 112
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 119075
x-amz-id-2: JsuznhqhlVFCL4+tkSPbyfBqsnHksajeGRWOeGJ2zttI8XWEUJqYh47ub8CeN4NMr6PMwa551p8=
x-served-by: cache-fra-eddf8230051-FRA
last-modified: Mon, 13 Nov 2023 21:57:51 GMT
server: AmazonS3
x-timer: S1700709902.906373,VS0,VE1
etag: "59d007537119dd0df497d743b1a2ab0f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 b-cf1706d-4a4114ab.js Show response
tagan.adlightning.com/gomedia/ 73 KB
28 KB 35ms
34ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08fa7ff07736c62eb09f473459e4123d902f388debf370e10103f03ba3c61ec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:23:34 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-version-id: YWL0SJBVmouTNxkWla4VH_aL86_dW.Pd
x-amz-cf-pop: FRA60-P4
age: 118889
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27942
x-amz-meta-git_commit: cf1706d
last-modified: Tue, 21 Nov 2023 18:23:23 GMT
server: AmazonS3
etag: "7e0885f669f70c7a4d38807250550e89"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: j7sjRnvpM6XcDW4EAXHuwDfzhI1ORmm5Q92Eowu59JOcg_OJxO6SFw==

GET
H2 200 bl-cf1706d-0277468f.js Show response
tagan.adlightning.com/gomedia/ 72 KB
31 KB 53ms
53ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/bl-cf1706d-0277468f.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13f97430ec64942f6a1afc5a4df87459029c17aa0d3083ad0bc13e76f16c0a4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:23:59 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-version-id: zltGZNt4217XSbelGXvYtb2YiSyPNKjA
x-amz-cf-pop: FRA60-P4
age: 21664
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31002
x-amz-meta-git_commit: cf1706d
last-modified: Wed, 22 Nov 2023 20:41:29 GMT
server: AmazonS3
etag: "02f2368d47e8b915b60cc86e07d0089e"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: v7ana0FRnpnSPR9nvz7KQdj__PJqeoz-X5Vc7dOtg2PbSYVvpv4gjw==

GET
H2 403 / Show response
id.sv.rkdms.com/identity/ 72 B
232 B 517ms
182ms XHR
application/json 54.152.130.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=GOMEDIA&sv_domain=www.theonion.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.130.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-130-91.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 6851edc0fca6eb99fa5fa083c37055fb96b62567bcd4730305e755e4cc0ab82a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 23 Nov 2023 03:25:02 GMT
access-control-allow-credentials: true
server: awselb/2.0
content-length: 72
vary: Accept-Encoding
content-type: application/json

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
361 B 138ms
41ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 23 Nov 2023 03:25:02 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 any Show response
idx.liadm.com/idex/ie/ 0
372 B 519ms
135ms XHR
text/plain 44.207.42.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/ie/any

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.207.42.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-207-42-96.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 23 Nov 2023 03:25:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 2
access-control-allow-origin: https://www.theonion.com
cache-control: max-age=3599, private
access-control-allow-credentials: true
trace-id: 4fc52325826db1d1
expires: Thu, 23 Nov 2023 04:25:02 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
567 B 196ms
60ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183957&gdpr=0
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 716a6cf119da32ecf43145c76874a92daeaf13446312abef522f5e1d094fdc8e

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 23 Nov 2023 03:25:02 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sat, 23 Dec 2023 03:25:02 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 31ms
31ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2088001996&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&ul=en-us&de=UTF-8&dt=Friend%20Who%20Sent%20Link%20To%208-Minute%20YouTube%20Video%20Must%20Be%20Fucking%20Delusional&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aODACEABFAAAACAAI~&jid=396138900&gjid=329727984&cid=823093728.1700709902&tid=UA-223393-1&_gid=735446349.1700709902&_r=1&_slc=1&cd34=Local&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=1819574977&cd75=Logged%20out&cd76=none&cd78=standard&cd80=2013-05-15&cd82=Friend%20Who%20Sent%20Link%20To%208-Minute%20YouTube%20Video%20Must%20Be%20Fucking%20Delusional&cd83=article&cd94=local&cd97=152&cd99=The%20Onion&cd100=none&cd101=theonion&cd103=local%2Cfriends%2Csocialmedia%2Cnewsinbrief%2Cvol49issue20&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=0%20-%20200&cd117=none&cd123=scroll&cd124=none&cd126=adblock%20off&cd130=none&cd131=article&cd132=undefined&z=835210483

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 31ms
31ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2088001996&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&ul=en-us&de=UTF-8&dt=Friend%20Who%20Sent%20Link%20To%208-Minute%20YouTube%20Video%20Must%20Be%20Fucking%20Delusional&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aODACEABFAAAACAAI~&jid=1759649332&gjid=1104557135&cid=823093728.1700709902&tid=UA-142218-33&_gid=735446349.1700709902&_r=1&_slc=1&cd34=Local&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=1819574977&cd75=Logged%20out&cd76=none&cd78=standard&cd80=2013-05-15&cd82=Friend%20Who%20Sent%20Link%20To%208-Minute%20YouTube%20Video%20Must%20Be%20Fucking%20Delusional&cd83=article&cd94=local&cd97=152&cd99=The%20Onion&cd100=none&cd101=theonion&cd103=local%2Cfriends%2Csocialmedia%2Cnewsinbrief%2Cvol49issue20&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=0%20-%20200&cd117=none&cd123=scroll&cd124=none&cd126=adblock%20off&cd130=none&cd131=article&cd132=undefined&z=1037246500

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pid
www.theonion.com/api/magma/veritas/ 0
0

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://kinja-com.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=kinja-com&upapi=true

53 KB
18 KB

428ms
39ms

Script
application/javascript

172.67.41.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=kinja-com&upapi=true
Protocol: H2
Server: 172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78061b1127990e3338eb0ff5ee53461fb891cba7a061f9d8ef40b9007097c6ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:03 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 03:01:12 GMT
server: cloudflare
age: 1251
etag: "c659e5cd3a1964ac9f8a18698fe7df9e"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 82a64d803fe44d61-FRA
content-length: 18186

Redirect headers

date: Thu, 23 Nov 2023 03:25:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2Gvu5SDABkRACoORTUqJfG427JW33FYlcyQRcp3qh4kHTN9u6l%2FuyugEZIVnmxxU5QiGiaCKF1zTPPwhLdyd8hOJzVe%2Fowbvoy1L6EByiCqxM7yjo5%2B9VCwowVVfsV%2FVN92yRGdP%2FgGcoyzjPU%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=kinja-com&upapi=true
cache-control: max-age=3600
cf-ray: 82a64d7d9cbc3687-FRA
expires: Thu, 23 Nov 2023 04:25:02 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 866ms
65ms Script
application/x-javascript 18.245.64.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.64.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-64-124.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 20:48:44 GMT
content-encoding: gzip
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 01:59:58 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 23778
etag: W/"6555779e-94a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: CG_oak6ubjIlG5TuoDQ3ElnCFhDqdruz4mwSMKOgl-ux3cJyHEJ0cQ==
expires: Thu, 23 Nov 2023 20:48:44 GMT

GET iframe-communication.d153faead67976190b53.js
x.kinja-static.com/assets/new-client/ 0
0

GET next-video-loader.8a22cb6e301f78d7fe09.js
x.kinja-static.com/assets/new-client/ 0
0

GET adEditorComponent~api-video-meta~curatedPageEditor~getShowBrowserData~in-article-selector~renderRela~7a3e1c31.142c3c06ee76db1d247f.js
x.kinja-static.com/assets/new-client/ 0
0

GET api-video-meta.6751291f0698038be227.js
x.kinja-static.com/assets/new-client/ 0
0

GET vendor~curatedHomepage~frontPage~modify-commerce-links~renderSlideshowBlockNode~searchPage~send-to-e~ecb5f117.72ef3192a5c3b1a8c2d5.js
x.kinja-static.com/assets/new-client/ 0
0

GET modify-commerce-links.2cd3cf6901a344065b88.js
x.kinja-static.com/assets/new-client/ 0
0

GET
H2

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NjU3N2JhZTMtMjE3Ni00M2JkLWEyYmUtZjYwODE2OGYyODFh&gdpr=0&gdpr_consent=&ttd_tdid=6577bae3-2176-43bd-a2be-f6081...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=NjU3N2JhZTMtMjE3Ni00M2JkLWEyYmUtZjYwODE2OGYyODFh&gdpr=0&gdpr_consent=&ttd_tdid=6577bae3-2176-43bd-a2be-f60...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=6577bae3-2176-43bd-a2be-f608168f281a&google_gid=CAESENYAq6GhXmqTnxS3wV9I3C0&google_cver=1
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6577bae3-2176-43bd-a2be-f608168f281a&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6577bae3-2176-43bd-a2be-f608168f281a&expiration=1703301903&gdpr=0&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6577bae3-2176-43bd-a2be-f608168f281a&expiration=1703301903&gdpr=0&gdpr_consent=&C=1

