www.theonion.com Open in urlscan Pro
151.101.66.166 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Submission: On September 04 via manual (September 4th 2023, 5:27:02 pm UTC) from IN — Scanned from DE

Summary HTTP 211 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 59 IPs in 9 countries across 44 domains to perform 211 HTTP transactions. The main IP is 151.101.66.166, located in United States and belongs to FASTLY, US. The main domain is www.theonion.com. The Cisco Umbrella rank of the primary domain is 125213.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q3 on August 2nd 2023. Valid for: a year.

This is the only time www.theonion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 59	151.101.66.166 151.101.66.166	54113 (FASTLY) (FASTLY)
11	151.101.130.166 151.101.130.166	54113 (FASTLY) (FASTLY)
2	18.66.112.34 18.66.112.34	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
6	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	18.66.147.50 18.66.147.50	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:c200:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	107.23.63.94 107.23.63.94	14618 (AMAZON-AES) (AMAZON-AES)
1	52.204.63.111 52.204.63.111	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	3.208.225.137 3.208.225.137	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.98.49 143.204.98.49	16509 (AMAZON-02) (AMAZON-02)
3	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:236... 2600:9000:236e:bc00:1d:8c8c:47c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
5	34.242.38.114 34.242.38.114	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
5	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	52.57.132.226 52.57.132.226	16509 (AMAZON-02) (AMAZON-02)
5	18.198.172.184 18.198.172.184	16509 (AMAZON-02) (AMAZON-02)
5	52.223.4.62 52.223.4.62	16509 (AMAZON-02) (AMAZON-02)
4	2602:803:c003... 2602:803:c003:200::45	26667 (RUBICONPR...) (RUBICONPROJECT)
5	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
5	18.239.83.101 18.239.83.101	16509 (AMAZON-02) (AMAZON-02)
5	52.59.77.223 52.59.77.223	16509 (AMAZON-02) (AMAZON-02)
4	104.18.39.155 104.18.39.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.32.99.59 13.32.99.59	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
2 4	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	18.66.122.67 18.66.122.67	16509 (AMAZON-02) (AMAZON-02)
1	18.239.36.19 18.239.36.19	16509 (AMAZON-02) (AMAZON-02)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	34.160.19.107 34.160.19.107	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
211	59

59 151.101.66.166 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.kinja-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kinja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.130.166 (United States)

ASN54113 (FASTLY, US)

f.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
no.kinja-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-34.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-50.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:932 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kinja-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:c200:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.63.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-63-94.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.63.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-63-111.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.225.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-225-137.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-49.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:bc00:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-magiclinks.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.242.38.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-38-114.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.132.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-132-226.eu-central-1.compute.amazonaws.com

krk2.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.198.172.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-172-184.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.4.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac9557e2e67bd8033.awsglobalaccelerator.com

direct.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.239.83.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-101.ams58.r.cloudfront.net

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.59.77.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-77-223.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::d (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4062671dbcaa9207b00213f6833c9d72.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-67.fra60.r.cloudfront.net

fr-actions.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.36.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-19.ams58.r.cloudfront.net

trx-hub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.19.107 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	theonion.com 1 redirects www.theonion.com — Cisco Umbrella Rank: 125213	545 KB
29	kinja-static.com f.kinja-static.com — Cisco Umbrella Rank: 30984 x.kinja-static.com — Cisco Umbrella Rank: 29987	669 KB
11	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 767 gum.criteo.com — Cisco Umbrella Rank: 426 mug.criteo.com — Cisco Umbrella Rank: 2631	15 KB
11	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 ad.doubleclick.net — Cisco Umbrella Rank: 173 stats.g.doubleclick.net — Cisco Umbrella Rank: 87 cm.g.doubleclick.net — Cisco Umbrella Rank: 237	159 KB
9	pubmatic.com 3 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 512 image8.pubmatic.com — Cisco Umbrella Rank: 653 image2.pubmatic.com — Cisco Umbrella Rank: 895	2 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 4062671dbcaa9207b00213f6833c9d72.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 150	55 KB
8	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 589 match.adsrvr.org — Cisco Umbrella Rank: 348 direct.adsrvr.org — Cisco Umbrella Rank: 3526	3 KB
8	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 327 aax.amazon-adsystem.com — Cisco Umbrella Rank: 404	67 KB
7	casalemedia.com as-sec.casalemedia.com Failed htlb.casalemedia.com — Cisco Umbrella Rank: 567 dsum.casalemedia.com — Cisco Umbrella Rank: 1377	4 KB
7	kinja-img.com i.kinja-img.com — Cisco Umbrella Rank: 24624 no.kinja-img.com — Cisco Umbrella Rank: 64525	66 KB
6	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 583 eb2.3lift.com — Cisco Umbrella Rank: 388	3 KB
6	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 919 pm-widget.taboola.com — Cisco Umbrella Rank: 3145	249 KB
5	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 2919	3 KB
5	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 239	3 KB
5	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 1078	2 KB
5	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 739	2 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2547	21 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 510	3 KB
4	kargo.com krk2.kargo.com — Cisco Umbrella Rank: 2994	2 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 897 api.btloader.com — Cisco Umbrella Rank: 1014	8 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 603	74 KB
3	google.com ampcid.google.com — Cisco Umbrella Rank: 2618 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	185 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2033	75 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 755 id5-sync.com — Cisco Umbrella Rank: 400	27 KB
2	trackonomics.net cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 6060 fr-actions.trackonomics.net — Cisco Umbrella Rank: 12342	28 KB
2	ml314.com ml314.com — Cisco Umbrella Rank: 1767	11 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1048	1 KB
2	google.de ampcid.google.de — Cisco Umbrella Rank: 70722 www.google.de — Cisco Umbrella Rank: 6457	777 B
2	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1043 ats.rlcdn.com — Cisco Umbrella Rank: 3550	78 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 488	354 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 165	3 KB
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1603	348 B
1	trx-hub.com trx-hub.com — Cisco Umbrella Rank: 6692	463 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1934	609 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	1 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1354	201 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	17 KB
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 2283	314 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 5443	168 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1548	15 KB
1	videoplayerhub.com 1 redirects kinja-com.videoplayerhub.com — Cisco Umbrella Rank: 35534	457 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 674	16 KB
1	kinja.com kinja.com — Cisco Umbrella Rank: 29374	1 KB
211	44