43 B
344 B

48ms
47ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6577bae3-2176-43bd-a2be-f608168f281a&expiration=1703301903&gdpr=0&gdpr_consent=&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUT2rUvESH73HVfwxrBoMCTNcPFkSGbJdPi%2Fq%2FQbb9n0LhlkQPQsB%2BChWtlzo9Ukn7SQOxNrK%2FtVxyzMPMBa9a2ydr8rM%2B%2F7e3x06gVGLdimoZp%2BOrZFEcc%2BQKmaYCmW7ihduwAUzeG9EA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82a64d7edd5bbb53-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOgXGrswJ0YQsZVk%2Fyh2sv0DbRfz6BKQHtUE7w%2FArRexR4IjWGO6P0Y%2FGvdzMFRdhI%2Bw5a0g3ZMzPLY5nR9C2fDjvE9Nmz0tNTBEFJJbzITcybAlk06UwZX6JdsHC%2BW%2FaA%2B2V2zvDxo8Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=39&external_user_id=6577bae3-2176-43bd-a2be-f608168f281a&expiration=1703301903&gdpr=0&gdpr_consent=&C=1
cache-control: no-cache
cf-ray: 82a64d7e9d19bb53-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 roboto_condensed_ext_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 22 KB
22 KB 36ms
35ms Font
binary/octet-stream 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_reg-webfont.woff2?11012022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cf63e82bd1a86cf85c62989cc15541677669740180c62e7855e00a967f18ba06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:02 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: E29DMFM09CRHSR8J
age: 28
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 22464
x-amz-id-2: mQ3EcOT9AgDlC3EiJuJe6gDaI3Z4JJxBI1T31kwN5fGqx82mWiFQaO+zJmVh6hTSaz0x2NZBi3U=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Thu, 10 Aug 2023 17:07:53 GMT
server: AmazonS3
x-timer: S1700709902.185807,VS0,VE0
etag: "07a9822d47ff9a6f495d0f1c04d185c8"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 roboto_condensed_ext_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 22 KB
22 KB 27ms
26ms Font
binary/octet-stream 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_bold-webfont.woff2?11012022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aa4a10fb18a7cf972ee266856700400200e09d0557441a4aed5adf6f1d4a94a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:02 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 8H3693CZ3V6HZKB2
age: 23
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 22308
x-amz-id-2: 2pc6FAbZMyuCaK0sYZQymQZMEnSakNqjNTPb+SN38SUj1d4fA831/Ox+RFGNhBPrjkSoo3zPVPw=
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Thu, 10 Aug 2023 17:07:51 GMT
server: AmazonS3
x-timer: S1700709902.185796,VS0,VE0
etag: "5b89baa90ed9f475cc75193a4873c51a"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 790ms
54ms XHR
text/plain 64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-223393-1&cid=823093728.1700709902&jid=396138900&gjid=329727984&_gid=735446349.1700709902&_u=aODACEAAFAAAACAAI~&z=1903453674

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Nov 2023 03:25:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 788ms
53ms XHR
text/plain 64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-142218-33&cid=823093728.1700709902&jid=1759649332&gjid=1104557135&_gid=735446349.1700709902&_u=aODACEABFAAAACAAI~&z=1977666745

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Nov 2023 03:25:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3076 Show response
config.aps.amazon-adsystem.com/configs/ 505 B
770 B 113ms
25ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3076
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1d923186391290904b3f4eb0006cdbca944b9c5d94a1917794012d9a4c1a0949

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:03:22 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1300
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 505
x-amz-cf-id: JfYIdUPn4eDs7aLt9SBi4jPjhrh3N0iLRjaPCZ7FUjNhxRzOL3PpWw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 24ms
24ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3076&u=https%3A%2F%2Fwww.theonion.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 964b51f0f69e81873789b020fabe29658d43bb3cd3d3568196b6a48e177b8ae3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:06:14 GMT
via: 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 1128
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1259
x-amz-cf-id: 5mBrUb47GLjQXxAHhfadqMlvPpOGss3FsgTJH29yrBKGDy6jeWzmVg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 87ms
23ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
date: Wed, 22 Nov 2023 08:03:00 GMT
x-amz-cf-pop: FRA56-P6
age: 69723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: pTlZdmdmk3pVNKbelwgyqCO7F8vhZmq5SqjzUmTeelo1rKts4imlVA==

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 110 KB
37 KB 189ms
52ms Script
text/javascript 143.204.98.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-16.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding: gzip
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
date: Wed, 22 Nov 2023 05:55:39 GMT
last-modified: Thu, 19 Oct 2023 08:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 77364
x-amz-server-side-encryption: AES256
etag: W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: re6ll-MWWCd_9fg3s4vyK7Iwe70Bns1B3Oe98fyzq242HaFdUdCWuQ==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 810ms
197ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:03 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 23 Nov 2023 03:40:03 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 25ms
24ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51602
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 21 Nov 2024 13:05:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 216 KB
71 KB 37ms
36ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4f23c1742b2a5346c5da04a45869c021bf192d825daf6b768ebdb638a0a493eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72327
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Nov 2023 03:25:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 51ms
50ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f3f0536bf37abd0a00fbb1a920cd8bbebf235e55e7d67684ebdf665321210451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78936
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Nov 2023 03:25:02 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
10 KB 538ms
49ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?2310
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 556b62129d954b0d5b92c4f286ec0234774ac6d41353a3c84f8349fa94d88cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:05:31 GMT
via: 1.1 google
content-encoding: br
age: 1171
x-guploader-uploadid: ABPtcPq1XCm79jdUOANR00YAIm5_oKRVXqN_g3dPpdgZX8sSYxItEKxfLa4DVl1x45il0ryrdRo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10209
last-modified: Fri, 12 May 2023 18:40:12 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1683916812364920
x-goog-hash: crc32c=mZ+Z9w==, md5=kd+C792N6TsjSfrrJlopCg==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: bytes

GET
H2 200 gomedia_015a5_the_onion.js Show response
cdn-magiclinks.trackonomics.net/client/static/v2/ 95 KB
28 KB 552ms
68ms Script
text/javascript 13.32.121.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-49.fra60.r.cloudfront.net
Software: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash: 5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:10:15 GMT
content-encoding: gzip
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jun 2022 11:07:33 GMT
server: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
x-amz-cf-pop: FRA60-P1
age: 76487
etag: W/"17c61-5e21b75e9e639"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-id: -cbn4osVn7WGdBwsmsl8VxqtzpgYQ7ua-B2TH9TbOPw-TNa2U4Oq4w==

GET ad-manager-bulbs.c463ea05828bf41db59b.js
x.kinja-static.com/assets/new-client/ 0
0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 521ms
86ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&pid=wWIAwEbnZ5xvz&cb=0&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Farticle_top-banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:03 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: 92WKR1T3F8HRZ7YHQ2VX
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: gcJJEi2ebxSJAYdrL6TY_e6YS4aPhunod6tpcc1iKVBy6FRkKxprew==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 415 B
649 B 521ms
94ms Fetch
application/json 18.203.29.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-1,ss:%5B970.250,970.90,728.90,1600.350%5D,p:/4246/fmg.onion/article%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%253Futm_content%253DMain%2526utm_campaign%253DSF%2526utm_source%253DTwitter%2526utm_medium%253DSocialMarketing
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.29.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-29-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c27ff99516b3aa88b37e34a93308eb2345d6376e1f6d84a4b285567e7c57e160

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 23 Nov 2023 03:25:03 GMT
server: nginx
x-server-name: app01.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 503ms
88ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&pid=wWIAwEbnZ5xvz&cb=1&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Farticle_left_top%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:03 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: FZEETZVCX43W4EE067XH
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 8fxosxfvEsLD-UDdskrSmabdPqs-A5D8-jAdQyz-gG_pwTtrB92BxQ==

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 461ms
74ms Fetch
application/json 52.223.6.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.6.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8c33d2b6751b365d.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 23 Nov 2023 03:25:02 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
544 B 437ms
51ms Fetch
application/json 3.125.101.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.14.0&referrer=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.125.101.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-101-88.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:02 GMT
accept-ch: sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
545 B 445ms
62ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=727144
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db05cb35bc26a53de40c12ede24b6d458d4decd5d38cdcc9975c237e9cef937

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmXdfEDD2I9ELFPFU9Q4Bu8hamYd9MI7aH2h2bYTtASxB%2FyB5rpf3XZ5u4ROdjr08HS48l8alWtxMcFleY%2BGfRQ7oUF0T958we5s5kERBqCmg5lA5hR%2FM9zb2RVdHI0dFxHhxeyY"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 82a64d7d9c6ebb53-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 83 B
430 B 444ms
64ms Fetch
application/json 54.217.228.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.217.228.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-228-107.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 74e65c1cec042026b15601dac60952454e555c6f2f7b8ed475c854227129a003

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 23 Nov 2023 03:25:02 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 83

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 426ms
48ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 23 Nov 2023 03:25:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 35 B
598 B 432ms
58ms Fetch
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8480be0ce1c29fe0ef5849cdd2af301b22f7b20c783ed987a7250717cf77d794

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:02 GMT
an-x-request-uuid: 918b6cdd-3e6a-46d1-a483-ab025dd05e42
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.133.93.105; 31.133.93.105; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 35
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
krk2.kargo.com/api/v1/ 2 B
466 B 424ms
51ms Fetch
application/json 3.65.240.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk2.kargo.com/api/v1/prebid
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.240.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-240-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:02 GMT
content-encoding: gzip
x-accel-expires: 0
nbr: 512
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 26
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 534 B
1 KB 501ms
44ms Fetch
application/json 213.19.162.43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392270&zone_id=2189722&size_id=2&alt_size_ids=55%2C57&p_pos=atf&eid_pubcid.org=b9701613-958f-40a5-b3fa-eb3f11d73cf5%5E1&rf=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&kw=Local%2Cfriends%2CSocialMedia%2CNewsinBrief%2CVol49Issue20%2CTheOnion&tg_v.iab_segments=1-4&tg_i.domain=theonion.com&tg_i.page=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&tg_i.mobile=1&tg_i.pbadslot=%2F4246%2Ffmg.onion%2Farticle%2F1%2Ftop&tk_flint=pbjs_lite_v8.14.0&x_source.tid=56f95d1e-2c88-48e8-8c8d-b6d37a59807e&l_pb_bid_id=16aabfa7dbe1407&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=85871a65-ca3b-4ee3-96db-03a23a01574c&rp_hard_floor=0.65&rp_maxbids=1&p_gpid=%2F4246%2Ffmg.onion%2Farticle%2F1%2Ftop&slots=1&rand=0.4448626312055586
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.43 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 816ba05962c7aef9f510c515335038608bc3bcc9c17869b573084c5c1e2c2564

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:03 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 534
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
367 B 504ms
146ms Fetch
application/json 3.76.107.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.76.107.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-76-107-155.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7ab90e772e235797872f48fba1cec37c508993ce5d53de1540ddda1bceabef31

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 23 Nov 2023 03:25:03 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
195 B 476ms
52ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.14.0&cb=18222849407&lsavail=1