	Domain	Requested by
33	www.theonion.com	1 redirects www.theonion.com
21	x.kinja-static.com	www.theonion.com tagan.adlightning.com
8	f.kinja-static.com	www.theonion.com
7	securepubads.g.doubleclick.net	www.theonion.com tagan.adlightning.com securepubads.g.doubleclick.net
6	i.kinja-img.com	www.theonion.com
5	bidder.criteo.com	x.kinja-static.com
5	tlx.3lift.com	x.kinja-static.com
5	hb.yellowblue.io	x.kinja-static.com
5	ib.adnxs.com	x.kinja-static.com
5	direct.adsrvr.org	x.kinja-static.com
5	grid.bidswitch.net	x.kinja-static.com
5	hbopenbid.pubmatic.com	x.kinja-static.com
5	pixel.adsafeprotected.com	x.kinja-static.com
5	aax.amazon-adsystem.com	c.amazon-adsystem.com
5	pagead2.googlesyndication.com	imasdk.googleapis.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	gum.criteo.com	2 redirects tagan.adlightning.com
4	htlb.casalemedia.com	x.kinja-static.com
4	fastlane.rubiconproject.com	x.kinja-static.com
4	krk2.kargo.com	x.kinja-static.com
4	cdn.taboola.com	www.theonion.com cdn.taboola.com
3	image8.pubmatic.com	2 redirects
3	dsum.casalemedia.com	2 redirects
3	tpc.googlesyndication.com	tagan.adlightning.com
3	static.criteo.net	tagan.adlightning.com x.kinja-static.com static.criteo.net
3	api.btloader.com	kinja-com.videoplayerhub.com
3	c.amazon-adsystem.com	www.theonion.com c.amazon-adsystem.com
3	www.googletagmanager.com	www.theonion.com www.googletagmanager.com
3	tagan.adlightning.com	www.theonion.com tagan.adlightning.com
3	www.google-analytics.com	www.theonion.com www.google-analytics.com
2	mug.criteo.com
2	www.google.com	tagan.adlightning.com
2	region1.google-analytics.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	ml314.com	www.theonion.com ml314.com
2	ad-delivery.net
2	match.adsrvr.org	js-sec.indexww.com
2	imasdk.googleapis.com	www.theonion.com tagan.adlightning.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	sb.scorecardresearch.com	www.theonion.com
1	image2.pubmatic.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	dmp.brand-display.com	1 redirects
1	eb2.3lift.com
1	trx-hub.com
1	fr-actions.trackonomics.net	cdn-magiclinks.trackonomics.net
1	4062671dbcaa9207b00213f6833c9d72.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de
1	id5-sync.com	cdn.id5-sync.com
1	geo.privacymanager.io	ats.rlcdn.com
1	cdn.id5-sync.com	tagan.adlightning.com
1	cdn.jsdelivr.net	tagan.adlightning.com
1	cdn-magiclinks.trackonomics.net	tagan.adlightning.com
1	ad.doubleclick.net
1	ats.rlcdn.com	tagan.adlightning.com
1	ping.chartbeat.net
1	s0.2mdn.net	imasdk.googleapis.com
1	ampcid.google.de	www.google-analytics.com
1	idx.liadm.com	js-sec.indexww.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	insight.adsrvr.org
1	static.chartbeat.com	tagan.adlightning.com
1	btloader.com
1	kinja-com.videoplayerhub.com	1 redirects
1	ampcid.google.com	www.google-analytics.com
1	js-sec.indexww.com	www.theonion.com
1	kinja.com	www.theonion.com
1	no.kinja-img.com	www.theonion.com
0	as-sec.casalemedia.com Failed	js-sec.indexww.com
211	69

This site contains links to these domains. Also see Links.