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 23 Nov 2023 03:25:02 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 433ms
30ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FBJXBGD4M8&gtm=45je3b81v9113953751z8894640252&_p=1700709901817&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=823093728.1700709902&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700709902&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&dt=Friend%20Who%20Sent%20Link%20To%208-Minute%20YouTube%20Video%20Must%20Be%20Fucking%20Delusional&uid=none&en=page_view&_fv=1&_ss=1&ep.site_section=1636079510&ep.content_channel=local&ep.content_section=none&ep.content_subsection=none&ep.content_title=Friend%20Who%20Sent%20Link%20To%208-Minute%20YouTube%20Video%20Must%20Be%20Fucking%20Delusional&ep.content_id=1819574977&ep.content_created_date=2013-05-15&ep.content_updated_date=none&ep.content_role=&ep.content_author=The%20Onion&ep.content_author_byline=none&epn.article_word_count=152&ep.article_word_count_group=0%20-%20200&ep.article_truncated=false&ep.article_tags=&ep.article_primary_tags=local%2Cfriends%2Csocial%20media%2Cnews%20in%20brief%2Cvol%2049%20issue%2020&ep.adblock=false&ep.content_type=article&ep.content_sponsored=false&up.adblock=false&up.user_type=&tfd=3049
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
607 B 370ms
49ms Fetch
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 01:55:25 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront), 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 5377
x-amzn-requestid: a5a92258-0d0f-4a46-9023-9648b0c595ca
x-amzn-trace-id: Root=1-655eb10d-7bd383ec0ff1f4d25854e727;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: O1CaHEyoDoEEZ3w=
content-length: 30
x-amz-cf-id: zxdHwwn6HCB3pdgmYUTAbfoDniNjamnvXA5Ct-ckxi_-Ds5Hlp860Q==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 409ms
35ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-142218-33&cid=823093728.1700709902&jid=1759649332&_u=aODACEABFAAAACAAI~&z=502296147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 410ms
35ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-142218-33&cid=823093728.1700709902&jid=1759649332&_u=aODACEABFAAAACAAI~&z=502296147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
254 B 46ms
45ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=90810&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&pv=1700709903016_qjwzh9kfi&bl=en-us&cb=139022&return=&ht=&d=&dc=&si=1700709903016_qjwzh9kfi&cid=&s=1600x1200&rp=&v=2.5.3.51
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2310
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:03 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 374ms
113ms Image
image/gif 54.80.172.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=theonion.com&p=%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977&u=aHPpgCXaUUDp5HS3&d=theonion.com&g=3012&g0=www.theonion.com%2Clocal%2Cfriends%2Csocial%20media%2Cnews%20in%20brief%2Cvol%2049%20issue%2020&g1=The%20Onion&n=1&f=00001&c=0&x=0&m=0&y=8462&o=4000&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&b=2151&_c=SF&_m=SocialMarketing&_x=Twitter&_y=Main&t=COPsPyBdeFUSCSv127CcV1QdIBykX&V=141&i=Friend%20Who%20Sent%20Link%20To%208-Minute%20YouTube%20Video%20Must%20Be%20Fucking%20Delusional&tz=-60&sn=1&sv=O36etCT9iIBILyxJPdG70BkpB3Y&sd=1&im=067b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.172.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-172-124.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 23 Nov 2023 03:25:03 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
19 KB 318ms
317ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=474679031944648&correlator=4041606523118278&eid=31079665%2C31079667%2C31079671%2C31079674%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Carticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90%7C1600x350&ifi=1&didk=1378598719&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700709903103&lmt=1700709903&adxs=1515&adys=366&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&vis=1&psz=4000x351&msz=4000x351&fws=1028&ohw=4000&ga_vid=823093728.1700709902&ga_sid=1700709903&ga_hid=2088001996&ga_fc=true&dlt=1700709900468&idt=2012&ppid=b9701613-958f-40a5-b3fa-eb3f11d73cf5&prev_scp=article_position%3D1%26pos%3Dtop%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dtop-01%26amznbid%3D2%26amznp%3D2%26id%3De3d82812-89af-11ee-8d15-025c7d14b065%26vw10%3D40%26vw05%3D40%2C50%2C60%26vw%3D40%2C50%2C60%2C70%26fr%3Dfalse%26ias-kw%3DIAS_3006647_PG%2CIAS_1507658_PG%2CIAS_1508978_PG%2CIAS_1508977_PG%2CIAS_1509991_PG%2CIAS_1509990_PG%2CIAS_1509989_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow&cust_params=veritas-iab%3D1-4%26tags%3Dlocal%252Cfriends%252Csocial%2520media%252Cnews%2520in%2520brief%252Cvol%252049%2520issue%252020%26blogName%3Dtheonion%26channel%3Dlocal%26section%3D%26subsection%3D%26page%3Darticle%26postId%3D1819574977%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing%26utm_campaign%3DSF%26amznbid%3D0%26amznp%3D0&adks=1160756866&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1d2fdccbacfd03e106750cfeafdcebe87938291898b7a9d6a9e43e5d071f1933

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19285
x-xss-protection: 0
google-lineitem-id: 6376910866
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138446248708
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
13 KB 441ms
49ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

036e16d4235b376cd7033577b54eadc9cd78c6e242b0193b5403205d8269fe71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12610
x-xss-protection: 0

GET
H2 200 container.html Show response
47fde2a29987a334b32e5278273fac2d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DAC5 6 KB
3 KB 478ms
65ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://47fde2a29987a334b32e5278273fac2d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 03:25:03 GMT
expires: Fri, 22 Nov 2024 03:25:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9EC2 0
0 62ms
61ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnwU3BZ02LQw2Kbfn_mWzOz5MxLLXvgalIXNS1W0CW1vWTaVScLHPq689rXSCQfuf7-fI1YB8P--RclPtsCdCB7m8eTbBTWXsSb4pC3Ct-43-VgH563HsHUII8d5QGkpm0fE6I9YtpqnF-YbuZiltOTKG-3qFygcmPeJeEg8ZsAW7Lfk2oyEPSNus6VzWa1m2cCAvPAYn5LSbJg2WYvSeOTEqAK6Yfo5G-Rhu2VD5Vcfa-DvLukg78G3H87aMUZ1_rzv2IPhkqXORz31msQQnPLX4ScVu9BGkbQVX7m8fxahozHdkIGGettrDIUoxQQMScJVaEysG2zt1lCA-hx3I2dn-B8SAEJkDWU9enGiH5xw&sai=AMfl-YT7X0Xd7Mha6z1inRuE5I3v9sCEdE8cJE_Q_N5D5KyBppjL892oYSHTjjxzfdG2a1yMvIM5Wjf7C9uI573aqRgWAhaIYYV8JefcbHw7JX0t2ue4gJf3ouMXwB_P41i6dxAkXwiHAfsIMUoP6r0rdg&sig=Cg0ArKJSzJYjf3a0j7ohEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 b-cf1706d-4a4114ab.js Show response
tagan.adlightning.com/gomedia/ Frame 9EC2 73 KB
28 KB 32ms
32ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08fa7ff07736c62eb09f473459e4123d902f388debf370e10103f03ba3c61ec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:23:34 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-version-id: YWL0SJBVmouTNxkWla4VH_aL86_dW.Pd
x-amz-cf-pop: FRA60-P4
age: 118890
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27942
x-amz-meta-git_commit: cf1706d
last-modified: Tue, 21 Nov 2023 18:23:23 GMT
server: AmazonS3
etag: "7e0885f669f70c7a4d38807250550e89"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: nMTvBAy9jKh_xuOnVCHumlwcZoQzqgxmtrNCKWspkI1B9kjIC43HWg==

GET
H2 200 css2
fonts.googleapis.com/ Frame 9EC2 4 KB
1 KB 530ms
38ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Baskerville:wght@400;700&family=Roboto+Condensed&display=swap

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

7ebb7985c2f23fdcbe1fad1337acf9194a8ead73b69664fd5e2a54346f8d30ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 03:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 03:25:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 03:25:04 GMT

GET
H2 200 kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2
fonts.gstatic.com/s/librebaskerville/v14/ Frame 9EC2 18 KB
18 KB 528ms
37ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

546db554b9a7c8dab36a67ca582d98882c575957bd515a4bc1e00563bc0b46d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:31:32 GMT
x-content-type-options: nosniff
age: 10412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17920
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:47:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 00:31:32 GMT

GET
H2 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxMaC82U.woff2
fonts.gstatic.com/s/librebaskerville/v14/ Frame 9EC2 17 KB
17 KB 543ms
51ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxMaC82U.woff2

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

dbcc0e48671e24477635ad90429f23e1dc948d3726b0a9487e79ce8e1a9112d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:45:16 GMT
x-content-type-options: nosniff
age: 524388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17404
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:09:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 01:45:16 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 9EC2 11 KB
11 KB 519ms
28ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

8c40f530a22a982117388d12fd3d0cd3ef96762aed2cde710b086d6c34e7912d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 07:55:55 GMT
x-content-type-options: nosniff
age: 415749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10988
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 07:55:55 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9EC2 202 KB
64 KB 533ms
42ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 03:25:04 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 9EC2 9 KB
4 KB 531ms
40ms Script
application/javascript 193.108.153.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&seltag=1&sadv=4920965234&ord=3248573455&litm=6376910866&scrt=138446248708&unit=1600x350&splc=152253218&adu=22443057970&adsrv=104&btreg=6376910866138446248708&btadsrv=6376910866138446248708&cb=1379641044&region=70dvtagver=6.1.src
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-19.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: dfee1bd52507e6079bb03907bc1e69549698bbbcd4b48ee20abffee59c3130fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 03:25:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 11:58:00 GMT
Server: UploadServer
ETag: "7016a8d85509bc72e9b0db848677035f"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3639
Expires: Thu, 23 Nov 2023 03:40:04 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 884ms
401ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 03:25:04 GMT