Domain
theonion.com
avclub.com
deadspin.com
gizmodo.com
jalopnik.com
jezebel.com
kotaku.com
qz.com
theroot.com
thetakeout.com
theinventory.com
store.theonion.com
facebook.com
twitter.com
www.reddit.com

Subject Issuer	Validity	Valid
*.avclub.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-02` - `2024-09-02`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-06` - `2023-10-05`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
securedvisit.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-08-11` - `2023-11-09`	3 months	crt.sh
ml314.com GTS CA 1D4	`2023-08-05` - `2023-11-03`	3 months	crt.sh
*.trackonomics.net Sectigo RSA Domain Validation Secure Server CA	`2022-12-01` - `2023-12-01`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.dev.kargo.com Amazon RSA 2048 M01	`2023-02-13` - `2024-03-12`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.yellowblue.io Amazon RSA 2048 M01	`2023-03-24` - `2024-04-21`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.trx-hub.com Amazon RSA 2048 M02	`2023-01-21` - `2024-02-19`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Frame ID: DE1E002257C175D2BB4C989D20929FDB
Requests: 200 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Frame ID: 69083862170D93628269C302E7C85632
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 18A94AFD39E28A0B2F59F44A4E132C0F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theonion.com
Frame ID: 7DE4AC9FE40537748AFAAE41934E9F83
Requests: 2 HTTP requests in this frame

Frame: https://4062671dbcaa9207b00213f6833c9d72.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F7E30399FAC098D1DB87C32A54A469F9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D57A562181EECBE454F4BCFF91F34ACD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F948300F4C167D68B4C831B045CDDC3C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com
Frame ID: 6C255998434B623890626F1E4D6B4CDC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Local - America's Finest News Source | The Onion

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

211
Requests

97 %
HTTPS

40 %
IPv6

44
Domains

69
Subdomains

59
IPs

9
Countries

2766 kB
Transfer

8944 kB
Size

42
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://theonion.com/
Title: The Onion

Search URL Search Domain Scan URL

URL: https://avclub.com/
Title: The A.V. Club

Search URL Search Domain Scan URL

URL: https://deadspin.com/
Title: Deadspin

Search URL Search Domain Scan URL

URL: https://gizmodo.com/
Title: Gizmodo

Search URL Search Domain Scan URL

URL: https://jalopnik.com/
Title: Jalopnik

Search URL Search Domain Scan URL

URL: https://jezebel.com/
Title: Jezebel

Search URL Search Domain Scan URL

URL: https://kotaku.com/
Title: Kotaku

Search URL Search Domain Scan URL

URL: https://qz.com/
Title: Quartz

Search URL Search Domain Scan URL

URL: https://theroot.com/
Title: The Root

Search URL Search Domain Scan URL

URL: https://thetakeout.com/
Title: The Takeout

Search URL Search Domain Scan URL

URL: https://theinventory.com/
Title: The Inventory

Search URL Search Domain Scan URL

URL: https://store.theonion.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer.php?u=https%3A%2F%2Fwww.theonion.com%2Fconservationists-confirm-only-remaining-species-are-hum-1850791815%3Futm_medium%3Dsharefromsite%26utm_source%3Dfacebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.theonion.com%2Fconservationists-confirm-only-remaining-species-are-hum-1850791815%3Futm_medium%3Dsharefromsite%26utm_source%3Dtwitter&text=Conservationists%20Confirm%20Only%20Remaining%20Species%20Are%20Humans%2C%20Pigeons%2C%20Dandelions
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fwww.theonion.com%2Fconservationists-confirm-only-remaining-species-are-hum-1850791815%3Futm_medium%3Dsharefromsite%26utm_source%3Dreddit&title=Conservationists%20Confirm%20Only%20Remaining%20Species%20Are%20Humans%2C%20Pigeons%2C%20Dandelions
Title: Reddit

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://www.theonion.com/undefined HTTP 301
https://www.theonion.com/

Request Chain 78

https://kinja-com.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=kinja-com&upapi=true

Request Chain 175

https://gum.criteo.com/sid/json?origin=publishertagids&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=YJYvOXxqMi9PVlRUMnRvS0pFWGd5SnFPWnJFeWxVbGhNMDdiTzNheUEwc05yRThjOU9qUTh5cUtHLzI2Zmc2S284djJJRmtPUnpFdUZTdmdvV016b2tobHN1dkF3KytQbkpFUWZLa2JITUFPQmlaVStnTmxsYXd3SVp2UStSUnB3Rld2RkpDT2NNTlNleG4yY3N4L3V0bzB5d1ZhYWJVcWZKTWUyenpIclBlV2gyaE9VR2ptTjNZU3BOM3haSHU3NUtZQU54RFFRRkE3cnRNT3Q3WldkeUluNEFPVUZGclUzZ0hJaVFiZlphOXBGbW5IWUVUcGI4TUF4bEt5Yk9BTjF0Q3lrZEZZZHZqeXcwM3VWQXFQanVNeGhqRkVLMi91aGptZXZEUE5pRUdrZVNxMD18&cppv=2

Request Chain 203

https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=3&topUrl=www.theonion.com&bundle=37WENF9PQzFiMHpJenBrQXclMkZPdXRBdHdFRWRGRm5HZ045RTlGak9kMWhMJTJGbnE2S0NtN0JER0VTWHB0bDJ6ZG5uajNLbHJLVEF3R1c3TXpEVkhsNWVpSWt1cDFVQTFNVGVwbUxUUjl6MmZoc2loejVIWWxTMlNpalNKSVh2OGhLSXhTeGR0eHNYeU9uWDBKNWYlMkZtclU0Tlp2SkElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=V85CdXxOTEtGZS8yOTBFd1hUM0NsVVh6cHdVQmxaelVwQ2ptYjJ5NzM5Q0xmK3UrR2FCVnVlR2Iwa09qQzA0OVdmNUUvVkl2ZnhhVW1uaDdsMlBlTkxGWENrVVY5ZG1ETnNwWk1yVVJqeHRhZk5QdW54bWxOaWxDcnNNS1JNMytHa1YyMzhwYllmTERxeE9xNmk5bXpHVFdMWlFVNW4rQkpjN2lvQjM0ZW0xRllUTVhTMkpndGJUVEF0UFF2MEhQMGl4bFF3L3puMjI1TFIwNm9HODg3Rkdiby9rTmFSbyt5N2lrTk1LVHllL3B1NmZTTTVUQUw2TU95YXppNFFqcWdFVEo4bk53ZGZjeG1mYzNHQjJDMmQrSjl3OHM4VTZaOXVsREpBQ2xRcC9QMHRVQT18&cppv=2