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 218ms
136ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Nov 2023 03:25:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
907 B 508ms
33ms Image
image/gif 104.26.2.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102304
x-guploader-uploadid: ABPtcPrXA0PmdMT7yuaCkFgx8Sq8EASHWx9VryAl7ICr3sOGCvXIxcoLbV_WYZ-uwlFtclgep1_F9rhtgg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wg51KRXGYwjRXKzRClDHIocvqo9HKXTGtTzh8mWbHKzcvTB1uQydNXmJdm0CqWan%2Fva5tjYjlqPQ3q2h3gmgC2cHix9aoLXFjnsX%2Bxtezrh%2FYrJIoLk2u%2BaWn0FZX4vIWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 82a64d84dcc935e2-FRA
expires: Tue, 21 Nov 2023 23:44:24 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
572 B 105ms
24ms Image
image/x-icon 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Nov 2023 21:56:59 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
326 B 510ms
35ms Image
image/gif 104.26.2.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.4591793812390532
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102304
x-guploader-uploadid: ABPtcPrXA0PmdMT7yuaCkFgx8Sq8EASHWx9VryAl7ICr3sOGCvXIxcoLbV_WYZ-uwlFtclgep1_F9rhtgg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rCdeKBPWoBfQV949hjpd0O9gs7JWFF3bjVrzc9uQKO9UVQP7%2FNRtAXkgmbDGXP6LXGSpts3wK6O6V%2FrjGhgtX2l5ZHnwVIaurHGK%2FUc3frM47eyRAJOivhOMrk39WUbSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 82a64d84dccb35e2-FRA
expires: Tue, 21 Nov 2023 23:44:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 9EC2 52 KB
21 KB 24ms
24ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 01:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5725
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 23 Nov 2023 03:49:38 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 303 B
205 B 122ms
122ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=474679031944648&correlator=4041606523118278&eid=31079665%2C31079667%2C31079671%2C31079674%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Carticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x60&ifi=2&didk=1378598704&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D308342fb8dee0c53%3AT%3D1700709903%3ART%3D1700709903%3AS%3DALNI_MY7fg1kdIUt9w8TcWHZaMFzYlqQUA&gpic=UID%3D00000cd899f2dc2e%3AT%3D1700709903%3ART%3D1700709903%3AS%3DALNI_MZJoGLOKizCM83WpoaUJH2HIGMt2A&abxe=1&dt=1700709904030&lmt=1700709904&adxs=2530&adys=565&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&vis=1&psz=1273x248&msz=136x0&fws=1028&ohw=4000&psts=AOrYGskk3zhkjM73v1hGRrQ4Vl8v3khgbreKrbmHWUy6_HroeebZ21hSo7gg0zEDsUCuxha5Zh2lrcmtBUr4nTs&ga_vid=823093728.1700709902&ga_sid=1700709903&ga_hid=2088001996&ga_fc=true&ga_cid=735446349.1700709902&dlt=1700709900468&idt=2012&ppid=b9701613-958f-40a5-b3fa-eb3f11d73cf5&prev_scp=article_position%3D1%26pos%3Dsection_sponsorship%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dsection_sponsorship-01&cust_params=veritas-iab%3D1-4%26tags%3Dlocal%252Cfriends%252Csocial%2520media%252Cnews%2520in%2520brief%252Cvol%252049%2520issue%252020%26blogName%3Dtheonion%26channel%3Dlocal%26section%3D%26subsection%3D%26page%3Darticle%26postId%3D1819574977%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing%26utm_campaign%3DSF%26amznbid%3D0%26amznp%3D0&adks=442601277&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c02f17375996f75704a24e5ae3865445899c1f0f321e760b90f28df721aa1183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
18 KB 318ms
318ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=474679031944648&correlator=4041606523118278&eid=31079665%2C31079667%2C31079671%2C31079674%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Carticle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C360x430&ifi=3&didk=1378598705&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D308342fb8dee0c53%3AT%3D1700709903%3ART%3D1700709903%3AS%3DALNI_MY7fg1kdIUt9w8TcWHZaMFzYlqQUA&gpic=UID%3D00000cd899f2dc2e%3AT%3D1700709903%3ART%3D1700709903%3AS%3DALNI_MZJoGLOKizCM83WpoaUJH2HIGMt2A&abxe=1&dt=1700709904038&lmt=1700709904&adxs=2279&adys=829&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&vis=1&psz=372x461&msz=372x461&fws=1540&ohw=4000&psts=AOrYGskk3zhkjM73v1hGRrQ4Vl8v3khgbreKrbmHWUy6_HroeebZ21hSo7gg0zEDsUCuxha5Zh2lrcmtBUr4nTs&ga_vid=823093728.1700709902&ga_sid=1700709903&ga_hid=2088001996&ga_fc=true&ga_cid=735446349.1700709902&dlt=1700709900468&idt=2012&ppid=b9701613-958f-40a5-b3fa-eb3f11d73cf5&prev_scp=article_position%3D1%26pos%3Dleft_top%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dleft_top-01%26amznbid%3D2%26amznp%3D2&cust_params=veritas-iab%3D1-4%26tags%3Dlocal%252Cfriends%252Csocial%2520media%252Cnews%2520in%2520brief%252Cvol%252049%2520issue%252020%26blogName%3Dtheonion%26channel%3Dlocal%26section%3D%26subsection%3D%26page%3Darticle%26postId%3D1819574977%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing%26utm_campaign%3DSF%26amznbid%3D0%26amznp%3D0&adks=1174483981&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

15f7234c23d7032b5a15fb9bc92c95803e77733efea46546dd78b19a632b7855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18495
x-xss-protection: 0
google-lineitem-id: 6376910866
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138450082289
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 694ms
51ms Script
text/javascript 178.250.1.3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 03:25:04 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
132 B 137ms
134ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:04 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 135ms
134ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=lyj3fqmvt&w=5197056576585728&o=5726495427264512&cv=2.1.24-1-g0c437e2&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&sid=o80UwDWM1&pm=true&upapi=true
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Nov 2023 03:25:04 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v14/ Frame 9EC2 27 KB
27 KB 29ms
27ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:wght@400;700&family=Roboto+Condensed&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:04:35 GMT
x-content-type-options: nosniff
age: 199229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27976
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 20:04:35 GMT

GET
H2 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ Frame 9EC2 26 KB
27 KB 42ms
41ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:wght@400;700&family=Roboto+Condensed&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 06:26:42 GMT
x-content-type-options: nosniff
age: 421102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27120
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 06:26:42 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 9EC2 20 KB
20 KB 39ms
39ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:wght@400;700&family=Roboto+Condensed&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:04:31 GMT
x-content-type-options: nosniff
age: 199233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 20:04:31 GMT

GET
DATA 200
OK truncated
/ Frame 9EC2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb746cec654e4e9e90271a1287bdfdf48afcb7d38f911be8000e45e21b126430

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 0F50 47 KB
13 KB 175ms
73ms Script
application/javascript 18.203.29.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931294&campId=1600x350&pubId=4920965234&chanId=22443057970&placementId=6376910866&pubCreative=138446248708&pubOrder=3248573455&cb=1379641044&adsafe_par&impId=e3d82812-89af-11ee-8d15-025c7d14b065&custom2=top&custom3=&custom4=&custom5=top-01&custom=Twitter
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.29.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-29-182.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef92b320afbbfcf4a8281f42159d4bd3adaea17a61283ff364886d2ff02d6079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:04 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK dv-measurements4951.js Show response
cdn.doubleverify.com/ Frame C978 424 KB
100 KB 52ms
51ms Script
application/javascript 193.108.153.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4951.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-19.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 987fe342842bc4545e33dddba53fc214b1b848407b78317538dcf573fa0dae82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 03:25:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 10:52:29 GMT
Server: UploadServer
ETag: "b47e628f652d93d0e7ba169948af091c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102052
Expires: Fri, 22 Nov 2024 03:25:04 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 9EC2 3 B
70 B 30ms
30ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=199415162&t=event&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x350&je=0&ec=Newsletter_Ads&ea=Viewable&el=The_Onion_Daily-138446248708&_u=CACAAEABAAAAACAAI~&jid=&gjid=&cid=823093728.1700709902&tid=UA-142218-33&_gid=735446349.1700709902&_slc=1&z=1021325325

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 45D5 0
0 65ms
62ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfY_qgtRtH3LxBQ0Xp01lzc-AN5Zy4EjNNBEAnNoFYFkVlmg9mXMz7RsJIJYsMrV-1bMcb0KUNIllArAbYW1fyQv6DRrSGSFJ6g50dsP5IiWyEFKAQ7yoF15IOa5j216kZaGdnf8QEc_SKD0jZYzCZx0nuvjhhr9qxKe-fZNSwjNAjq88MAdzDkrh4CgaAhD9K766unm5bFd2KwBpkWZ95WO2ekQLxFUx0xa7ZhDGdm-vesRtxG1w5VWFyJVgfrSSFn_gU3ojOm85ebyHLCnDgJBLU_W3zK8SI3sVwS9mY9g_a4BeWNA21hkUdQVVuTDe_CEPMGghPg5j6f9RJn-OAGjaoCpnd2Em-GZvcGaFZag&sai=AMfl-YTYlshyfqPAHLppKjnTKBiVHJi0mtKCNVLa7h6yFMqPoXvkoyvEmLU8iTjPynfBIEEvGuH1El62JwB-gyJjt2hFE-oOwNCZFx5GBXrFo8MtBKvJ0NeHYvcFl3y5Udz0UR8CKAGzncM24_Nm0S5vwQ&sig=Cg0ArKJSzNHZSBN0NgnNEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 b-cf1706d-4a4114ab.js Show response
tagan.adlightning.com/gomedia/ Frame 45D5 73 KB
28 KB 34ms
32ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08fa7ff07736c62eb09f473459e4123d902f388debf370e10103f03ba3c61ec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:23:34 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-version-id: YWL0SJBVmouTNxkWla4VH_aL86_dW.Pd
x-amz-cf-pop: FRA60-P4
age: 118891
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27942
x-amz-meta-git_commit: cf1706d
last-modified: Tue, 21 Nov 2023 18:23:23 GMT
server: AmazonS3
etag: "7e0885f669f70c7a4d38807250550e89"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 6Qlmbb7VeGRGQRz-r1f58kIV_7YcR5TbfvShlmvdbgbuaZOUU0wNlA==

GET
H2 200 css2
fonts.googleapis.com/ Frame 45D5 4 KB
792 B 37ms
35ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Baskerville:wght@400;700&family=Roboto+Condensed&display=swap

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

7ebb7985c2f23fdcbe1fad1337acf9194a8ead73b69664fd5e2a54346f8d30ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 03:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 03:25:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 03:25:04 GMT

GET
H2 200 kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2
fonts.gstatic.com/s/librebaskerville/v14/ Frame 45D5 18 KB
18 KB 26ms
25ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

546db554b9a7c8dab36a67ca582d98882c575957bd515a4bc1e00563bc0b46d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:31:32 GMT
x-content-type-options: nosniff
age: 10412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17920
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:47:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 00:31:32 GMT

GET
H2 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxMaC82U.woff2
fonts.gstatic.com/s/librebaskerville/v14/ Frame 45D5 17 KB
17 KB 27ms
26ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxMaC82U.woff2

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

dbcc0e48671e24477635ad90429f23e1dc948d3726b0a9487e79ce8e1a9112d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:45:16 GMT
x-content-type-options: nosniff
age: 524388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17404
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:09:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 01:45:16 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 45D5 11 KB
11 KB 35ms
33ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

8c40f530a22a982117388d12fd3d0cd3ef96762aed2cde710b086d6c34e7912d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 07:55:55 GMT
x-content-type-options: nosniff
age: 415749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10988
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 07:55:55 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 45D5 202 KB
64 KB 40ms
39ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 03:25:04 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 45D5 9 KB
4 KB 41ms
41ms Script
application/javascript 193.108.153.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&seltag=1&sadv=4920965234&ord=3248573455&litm=6376910866&scrt=138450082289&unit=360x430&splc=152253218&adu=22443057970&adsrv=104&btreg=6376910866138450082289&btadsrv=6376910866138450082289&cb=1549196626&region=70dvtagver=6.1.src
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-19.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: dfee1bd52507e6079bb03907bc1e69549698bbbcd4b48ee20abffee59c3130fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 03:25:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 11:58:00 GMT
Server: UploadServer
ETag: "7016a8d85509bc72e9b0db848677035f"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3639
Expires: Thu, 23 Nov 2023 03:40:04 GMT

GET
H2 200 main.19.8.461.js Show response
static.adsafeprotected.com/ Frame 0F50 213 KB
66 KB 34ms
34ms Script
application/javascript 18.66.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.461.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d60c053b0001fc62bddd8d273be2d45bd62085f6179c57e1d2ae8fc6be54819

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 09:25:14 GMT
x-amz-version-id: SsS9NfODLbDHY8VzzB.lL2F1gs9DY59I
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 64791
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 22 Nov 2023 09:25:12 GMT
server: AmazonS3
etag: W/"315b08a0e21410ecc940dd381f9a8dd0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: HBl-09hH4VPBEX2aYk-m9-W3_Hq2ZWpWRTDNP1nRPP7HCxwJRM2GTQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 45D5 52 KB
21 KB 24ms
24ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 01:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5726
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 23 Nov 2023 03:49:38 GMT

GET
H2 200 kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v14/ Frame 45D5 27 KB
27 KB 30ms
30ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:wght@400;700&family=Roboto+Condensed&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:04:35 GMT
x-content-type-options: nosniff
age: 199229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27976
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 20:04:35 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 45D5 20 KB
20 KB 31ms
31ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:wght@400;700&family=Roboto+Condensed&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:04:31 GMT
x-content-type-options: nosniff
age: 199233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 20:04:31 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame C978 983 B
897 B 334ms
125ms Script
text/javascript 130.211.44.5

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=250&ttfrms=25&brid=3&brver=119.0.6045.159&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETau7C%3A6%3F5%5CH9%40%5CD6%3FE%5C%3D%3A%3F%3C%5CE%40%5Cg%5C%3E%3A%3FFE6%5CJ%40FEF36%5CG%3A56%40%5C%3EFDE%5C36%5C%60g%60hdfchffTbuFE%3E04%40%3FE6%3FETbs%7C2%3A%3FTaeFE%3E042%3EA2%3A8%3FTbs%24uTaeFE%3E0D%40FC46Tbs%25H%3AEE6CTaeFE%3E0%3E65%3AF%3ETbs%24%404%3A2%3D%7C2C%3C6E%3A%3F8U2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETar9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETau7C%3A6%3F5%5CH9%40%5CD6%3FE%5C%3D%3A%3F%3C%5CE%40%5Cg%5C%3E%3A%3FFE6%5CJ%40FEF36%5CG%3A56%40%5C%3EFDE%5C36%5C%60g%60hdfchff&srcurlD=0&aUrlD=0&ssl=https:&dfs=178&ddur=532&uid=1700709904554956&jsCallback=dvCallback_1700709904554830&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4951&tgjsver=4951&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&fwc=8&fcl=668&flt=0&fec=686&fcifrms=4&brh=2&dvp_epl=635&noc=4&nav_pltfrm=Win32&ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&btreg=6376910866138446248708&btadsrv=6376910866138446248708&adsrv=104&unit=1600x350&seltag=1&sadv=4920965234&ord=3248573455&litm=6376910866&scrt=138446248708&splc=152253218&adu=22443057970&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&cb=1379641044&region=70dvtagver=6.1.src&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=56775335876.64151&ee_dp_sukv=56775335876.64151&dvp_tukv=3774664257.759825&ee_dp_tukv=3774664257.759825&dvp_tuid=374734462360&jurtd=3505399324
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 290f1d3f706c2cec141d87c1676e876f26378fb1635c3e704753e3a13cfa61b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Nov 2023 03:25:04 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/22/2023 03:25:04

GET
DATA 200
OK truncated
/ Frame 45D5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a7155f6a397a5d40e9cee8736274ef11e80d1bfecedc5a69fe1c7c912e5a5ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 4F00 47 KB
13 KB 52ms
51ms Script
application/javascript 18.203.29.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931294&campId=360x430&pubId=4920965234&chanId=22443057970&placementId=6376910866&pubCreative=138450082289&pubOrder=3248573455&cb=1549196626&adsafe_par&impId=&custom2=left_top&custom3=&custom4=&custom5=left_top-01&custom=Twitter
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.29.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-29-182.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0419d45bd6e6dbd769a766c5f7398e35a1e50f90abc45d55b837f31911362e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:04 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK dv-measurements4951.js Show response
cdn.doubleverify.com/ Frame 49CB 424 KB
100 KB 53ms
53ms Script
application/javascript 193.108.153.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4951.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-19.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 987fe342842bc4545e33dddba53fc214b1b848407b78317538dcf573fa0dae82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 03:25:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Nov 2023 10:52:29 GMT
Server: UploadServer
ETag: "b47e628f652d93d0e7ba169948af091c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102052
Expires: Fri, 22 Nov 2024 03:25:04 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C036 13 KB
5 KB 26ms
24ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:29:59 GMT
expires: Thu, 21 Nov 2024 16:29:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C29A 829 B
999 B 35ms
34ms Document
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

GSE /

Resource Hash

6728c7cdd72b60ef9f97212ccb48816eea9876cce24e41f00d19815372612395

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dRKDuL3CVefzQAB9SBfOBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dRKDuL3CVefzQAB9SBfOBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 03:25:05 GMT
expires: Thu, 23 Nov 2023 03:25:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 45D5 3 B
68 B 30ms
30ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=645510016&t=event&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=360x430&je=0&ec=Newsletter_Ads&ea=Viewable&el=The_Onion_Daily-138450082289&_u=AACAAEABAAAAACAAI~&jid=&gjid=&cid=823093728.1700709902&tid=UA-142218-33&_gid=735446349.1700709902&_slc=1&z=1165717392

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame DE1D 91 KB
23 KB 34ms
34ms Script
application/javascript 18.66.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5454955
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 3uktpIBmnB5sSQz79y8CSHlaVZsSz-wbN3ChoWRqbSCZHzjsueb2YA==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 58ms
57ms Image
image/gif 18.203.29.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931294&campId=1600x350&pubId=4920965234&chanId=22443057970&placementId=6376910866&pubCreative=138446248708&pubOrder=3248573455&cb=1379641044&adsafe_par&impId=e3d82812-89af-11ee-8d15-025c7d14b065&custom2=top&custom3=&custom4=&custom5=top-01&custom=Twitter&adsafe_url=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=f&adsafe_jsinfo=,id:fb69b334-35e0-3ee0-b87b-1e4dbcae15cf,c:uLg4Xl,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-66f6d74bff-7xtlh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1200.190.1600.350,am:i,cc:1200.190.1600.350,piv:25,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:549,mot:0,app:0,maw:0,fm:tWoRrgU+11%7C12%7C13*.931294%7C131%7C132%7C141%7C142%7C15%7C16,idMap:13*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:580,oid:e4af749f-89af-11ee-936f-e254f2ed357c,v:19.8.461,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.29.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-29-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:05 GMT
server: nginx
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET dt
dt.adsafeprotected.com/ 0
0

GET
H2 200 main.19.8.461.js Show response
static.adsafeprotected.com/ Frame 4F00 213 KB
66 KB 36ms
36ms Script
application/javascript 18.66.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.461.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d60c053b0001fc62bddd8d273be2d45bd62085f6179c57e1d2ae8fc6be54819

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 09:25:14 GMT
x-amz-version-id: SsS9NfODLbDHY8VzzB.lL2F1gs9DY59I
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 64792
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 22 Nov 2023 09:25:12 GMT
server: AmazonS3
etag: W/"315b08a0e21410ecc940dd381f9a8dd0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: -uyB7JoEhKaKPh3w43YQhWNVefjfyaXd6OkldGhtA6gzNfO60H1zHw==

GET syncframe
gum.criteo.com/ Frame 7C16 0
0

GET publishertag.prebid.139.js
static.criteo.net/js/ld/ 0
0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 49CB 1 KB
1 KB 43ms
43ms Script
text/javascript 130.211.44.5