Request Chain 208

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727136&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727136&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=0 HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=d09e0eb7-2700-cd11-ef1cc022

Request Chain 209

https://image8.pubmatic.com/AdServer/ImgSync?p=161204 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=161204&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REM1QUVDODktRkQ3Qy00NTY2LTg1MUItRjQ4OTE4Qzg0MkYz&gdpr=-1&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

211 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request local Show response
www.theonion.com/ 369 KB
66 KB 80ms
9ms Document
text/html 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

e883fb97a3770315c1644cbf1e40a5dfbf1372a5fa97162cb8054c3ec20824ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 189
cache-control: stale-if-error=86400, stale-while-revalidate=300
content-encoding: gzip
content-length: 66109
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Mon, 04 Sep 2023 17:26:54 GMT
etag: W/"5c3aa-Q2edWEcTXDD0OoWbzNFNm99a0zk"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Authorization
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 1, 1
x-cdn-fetch: mantle-default
x-content-type-options: nosniff
x-googlenews-bot: false
x-kinja: kinja-magma-kube01-754b8dc94f-qcpbz #4380
x-kinja-build: 4380
x-kinja-gdpr: true
x-kinja-revision: d21cfe35e8c22f2343bf250108252e0f9a505d82
x-kinja-server: kinja-magma-kube01-754b8dc94f-qcpbz
x-kinja-superheroloaded: true
x-powered-by: Express
x-served-by: cache-iad-kjyo7100038-IAD, cache-iad-kjyo7100038-IAD, cache-fra-eddf8230137-FRA
x-timer: S1693848415.526124,VS0,VE1
x-ua-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 roboto_condensed_ext_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 22 KB
22 KB 80ms
15ms Font
binary/octet-stream 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_reg-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cf63e82bd1a86cf85c62989cc15541677669740180c62e7855e00a967f18ba06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:54 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: PVPPC4SDSFZ9Z99H
age: 54
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 22464
x-amz-id-2: Hx/RPIpFFko3mr9jUmDkxMGT6No1bgMdgGUd+3weufOar/XbsOF7K+QJrNjbxlCb3eU+6HXE0vU=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Thu, 10 Aug 2023 17:07:53 GMT
server: AmazonS3
x-timer: S1693848415.610125,VS0,VE1
etag: "07a9822d47ff9a6f495d0f1c04d185c8"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 roboto_condensed_ext_reg_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 24 KB
24 KB 87ms
23ms Font
binary/octet-stream 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_reg_it-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6d87c7ff3d2452025a212149a7dac507a9c36b0dcc9f851a52a29d2d87e8ba2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:54 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: CM96Q2NX7V1BF0ZA
age: 73
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 24548
x-amz-id-2: fG76nOznQEIrsEVA8J3axjmikpWT1Ur3jiPDa7uA9fX4kE7+Qa/iya+bQmHn9YwEcCdksZvbmKcwvi5HfJUCAQ==
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Thu, 10 Aug 2023 17:07:53 GMT
server: AmazonS3
x-timer: S1693848415.610511,VS0,VE2
etag: "f8702959a16d4d4310dc4090c484eaf0"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 roboto_condensed_ext_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 22 KB
22 KB 77ms
12ms Font
binary/octet-stream 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_bold-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aa4a10fb18a7cf972ee266856700400200e09d0557441a4aed5adf6f1d4a94a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:54 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: CJZQVA13NN3Y99E2
age: 1
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 22308
x-amz-id-2: hexRpamrjyqT3FJPAAPIkGd7OYcOTa4NVwn55qif2Ifbn3pW/oAM68vuNy6z/j6T3T75b0q4Rfg=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Thu, 10 Aug 2023 17:07:51 GMT
server: AmazonS3
x-timer: S1693848415.609005,VS0,VE2
etag: "5b89baa90ed9f475cc75193a4873c51a"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 roboto_condensed_ext_bold_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 24 KB
24 KB 85ms
20ms Font
binary/octet-stream 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_bold_it-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32a4f630fcc22ae4d318d9d3a94ab47e165cb2026c21e58de13260c54d4eba74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:54 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 1Z5NXDAYYHYJSPHW
age: 30
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 24352
x-amz-id-2: RXiMtQ7WXXXvt93ENNzQPSgX14dVuy205Up73krOUwXJwPZGGw92i2R33h1ncSTe7zPLlZ7orxI=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Thu, 10 Aug 2023 17:07:50 GMT
server: AmazonS3
x-timer: S1693848415.610512,VS0,VE2
etag: "3ea5bce10a12f4f87d3ca8e37e94fb83"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 18 KB
18 KB 90ms
26ms Font
binary/octet-stream 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:54 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: H4VGHZ0SGW59WW48
age: 64
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17984
x-amz-id-2: 4NXjHFnzB9Aur8IiEAdWbJs3pbtNcxQNRB0Ahl30HF3XljJ1wSKbHWq3ADz2bapOCv85mkaNhYG6S7aHedWco186HDDP3fdr
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Mon, 28 Aug 2023 20:26:35 GMT
server: AmazonS3
x-timer: S1693848415.610488,VS0,VE3
etag: "0518781cd45a71291d17ea1febfcc5fe"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 49ms
7ms Script
application/javascript 18.66.112.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-34.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 04:04:12 GMT
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 48163
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: I8HLRzm8O79Xz7Q-pttT1rkHpI8sWcCBRl0-bYy_dEoobXa4H8ObXg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
5ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 15:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5831
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Sep 2023 17:49:43 GMT

GET
H2 200 5eeb94f88f6d33dba071955e1b994805.png
i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,g_center,pg_1,q_60,w_1600/ 9 KB
10 KB 49ms
19ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,g_center,pg_1,q_60,w_1600/5eeb94f88f6d33dba071955e1b994805.png
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec1f4a4013a7f72fa41f340a47b1a2d9ec3ae976460d1121c0d7c951aba9b0b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: lcJGfIz8zJvUCF75IF4Ig7MrGAKPb4CS
via: 1.1 varnish, 1.1 varnish
date: Mon, 04 Sep 2023 17:26:54 GMT
x-amz-request-id: 3P3PX7JA488SFBZ9
age: 1229168
x-cache: HIT, HIT
fastly-io-info: ifsz=38766 idim=3840x1000 ifmt=png ofsz=9614 odim=1600x417 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 9614
x-amz-id-2: xGbYlk9shgix18xkVl6a1N3CBWMjgcJJxziVbaFMqRpQ7VLjN8dgBx40MW8/U4TxjtqmRVboWdM=
x-served-by: cache-iad-kjyo7100124-IAD, cache-fra-eddf8230137-FRA
server: AmazonS3
x-timer: S1693848415.610035,VS0,VE8
x-kinja-qs: auto=webp&enable=upscale&format=png&frame=1&quality=60&width=1600
etag: "yz8G1vh62MFPOSHv+8mAzLjtFGXkSyY81Jl9Quh8YeE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 54, 1

GET
H2 200 142639354b54d17c06bd2602f385818f.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,q_60,w_645/ 22 KB
23 KB 39ms
9ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,q_60,w_645/142639354b54d17c06bd2602f385818f.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28fc2565ccd03e07db41fa3f113793bc8f2553fb41e1844cf005507491e42a54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: fD4rKNCHSzkCQzDzTKmwseM4s6pGaDd1
via: 1.1 varnish, 1.1 varnish
date: Mon, 04 Sep 2023 17:26:54 GMT
x-amz-request-id: S3X7W5H4GGK7CDY1
age: 262539
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=429677 idim=2000x1516 ifmt=jpeg ofsz=22614 odim=645x362 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 22614
x-amz-id-2: /Qwh3XXn8sEtOp5FjW2U/oQWeAvNucRPnaH0yu7Tj/veq878hDkFssZNDDuo14iBm5+X81ShyCo=
x-served-by: cache-iad-kjyo7100062-IAD, cache-fra-eddf8230137-FRA
server: AmazonS3
x-timer: S1693848415.610748,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=362&quality=60&width=645
etag: "AAKSZcQvjFCNr6CEh7pmvx9y+zIHyc9/zXoIPvyFBL4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 32, 1

GET
H2 200 9ab197e25e2c5287786537f2818f8cb4.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 11 KB
12 KB 39ms
8ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/9ab197e25e2c5287786537f2818f8cb4.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7b3f8231add9120f5c34eb41672bbf8c10b4e5d5f5c82f9ffed5d070e544917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: JD3PjbeWseXLdNLFGKtQDjROnCJOeMAr
via: 1.1 varnish, 1.1 varnish
date: Mon, 04 Sep 2023 17:26:54 GMT
x-amz-request-id: MW0EK4TJNCF7WC1S
age: 329770
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=399725 idim=2000x1125 ifmt=jpeg ofsz=11738 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 11738
x-amz-id-2: WSgN7rNYzxNipuB3mcEQ4Vzb390c3wixY6ArUYw6NkR37A/Rn7jlIYe6++0ZI9hKcSP8p+U5164=
x-served-by: cache-iad-kiad7000105-IAD, cache-fra-eddf8230137-FRA
server: AmazonS3
x-timer: S1693848415.610076,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "88H1v1KECEif8o5/w9xcMX035GxuxZad2i0dZXX5YJw"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 23, 1