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=512&ttfrms=8&brid=3&brver=119.0.6045.159&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETau7C%3A6%3F5%5CH9%40%5CD6%3FE%5C%3D%3A%3F%3C%5CE%40%5Cg%5C%3E%3A%3FFE6%5CJ%40FEF36%5CG%3A56%40%5C%3EFDE%5C36%5C%60g%60hdfchffTbuFE%3E04%40%3FE6%3FETbs%7C2%3A%3FTaeFE%3E042%3EA2%3A8%3FTbs%24uTaeFE%3E0D%40FC46Tbs%25H%3AEE6CTaeFE%3E0%3E65%3AF%3ETbs%24%404%3A2%3D%7C2C%3C6E%3A%3F8U2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETar9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETau7C%3A6%3F5%5CH9%40%5CD6%3FE%5C%3D%3A%3F%3C%5CE%40%5Cg%5C%3E%3A%3FFE6%5CJ%40FEF36%5CG%3A56%40%5C%3EFDE%5C36%5C%60g%60hdfchff&srcurlD=0&aUrlD=0&ssl=https:&dfs=92&ddur=43&uid=1700709905134314&jsCallback=dvCallback_1700709905134521&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4951&tgjsver=4951&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&fwc=8&fcl=668&flt=0&fec=690&fcifrms=7&brh=2&dvp_epl=635&noc=4&nav_pltfrm=Win32&ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&btreg=6376910866138450082289&btadsrv=6376910866138450082289&adsrv=104&unit=360x430&seltag=1&sadv=4920965234&ord=3248573455&litm=6376910866&scrt=138450082289&splc=152253218&adu=22443057970&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&cb=1549196626&region=70dvtagver=6.1.src&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=24811230913.259853&ee_dp_sukv=24811230913.259853&dvp_tukv=69344116156.2697&ee_dp_tukv=69344116156.2697&dvp_tuid=744850388862&jurtd=1758274825
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 750f703467926e7956ba58e67bf0464f37a367265d3078a8e2bac08f76a94c8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Nov 2023 03:25:05 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/22/2023 03:25:05

GET dt
dt.adsafeprotected.com/ 0
0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9EC2 0
0 444ms
61ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5uf-yZoVfWQsUDj9vclJ0LMem1rZ8NwrinPo9NNDZlvfQdFrVPCWHpMjwJtIoRLywfGK9FEXBTdLuUCxL7xz0_RMNS1qhkwYHzkl7J0dPniCEKmuPPy3aKIBNS-dHB5JrPDVRRmgUHL5ysa7TP6hB3JemQr_VeMzsOA0s4ZnJlkzAozAtgvUFIGl3pFcHq2jthR26XJ01mpotbPZTa8Jab2Z94s1mRITOI7DDH_YRnT-NzDYaT1YkpTK-7E-NgyOKcS0yQkFEAImIf3v8GQ9mVYoHYcQo74ANeo1Ly3f-rIWAsb98JYYYJfpqiCfVpa62jlzC6ykKJVYbA1CzAvKBhQO_TvtIfZmebfEpLkxEUJbM&sai=AMfl-YSAT_qPWgdwYIONCrGSEB4sC_SpEdBo_FmUHCy_mftASRUDRx_TJzb0IQzZCBTnqs5wtwwMtZwgVbmgIpxyI4DoMxcDBrw29ptfVKjMqXkK1U1NTRtbChQ1cDWJhq_mOfXe9NFuHTM_u8TKkfr9nw&sig=Cg0ArKJSzMUAcybJE2IPEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Nov 2023 03:25:05 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ Frame C29A 0
0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 37D6 91 KB
23 KB 34ms
34ms Script
application/javascript 18.66.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-cf1706d-4a4114ab.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5454955
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: UbY4YXDhE_dK9yS29vUuEjAO7lTleatIvCB99MZkhYbG9FXtQFU4Hw==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 62ms
62ms Image
image/gif 18.203.29.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931294&campId=360x430&pubId=4920965234&chanId=22443057970&placementId=6376910866&pubCreative=138450082289&pubOrder=3248573455&cb=1549196626&adsafe_par&impId=&custom2=left_top&custom3=&custom4=&custom5=left_top-01&custom=Twitter&adsafe_url=https%3A%2F%2Fwww.theonion.com%2Ffriend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977%3Futm_content%3DMain%26utm_campaign%3DSF%26utm_source%3DTwitter%26utm_medium%3DSocialMarketing&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=f&adsafe_jsinfo=,id:79bbcc7a-9410-f93e-24a3-f5b63f172c4d,c:uLg4Zy,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-66f6d74bff-brt8d,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:2285.829.360.430,am:i,cc:2285.829.360.430,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:105,mot:0,app:0,maw:0,fm:tWoRrqE+11%7C12%7C131%7C132%7C133%7C14*.931294%7C141%7C142%7C15%7C16%7C17,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:112,oid:e4d80b2e-89af-11ee-bd7b-1ac150ca8c6b,v:19.8.461,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.29.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-29-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 03:25:05 GMT
server: nginx
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame C036 39 KB
15 KB 400ms
45ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:20:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Nov 2024 16:20:57 GMT

GET dt
dt.adsafeprotected.com/ 0
0

GET
H/1.1 204
No Content event.jpg
tps-dn-ew1.doubleverify.com/ Frame 49CB 0
116 B 130ms
31ms Image
text/plain 35.210.149.152

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps-dn-ew1.doubleverify.com/event.jpg?impid=5fd322b4fd26496585d15eccb398414e&consid=&api=1&rc=true
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.210.149.152 -, , ASN (),
Reverse DNS
Software: openresty/1.21.4.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 23 Nov 2023 03:25:05 GMT
Server: openresty/1.21.4.3

GET view
securepubads.g.doubleclick.net/pcs/ Frame 45D5 0
0

GET dt
dt.adsafeprotected.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~connatixLoader.b7fa188f5acdb8ee0da4.js

Domain: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/connatixLoader.38915cdaf549293bc9db.js

Domain: www.theonion.com
URL: https://www.theonion.com/api/magma/veritas/pid?cb=1700709902144

Domain: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/iframe-communication.d153faead67976190b53.js

Domain: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/next-video-loader.8a22cb6e301f78d7fe09.js

Domain: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/adEditorComponent~api-video-meta~curatedPageEditor~getShowBrowserData~in-article-selector~renderRela~7a3e1c31.142c3c06ee76db1d247f.js

Domain: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/api-video-meta.6751291f0698038be227.js

Domain: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendor~curatedHomepage~frontPage~modify-commerce-links~renderSlideshowBlockNode~searchPage~send-to-e~ecb5f117.72ef3192a5c3b1a8c2d5.js

Domain: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/modify-commerce-links.2cd3cf6901a344065b88.js

Domain: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/ad-manager-bulbs.c463ea05828bf41db59b.js

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=fb69b334-35e0-3ee0-b87b-1e4dbcae15cf&tv=%7Bc:uLg4Xn,pingTime:-8,time:581,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:581,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:579,wc:0.0.1600.1200,ac:1200.190.1600.350,am:i,cc:1200.190.1600.350,piv:25,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B28~25%5D,as:%5B28~1600.350%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tWoRrgU+11%7C12%7C13*.931294%7C131%7C132%7C141%7C142%7C15%7C16,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:580%7D&br=c

Domain: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com

Domain: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=fb69b334-35e0-3ee0-b87b-1e4dbcae15cf&tv=%7Bc:uLg4YZ,pingTime:-2,time:681,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:206,beZ:207,mfA:755,cmA:756,inA:756,inZ:761,prA:761,prZ:775,si:785,poA:787,poZ:806,cmZ:806,mfZ:806,loA:843,loZ:849,ltA:886,ltZ:886,mdA:208,mdZ:278%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:1600.350,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:25,vs:o,r:l,w:1600,h:350,t:579%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:681,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:579,wc:0.0.1600.1200,ac:1200.190.1600.350,am:i,cc:1200.190.1600.350,piv:25,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B128~25%5D,as:%5B128~1600.350%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tWoRrgU+11%7C12%7C13*.931294%7C131%7C132%7C141%7C142%7C15%7C16,idMap:13*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:580,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/article_0,google_ads_iframe_/4246/fmg.onion/article_0__container__,dfp-ad-1%5D,sinceFw:99,readyFired:true%7D&br=c

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=474679031944648&rc=

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=79bbcc7a-9410-f93e-24a3-f5b63f172c4d&tv=%7Bc:uLg4ZO,pingTime:-2,time:128,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:473,beZ:474,mfA:579,cmA:579,inA:579,inZ:581,prA:581,prZ:582,si:585,poA:586,poZ:594,cmZ:594,mfZ:594,loA:597,loZ:600,ltA:601,ltZ:601,mdA:474,mdZ:529%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:360.430,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:360,h:430,t:112%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:128,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:112,wc:0.0.1600.1200,ac:2285.829.360.430,am:i,cc:2285.829.360.430,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B22~0%5D,as:%5B22~360.430%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tWoRrqE+11%7C12%7C131%7C132%7C133%7C14*.931294%7C141%7C142%7C15%7C16%7C17,idMap:14*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:112,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/article_2,google_ads_iframe_/4246/fmg.onion/article_2__container__,dfp-ad-3,sidebar_wrapper%5D,sinceFw:16,readyFired:true%7D&br=c