GET
H2 200 3c4e4aa319e7e9be85948666c44b453e.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 4 KB
5 KB 49ms
19ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/3c4e4aa319e7e9be85948666c44b453e.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7db302f15e521723cb38638ef858a80128a9ab6d480dbb69003b6c3ff0f2f4ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: FuVbmTRu.nG3o0CK1BWipGEbN54sRfve
via: 1.1 varnish, 1.1 varnish
date: Mon, 04 Sep 2023 17:26:54 GMT
x-amz-request-id: NR0Z1SBKNNDVR3Z8
age: 362688
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=327332 idim=2000x1125 ifmt=jpeg ofsz=4216 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 4216
x-amz-id-2: BVS2rZ1UypjwwVg4V3jngNvJeJhmR6QPO+SwZX1stUa3n0dEvaNThecSenvmaNU4+KtCN93DHYk=
x-served-by: cache-iad-kiad7000060-IAD, cache-fra-eddf8230137-FRA
server: AmazonS3
x-timer: S1693848415.610735,VS0,VE4
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "QCryT7sTfpShm6pys0K8e82qN8nPpfLnUazd+/lzPss"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 39, 1

GET
H2 200 1e760d6671951f264bef4e6af9d87f5a.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 7 KB
7 KB 49ms
20ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/1e760d6671951f264bef4e6af9d87f5a.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62a73c7e2e1fdb6a1aa248ee414de734fc1c78fb36522e9c40a5bc2f1b84cca7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: MU.m7fmRbV7DxNQ.3CNrDyOvVOBmP3i7
via: 1.1 varnish, 1.1 varnish
date: Mon, 04 Sep 2023 17:26:54 GMT
x-amz-request-id: DGXACGAB09R1AAPC
age: 418431
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=2430348 idim=2000x1125 ifmt=jpeg ofsz=6824 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 6824
x-amz-id-2: GL6usuWkBHswhMXE0uOnhzrqAdPDEcskm0t6GNXfKx7zsBC30MDFGRkItXAD51pi3pwIcFIXCho=
x-served-by: cache-iad-kcgs7200028-IAD, cache-fra-eddf8230137-FRA
server: AmazonS3
x-timer: S1693848415.610081,VS0,VE4
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "4B+XrFPvaGujgORhemCutqm5uvNOIJYsclpgTYqKeog"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 37, 1

GET
H2 200 3edd794fc954c3f0d96af26a1cf1715b.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 9 KB
10 KB 44ms
14ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/3edd794fc954c3f0d96af26a1cf1715b.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10d1a838380aaec261e6b61732df157e9753ef8b2a145307efbee2ebb4a26f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: XZMeQrUcSo8uJsboVja.yeY5g7EwuMZL
via: 1.1 varnish, 1.1 varnish
date: Mon, 04 Sep 2023 17:26:54 GMT
x-amz-request-id: PH61VBGQ0BE8AGBF
age: 422184
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=2292950 idim=2000x1516 ifmt=jpeg ofsz=9256 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 9256
x-amz-id-2: MWnttvaGqxSKr1WShCsAWEgtDbl8HlpouaBpDXDB5uX5xcPbuHjMjaIqBXY6wy90HccpLqXOx3gaToZSkZjSXPjp8uueLNtnRiEgPWo1O+k=
x-served-by: cache-iad-kiad7000049-IAD, cache-fra-eddf8230137-FRA
server: AmazonS3
x-timer: S1693848415.610763,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "7IonNA2zQbHXlrDNHtv37hfBxytNDwlgd+/jgcjBYSY"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 6, 1

GET
H2 200 197xrjaz7466rpng.png
no.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_542,pg_1,q_60,w_965/ 62 B
695 B 36ms
8ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://no.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_542,pg_1,q_60,w_965/197xrjaz7466rpng.png
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03373eb90a89218f4d4c5073bd27f4e574a372a8e3ef50169d264d0f7288d0f9

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: original
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Mon, 04 Sep 2023 17:26:54 GMT
x-amz-request-id: 1W8SZSKQVFGBEHY7
age: 2072675
x-amz-meta-cld-version: 1388776355
x-cache: HIT, HIT
fastly-io-info: ifsz=95 idim=1x1 ifmt=png ofsz=62 odim=965x542 ofmt=webp
fastly-stats: io=1
content-length: 62
x-amz-id-2: Lwuh7R2XA3Y6KdC1L7pa7NSgo1JmQAWeDte3+wzZ5UCAGiM/OKI1MatK3oYiUdrrpHpklqYcFEY=
x-served-by: cache-iad-kjyo7100146-IAD, cache-fra-eddf8230041-FRA
server: AmazonS3
x-timer: S1693848415.608995,VS0,VE0
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=542&quality=60&width=965
etag: "10mOKoIdfi0D0hsFJZtxG1IX+NZ3/lkuAr8tncLMAH0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 15105, 3

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~1a7700aa.e1cabbc1d3ae99833f4a.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 7 KB
3 KB 11ms
10ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~1a7700aa.e1cabbc1d3ae99833f4a.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

557f64e58e17972bffbe930e0534973a28d06da7e906ee34414a57d6cc245ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: MGX1Q4A954XMPQ4Y
age: 1692903
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2561
x-amz-id-2: tf7yoSn1+TSJvI092X7z5qMnG+rpGzZpqMK2tWicEKdSw3wuEyMuvBIeqoTa/9tgj5JDtl2oUPg=
x-served-by: cache-fra-etou8220087-FRA, cache-fra-eddf8230137-FRA
last-modified: Tue, 15 Aug 2023 06:30:02 GMT
server: AmazonS3
x-timer: S1693848415.588690,VS0,VE1
etag: "840e74d9ff2cecb97ccd917764a05236"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 runtime~taboolaLoader.683b559fe2d66b7544b6.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
2 KB 14ms
13ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~taboolaLoader.683b559fe2d66b7544b6.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d3e6ff2649ac9a0611e35d957b3a5b693d0efb3a53c2ebe79e990f178a7e5768