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFFLMNe9jIoKaIOnTvnvtRi6djVd-pQMPfCo9tvSZWDIKXXR4-swF7f-wE05d8o7ZbqUxwYusCmT0AVR2xM0a-dagyTzOXj3KsvWXgAKl4mN0LNAxnKUcIThhOsxf2VWYOGbO58FdVpz0iA-VuklMFG9gdgg0lXmu9oSMKjkK_t8oVZ04146UttaeQlTIiqTAMSL9NZTPGKgAX-1DxjqORNBlwQuejJ08OFLO3Y9tWqqVVccJw8ZeyGEiuNnkozSjs7YiSJy2DFPF14PhVeI00jZiZQcq40BrDlDzVjB1-utGB3_hdcQ_O1GN-YgWq3eesRCoPflojV3_g8cb42Yr-qb5h4QaNdUqdDzjcuwe4UVJh&sai=AMfl-YT4zmW1KlgrE_LgLZe7KHbknuP_LmGuS4LpBBf2rXhMyTnJGQo_7Np10va_m5sK3vGiPy5-BuxpnaLTU8zwn1OFhTZIOi6c8KyUPluCiY2rH6PuseC80gY68RbO_LXHHY3OEjUMjraiMrFnTrqEbw&sig=Cg0ArKJSzPDxa8EXGvmhEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=fb69b334-35e0-3ee0-b87b-1e4dbcae15cf&tv=%7Bc:uLg53X,pingTime:-10,time:989,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700709905465%7C%7C3d80b7e458d34c151fb73d79dd936010%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C8bd6cddb2fdfe4f5eab72e1964f369d3%7C%7C048145a14c19c7f4d277acb2ae12ac8e%7C%7C869ac42fad6636efe97222d6e30e2bec%7C%7C028190f5cac8a783781db394399e4ae7%7C%7Ce4477691f09a9fe8481ba9e6df4a0cb5%7C%7C1663701684%7D

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/gomedia1-theonion/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_1862c27c13fb3cfaeffd629bfc977240_6775521e-fc51-4b3f-b666-ec13135d5a1f-tuctc584b8c_1700709900_1700709900_CNawjgYQ5LxeGPzE1tG_MSABKAEw3gE4oewNQK2fEEjx2NgDUP___________wFYAGAAaIuykKDJ7o7eLnAB
local.theonion.com/	1969-12-31 23:59:59	Name: geocc Value: UA
.theonion.com/	1970-01-21 01:10:45	Name: KinjaBucket Value: 0
local.theonion.com/	1970-01-20 16:25:10	Name: KinjaSetBucket Value: 0\|1700709900\|UC0/QA9YMKTZFumRoEtjQZzLrWyRyBbKY6jpU+T8ZzE=
www.theonion.com/	1969-12-31 23:59:59	Name: geocc Value: UA
kinja.com/	1970-01-20 16:35:14	Name: KinjaSession Value: 001ec3ef-4149-4ff0-af50-33ef25281bea
.kinja.com/	1970-01-21 01:10:45	Name: KinjaBucket Value: 0
kinja.com/	1970-01-20 16:25:10	Name: KinjaSetBucket Value: 0\|1700709900\|UC0/QA9YMKTZFumRoEtjQZzLrWyRyBbKY6jpU+T8ZzE=
www.theonion.com/	1970-01-20 16:25:11	Name: lux_uid Value: 170070990066416480
.taboola.com/	1970-01-21 01:10:45	Name: t_gid Value: 6775521e-fc51-4b3f-b666-ec13135d5a1f-tuctc584b8c
.taboola.com/	1970-01-21 01:10:45	Name: t_pt_gid Value: 6775521e-fc51-4b3f-b666-ec13135d5a1f-tuctc584b8c
.theonion.com/	1970-01-20 17:08:21	Name: _sharedID Value: b9701613-958f-40a5-b3fa-eb3f11d73cf5
.theonion.com/	1970-01-20 17:08:21	Name: _sharedID_cst Value: zix7LPQsHA%3D%3D
www.theonion.com/	1970-01-20 16:26:36	Name: pageDepth Value: 1
.theonion.com/	1970-01-20 16:26:36	Name: _gid Value: GA1.2.735446349.1700709902
.theonion.com/	1970-01-20 16:25:09	Name: _gat_unique Value: 1
.theonion.com/	1970-01-20 16:25:09	Name: _gat Value: 1
.adsrvr.org/	1970-01-21 01:12:12	Name: TDID Value: 6577bae3-2176-43bd-a2be-f608168f281a
www.theonion.com/	1969-12-31 23:59:59	Name: utm_source Value: Twitter
www.theonion.com/	1969-12-31 23:59:59	Name: utm_medium Value: SocialMarketing
www.theonion.com/	1969-12-31 23:59:59	Name: utm_campaign Value: SF
.doubleclick.net/	1970-01-21 01:46:45	Name: IDE Value: AHWqTUldanGkIdj6rJKTqOlQiOi9QwFwODTON5cFeSthda-aKlV1J63xtyH69qLCrU4
.liadm.com/	1970-01-21 02:01:09	Name: lidid Value: 5f448768-d455-4579-8afa-b2eea9a968d1
.theonion.com/	1970-01-21 02:01:09	Name: _ga_FBJXBGD4M8 Value: GS1.1.1700709902.1.0.1700709902.0.0.0
.kargo.com/	1970-01-21 01:10:45	Name: ktcid Value: 129ca18b-c0f1-0b98-1cda-a7c0bb3d4d9e
www.theonion.com/	1970-01-20 16:26:36	Name: _lr_geo_location Value: DE
.theonion.com/	1970-01-21 01:53:57	Name: _cb Value: aHPpgCXaUUDp5HS3
.theonion.com/	1970-01-21 01:53:57	Name: _chartbeat2 Value: .1700709903025.1700709903025.1.O36etCT9iIBILyxJPdG70BkpB3Y.1
.theonion.com/	1970-01-20 16:25:11	Name: _cb_svref Value: null
.rubiconproject.com/	1970-01-21 01:10:45	Name: khaos Value: LPAMRJR7-R-KQ1K
.rubiconproject.com/	1970-01-21 01:10:45	Name: audit Value: 1\|naVuGyos1qrxI/p8lRRIAOg1UwPS4UZKeo7VmusXymtLnFwH4Tb5feP/OqRauJ9KlgKZYWa3kTXMboWaW1ii7URRr0onifb0vsVAPbIH/+HjRCnHycYBAQ==
.adsrvr.org/	1970-01-21 01:12:12	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIjI6Ggrr3tTwQBRIWCgdydWJpY29uEgsI6LmGgrr3tTwQBRIVCgZjYXNhbGUSCwiwlYyGuve1PBAFGAUgAigBMgsIyviTrND3tTwQBUIbIhkIARIVChFDb29raWUgQWxsaWFuY2UgMxABWgc1enE5bm1rYAFyBmNhc2FsZQ..
.casalemedia.com/	1970-01-21 01:10:45	Name: CMID Value: ZV7GD4ebQhFT8OtiTmXY4wAA
.casalemedia.com/	1970-01-20 18:34:45	Name: CMPS Value: 2237
.casalemedia.com/	1970-01-20 18:34:45	Name: CMPRO Value: 2237
.theonion.com/	1970-01-21 01:46:45	Name: __gads Value: ID=308342fb8dee0c53:T=1700709903:RT=1700709903:S=ALNI_MY7fg1kdIUt9w8TcWHZaMFzYlqQUA
.theonion.com/	1970-01-21 01:46:45	Name: __gpi Value: UID=00000cd899f2dc2e:T=1700709903:RT=1700709903:S=ALNI_MZJoGLOKizCM83WpoaUJH2HIGMt2A
.theonion.com/	1970-01-21 02:01:09	Name: _ga Value: GA1.2.823093728.1700709902

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=GOMEDIA&sv_domain=www.theonion.com Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	warning	URL: https://www.theonion.com/friend-who-sent-link-to-8-minute-youtube-video-must-be-1819574977?utm_content=Main&utm_campaign=SF&utm_source=Twitter&utm_medium=SocialMarketing Message: The resource https://i.kinja-img.com/image/upload/c_fit,pg_1,q_60,w_1600/ywbbelwikhhgopxznzgf.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

47fde2a29987a334b32e5278273fac2d.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
api.btloader.com
api.rlcdn.com
ats.rlcdn.com
bidder.criteo.com
btloader.com
c.amazon-adsystem.com
cdn-magiclinks.trackonomics.net
cdn.doubleverify.com
cdn.speedcurve.com
cdn.taboola.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
direct.adsrvr.org
dsum-sec.casalemedia.com
dt.adsafeprotected.com
f.kinja-static.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
grid.bidswitch.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.kinja-img.com
ib.adnxs.com
id.sv.rkdms.com
idx.liadm.com
imasdk.googleapis.com
insight.adsrvr.org
js-sec.indexww.com
kinja-com.videoplayerhub.com
kinja.com
krk2.kargo.com
local.theonion.com
match.adsrvr.org
ml314.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.rubiconproject.com
pm-widget.taboola.com
region1.google-analytics.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
tagan.adlightning.com
tlx.3lift.com
tpc.googlesyndication.com
tps-dn-ew1.doubleverify.com
tps.doubleverify.com
trc.taboola.com
trib.al
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.theonion.com
x.kinja-static.com
dt.adsafeprotected.com
gum.criteo.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.criteo.net
www.theonion.com
x.kinja-static.com
104.18.36.155
104.18.38.76
104.26.2.70
104.26.8.50
108.138.1.25
13.32.119.77
13.32.121.49
13.32.99.59
130.211.23.194
130.211.44.5
142.250.181.225
142.250.184.238
142.250.185.106
142.250.185.130
142.250.185.164
142.250.185.194
142.250.185.195
142.250.185.65
142.250.186.104
142.250.186.106
142.250.186.130
142.250.186.162
142.250.186.35
143.204.98.16
151.101.1.44
151.101.130.166
151.101.193.44
151.101.2.217
172.217.16.198
172.67.41.60
178.250.1.3
178.250.1.8
18.203.29.182
18.245.60.72
18.245.64.124
18.66.112.27
18.66.147.50
184.30.211.26
185.64.189.112
185.89.210.141
193.108.153.19
213.19.162.43
216.239.32.36
3.125.101.88
3.211.170.3
3.33.220.150
3.65.240.35
3.76.107.155
34.117.77.79
34.120.133.55
35.210.149.152
35.71.131.137
44.207.42.96
52.223.6.21
54.152.130.91
54.217.228.107
54.80.172.124
64.233.167.154
69.173.144.139
99.86.4.128
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
036e16d4235b376cd7033577b54eadc9cd78c6e242b0193b5403205d8269fe71
0419d45bd6e6dbd769a766c5f7398e35a1e50f90abc45d55b837f31911362e43
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08fa7ff07736c62eb09f473459e4123d902f388debf370e10103f03ba3c61ec2
0b4bd8a10e3c42db650d2b1de8861c1356ab421d4329b9b4a04aeab88349e01c
0db05cb35bc26a53de40c12ede24b6d458d4decd5d38cdcc9975c237e9cef937
0ee729052c49b8104ebd6ec49249d6383a982afc8b1e08905f1f00ace536a62d
115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
13f97430ec64942f6a1afc5a4df87459029c17aa0d3083ad0bc13e76f16c0a4f
15f7234c23d7032b5a15fb9bc92c95803e77733efea46546dd78b19a632b7855
1a7155f6a397a5d40e9cee8736274ef11e80d1bfecedc5a69fe1c7c912e5a5ef
1ace9e08da91ddfaadf070b93307666c4bbdbe83b14c975d703bbe884ae90926
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c79b64610995dc9e6b2e2017c163093a018dd03cf8329e3a01b3ad0163cdbf0
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d2fdccbacfd03e106750cfeafdcebe87938291898b7a9d6a9e43e5d071f1933
1d923186391290904b3f4eb0006cdbca944b9c5d94a1917794012d9a4c1a0949
1f02bbb488437048485111d3ecdb1136fae1261e5ba9295f7cb08e6e81cee81a
1f5522837c25c6b7abce9c05d02d310d0533ccfa9f76afb9fe8452589176878d
21a51bfa6dcd95b688f195e3290e70e30ab422101b86b5194143fb1aa364068e
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
2344d02f9553821a1a2c157f178ea59766ca0a789ddfcf64d6cb5423ccece952
270f9ef779c1eec63161e63a842f95578aee0ede1b4e25559346ec71478612f8
278297cb907ff7c5eb8f8444423995c281bc5fa6cf01ac31f5357e1dc3c25d1a
290f1d3f706c2cec141d87c1676e876f26378fb1635c3e704753e3a13cfa61b4
2aafc3889b2ed0cdca5c90cd5369370bae84a7ca777e96fd082c7d4e9fc27ac6
2dc9ce6ff07aa809dfdfad4e380d74ba7df1bcace68085a8ef1ac8b4ee785bae
3158a62a353701d639f6613783a002ad5d51429634080717bf973e887b8685ce
32a4f630fcc22ae4d318d9d3a94ab47e165cb2026c21e58de13260c54d4eba74
33033de9b814f6768cbb1cd19d04ed013aef83db675159c7d880dc0cf3d6f435
353c493b7ff3cc76c99b3fb094406e6536a6623344919dfa1f0f175c3bd2916c
37c39ff96587d3bbf3ff13d7e2d3d19ae903f54d90f2052efde272b8a47d1489
3808183c4e2a5463ca4622d4802e1c5ff8d668870a096ac90f281b886d6e0111
4300454348aab742b1eff507c0bc32134b45a5d6aca003be799d9ff24af4a10d
4331bac2193cbde53c6e8bcd7f79ec503a4aec25a9eae47b557e4f118f5d2a9c
4382d9e0849ba6fdaf86d0a396112ab11aeaedbb8cee35bb4ea992d019df91f3
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4928e318e24ee71aea66837ef00ec4a702cb700147993ce527db8710222e16db
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4c8e3116a2a89e1f2aeb829f9f6f5a846a1af34238435f7c80dff700787a4d03
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4e2558431fa15502b287eaffaf838d80ecad4bfcd26ce1543bcb206ca98dcb83
4e26deffb409d54bad3ee0136cb720a41853e80674879efe763d44a80e079c2d
4edc4e8c804d59ff0dbb24ca8d4a6c9c4f25ed238e353426e6eaf7bcda88df3c
4f23c1742b2a5346c5da04a45869c021bf192d825daf6b768ebdb638a0a493eb
51d62eb6d89c9f6ed16b87ce68a3a41e613f5972048674b41a5441032a5596e8
546db554b9a7c8dab36a67ca582d98882c575957bd515a4bc1e00563bc0b46d2
556b62129d954b0d5b92c4f286ec0234774ac6d41353a3c84f8349fa94d88cf1
557f64e58e17972bffbe930e0534973a28d06da7e906ee34414a57d6cc245ccd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc
5d60c053b0001fc62bddd8d273be2d45bd62085f6179c57e1d2ae8fc6be54819
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6224cce178620222fec2ba1a6811a00b7be49ed37b82609de03054138cf1d840
622fb51880ca649d2bec903515a6ce45ceb17a8b146b38f1909f08cc96874c8f
63710710890c4cb490bcbb990c93396d49f05cff1a2f7206d5de257107939d6b
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
6728c7cdd72b60ef9f97212ccb48816eea9876cce24e41f00d19815372612395
684b4de220f2acb97bbd72a8d06ad77da72693f611a47ada428892ba3018c9d8
6851edc0fca6eb99fa5fa083c37055fb96b62567bcd4730305e755e4cc0ab82a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6d87c7ff3d2452025a212149a7dac507a9c36b0dcc9f851a52a29d2d87e8ba2b
716a6cf119da32ecf43145c76874a92daeaf13446312abef522f5e1d094fdc8e
742bdcd300d7076fe7fffd2a846e4a47944030dfea4eabb1a93daf236bdb4782
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74e65c1cec042026b15601dac60952454e555c6f2f7b8ed475c854227129a003
750f703467926e7956ba58e67bf0464f37a367265d3078a8e2bac08f76a94c8f
78061b1127990e3338eb0ff5ee53461fb891cba7a061f9d8ef40b9007097c6ea
7ab90e772e235797872f48fba1cec37c508993ce5d53de1540ddda1bceabef31
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
7ebb7985c2f23fdcbe1fad1337acf9194a8ead73b69664fd5e2a54346f8d30ed
816ba05962c7aef9f510c515335038608bc3bcc9c17869b573084c5c1e2c2564
83992d5da583494b56f97997360b7299e8d666022125e0910d44fb765a7a227b
8480be0ce1c29fe0ef5849cdd2af301b22f7b20c783ed987a7250717cf77d794
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8c40f530a22a982117388d12fd3d0cd3ef96762aed2cde710b086d6c34e7912d
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
964b51f0f69e81873789b020fabe29658d43bb3cd3d3568196b6a48e177b8ae3
987fe342842bc4545e33dddba53fc214b1b848407b78317538dcf573fa0dae82
9b3e7f6528c49730d8109c98014ee95a319a7d1d8a08cb6d4a268dd0918553c0
9f415e7fe835a3f7a109c97a300be83e41b0c880fd57914376c0b076b0b9eac3
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a34cf58c3b04bbd4f6592068a5e706da9fc5cd60d73c9ad56378b4b54754fb53
aa4a10fb18a7cf972ee266856700400200e09d0557441a4aed5adf6f1d4a94a0
aa5d358f6f6f121919bb293c3c01de8dccaa421eb7aa0ef0c28756fcad4865ac
ab6de8eec44f4e06e08799f338541cc03952d7e2522ffd3f3b113a2c1a01cd14
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b58135e4d0d328264b9783a8dc11b875c3f2204279c44c9b6d2bf3d7b967e198
c02f17375996f75704a24e5ae3865445899c1f0f321e760b90f28df721aa1183
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c27ff99516b3aa88b37e34a93308eb2345d6376e1f6d84a4b285567e7c57e160
c47e677440f4efdd47797b9bde0400163100ea387b2b8dbcb0e9d2c5e2f62a5a
c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948
ca0c978c9d8361a0509dad2dfac066d4a8968fc6a870bc893c4b5f40cff42419
caf4b166e94b9c939010f51318063e5c7103009e583a1fc87179ffcd824acbe5
cf192a93a0826875d80ff216dfea7b9b3490d74f2086d78a1da6c18d49ea2902
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf63e82bd1a86cf85c62989cc15541677669740180c62e7855e00a967f18ba06
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0ab01d6625b0bfeefdb912790a26aa0fb117deb0b70add3fc4b616a23981242
d3e6ff2649ac9a0611e35d957b3a5b693d0efb3a53c2ebe79e990f178a7e5768
d444c6857c7f163cc89eb91f9de7ccd7d038e8c2619d4d92d6d508ec285a1fe8
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da2086b575813b2305cccda2cd13e026bb10db9b0b8ad9a8052c154c2909c7b9
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dbcc0e48671e24477635ad90429f23e1dc948d3726b0a9487e79ce8e1a9112d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfee1bd52507e6079bb03907bc1e69549698bbbcd4b48ee20abffee59c3130fc
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e600bcf2ed8f86a2a1ed40e71039df73a9bbd9800fcac01d960f0a133521f660
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef92b320afbbfcf4a8281f42159d4bd3adaea17a61283ff364886d2ff02d6079
f1e50535cd96094998245d0149c8eaf14e51fcd01a9b1286936ef2754b282823
f3f0536bf37abd0a00fbb1a920cd8bbebf235e55e7d67684ebdf665321210451
f68244cfc79b881022d8b1ac4e96e27580d7c58d5e9cd9c74d9a4c5a15947b9f
f9b3f4197084bab71820a0b8a569778cac6ce5dd6075726af7de203b50d9b39f
fb746cec654e4e9e90271a1287bdfdf48afcb7d38f911be8000e45e21b126430
fe00702e6401e80739fb894ce02be75ebbcee8712342cbc37a7571affbfca3e7

www.theonion.com Open in urlscan Pro 151.101.130.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

184 Requests

89 %HTTPS

0 %IPv6

45 Domains

69 Subdomains

56 IPs

6 Countries

3041 kBTransfer

8642 kBSize

38 Cookies

18 Outgoing links

Page URL History

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theonion.com Open in urlscan Pro
151.101.130.166 Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

89 %
HTTPS

0 %
IPv6

45
Domains

69
Subdomains

56
IPs

6
Countries

3041 kB
Transfer

8642 kB
Size

38
Cookies

184 HTTP transactions
2 data transactions