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: QMYAKDM5CGMN64A1
age: 1105193
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1220
x-amz-id-2: QBMtxqXoANM17johXgae6D8knGd/95Qt8EkZZXMjGvUi7T7eBJaVzHA0zJJuEOwrHHqfEtkE0h8=
x-served-by: cache-fra-etou8220034-FRA, cache-fra-eddf8230137-FRA
last-modified: Tue, 22 Aug 2023 18:17:59 GMT
server: AmazonS3
x-timer: S1693848415.590354,VS0,VE2
etag: "831d5c285111156a63ab4d5bd231daac"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 taboolaLoader.b581c41784964ed7f154.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 17 KB
5 KB 12ms
12ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/taboolaLoader.b581c41784964ed7f154.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

72bdedc9235a631a54746266f91519c028e486cd6383972881ea60be96eaa079

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: ETVWK7T5EG59PWTC
age: 462145
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 5182
x-amz-id-2: hAeM/jF5chYPlOBqkOxtibbLDqzo5Zx0Y3AekhoTSZGUiV2R3jLwpHoXHsh0UJm5VcxTC2Pbfpw=
x-served-by: cache-fra-eddf8230029-FRA, cache-fra-eddf8230137-FRA
last-modified: Wed, 30 Aug 2023 08:58:16 GMT
server: AmazonS3
x-timer: S1693848415.589423,VS0,VE1
etag: "2d4c44f67040e4b3c10e3fa6d74c3eab"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 runtime~videoMediaQuerySupport.87053d08d5634a107c35.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 11ms
11ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoMediaQuerySupport.87053d08d5634a107c35.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: VASXW9WQGWW8DSX7
age: 1616111
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 774
x-amz-id-2: 1fmCv5w0mRvCmNIjRcz4EdHZG4wG5/XkUKAU4ahFijzubJ4VP0I+ZO4weR/OSG0PYcFbimVVv/x0DR182Ol7sHFMDmgilBc1XycgH71rDTk=
x-served-by: cache-fra-eddf8230123-FRA, cache-fra-eddf8230137-FRA
last-modified: Wed, 16 Aug 2023 17:32:40 GMT
server: AmazonS3
x-timer: S1693848415.589359,VS0,VE1
etag: "df042ee2742c71b59300a1b35069e3aa"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0, 1

GET
H2 200 videoMediaQuerySupport.b68e2424feab32dd0c91.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 1 KB
1 KB 13ms
12ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/videoMediaQuerySupport.b68e2424feab32dd0c91.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: MB48THST2A03NK7J
age: 482283
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 683
x-amz-id-2: 95ANGL/KXG3Ih+CkX1b5LMFCmMsCCQEY/rXn6WqwkJ4czHGotJ4Ghegi+oGMKyGHqzUnZMLvQM8=
x-served-by: cache-fra-etou8220112-FRA, cache-fra-eddf8230137-FRA
last-modified: Tue, 29 Aug 2023 20:51:58 GMT
server: AmazonS3
x-timer: S1693848415.589402,VS0,VE2
etag: "cd8a0c9965106e2f8e59fd060ddad4f1"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 accountwithtoken Show response
kinja.com/api/profile/ 243 B
1 KB 128ms
114ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja.com/api/profile/accountwithtoken?jsonp=_fasttoken&newFollows=true

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d9fe79da6ea809e4b3441aad4803831ca669e7d9f6b6a95f483e7cca5cbb70dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 17:26:54 GMT
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-kinja-gdpr: true
x-cache: MISS, MISS, MISS
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja-continent: EU
x-cdn-fetch: mantle-setcookie
content-length: 223
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100125-IAD, cache-iad-kjyo7100125-IAD, cache-fra-eddf8230137-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1693848415.605796,VS0,VE103
x-frame-options: DENY
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-kinja-country: DE
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2

200

/
www.theonion.com/
Redirect Chain

https://www.theonion.com/undefined
https://www.theonion.com/

204 KB
204 KB

11ms
11ms

Image
text/html

151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theonion.com/

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-kinja-revision: d21cfe35e8c22f2343bf250108252e0f9a505d82
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
content-encoding: gzip
date: Mon, 04 Sep 2023 17:26:54 GMT
age: 69
x-kinja-build: 4380
x-powered-by: Express
x-cache: MISS, HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube03-9db8bf949-4ftnt #4380
x-kinja-gdpr: true
x-cdn-fetch: mantle-default
content-length: 65860
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kiad7000116-IAD, cache-fra-eddf8230137-FRA
x-googlenews-bot: false
x-timer: S1693848415.735740,VS0,VE2
etag: W/"65877-wx3ijLb2sLxJ/5adJ2wm73NgDhU"
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Authorization
content-type: text/html; charset=utf-8
cache-control: stale-if-error=86400, stale-while-revalidate=300
accept-ranges: bytes
x-kinja-server: kinja-magma-kube03-9db8bf949-4ftnt
x-cache-hits: 0, 5, 1

Redirect headers

x-kinja-revision: d21cfe35e8c22f2343bf250108252e0f9a505d82
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
date: Mon, 04 Sep 2023 17:26:54 GMT
age: 38
x-kinja-build: 4380
x-powered-by: Express
x-cache: MISS, HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube01-754b8dc94f-t97lw #4380
x-kinja-gdpr: true
x-cdn-fetch: mantle-default
content-length: 35
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000128-IAD, cache-iad-kiad7000150-IAD, cache-fra-eddf8230137-FRA
x-googlenews-bot: false
x-timer: S1693848415.713494,VS0,VE1
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Accept, Authorization
content-type: text/plain; charset=utf-8
location: /
cache-control: stale-if-error=86400, stale-while-revalidate=300
accept-ranges: bytes
x-kinja-server: kinja-magma-kube01-754b8dc94f-t97lw
x-cache-hits: 0, 1, 1

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 9ms
8ms Image
text/plain 18.66.112.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6770184&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1693848414707&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&c8=Local%20-%20America%27s%20Finest%20News%20Source%20%7C%20The%20Onion&c9=
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-34.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:54 GMT
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: ygJFqtKaPAjzj_4Tdv-CHF0-zlWOpOpm3fVUFwFuWgYqQliyRAZyxQ==
x-cache: Miss from cloudfront

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/gomedia1-network/ 168 KB
46 KB 46ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0efb5308b665e0b6f79564ca65cdbb3c5ebe5f7086a91d0d97bb1853a4292f70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: hrlslENlhtHlDYhNAd5yiqabsGoq_BYS
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 17:26:54 GMT
x-amz-request-id: H6PBKGW9V52GYA7D
age: 6100
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 6
x-amz-replication-status: FAILED
content-length: 46227
x-amz-id-2: /WvcP3fdH3p7yqX04kxmlN6TEHdWtXqzVuXg6gylvcw/Uruax9qfHljexqz4kchwgF1KLTz70AU=
x-served-by: cache-fra-eddf8230035-FRA
last-modified: Mon, 04 Sep 2023 14:30:09 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693848415.771063,VS0,VE2
etag: "ad13a7618de80a82f8cb56a99d300b2102348de0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 5
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
79 B 7ms
7ms Image
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=em-vis-research-1_ctrl
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230035-FRA
date: Mon, 04 Sep 2023 17:26:54 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1693848415.791394,VS0,VE0
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 load.js Show response
pm-widget.taboola.com/gomedia1-network/ 3 KB
1 KB 9ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/gomedia1-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74ef785634aca91e662fa91304a7c2ea3c774bdcb21c47a4fa123f2ad7e05f52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: LlEZ49Hx2iqKyyjbc__Fx6nTe2AyTw8x
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 04 Sep 2023 17:26:54 GMT
x-amz-request-id: 71T0SB4H9JW12QDT
age: 3333
x-cache: HIT, HIT
content-length: 1099
x-amz-id-2: ppyoYuEYwdvkAlEZW2lItjSVWGwG1Ybq4KajiAtxPRWOIULMydgg50N+FndQATQWxejdVAS5e3w=
x-served-by: cache-sjc1000084-SJC, cache-fra-eddf8230035-FRA
last-modified: Thu, 08 Jun 2023 16:57:05 GMT
server: AmazonS3
x-timer: S1693848415.814171,VS0,VE0
etag: "9c5cdfce6e86f0f9b541f47a5822bb4b"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 178, 6

GET
H2 200 impl.20230904-14-RELEASE.js Show response
cdn.taboola.com/libtrc/ 804 KB
167 KB 8ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230904-14-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8235b3bab2a1571b7135f627a136b15feb8f85b057b10e5874ed580801aab158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: Ieoeyb6ZgUO_HxhJKS2Sy_e0drkVlJGi
content-encoding: br
via: 1.1 varnish
date: Mon, 04 Sep 2023 17:26:54 GMT
x-amz-request-id: J1B9CA2TY3RPK5CA
age: 12918
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 170290
x-amz-id-2: zQYhMSn4Vv6aPiYrdHDuuL8YMbSS8NqphsW2ySWVHkI3yaHwyT5HEeA8Nv5zqfcgoWF6qqGJDBE=
x-served-by: cache-fra-eddf8230035-FRA
last-modified: Mon, 04 Sep 2023 13:36:46 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693848415.814166,VS0,VE0
etag: "ff74c4a5cb61e76122bcb18af448a61e"
vary: Accept-Encoding
content-type: application/javascript
abp: 51
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 464

GET
H2 200 pmk-20220605.1.js Show response
pm-widget.taboola.com/gomedia1-network/ 119 KB
32 KB 10ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/gomedia1-network/pmk-20220605.1.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/gomedia1-network/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 693ed1430ba92b44569c0e67b539c59b50f9c71154ba68079954c4c04f6b40ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: Y42aR53Muqsxp16pDxfJem0b63wyCTXq
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Mon, 04 Sep 2023 17:26:54 GMT
x-amz-request-id: KZNS0R7YMXJ8FW1M
age: 7603151
x-cache: HIT, HIT, HIT
content-length: 32683
x-amz-id-2: RxeQfN6BlmEI+qfRmxsaHu9OIZWk9N9H+AyydRS88MnQyjQbYnZCpa41I2vnuVRTXETWEIWtu7Y=
x-served-by: cache-bur-kbur8200111-BUR, cache-sjc10065-SJC, cache-fra-eddf8230035-FRA
last-modified: Thu, 08 Jun 2023 16:57:04 GMT
server: AmazonS3
x-timer: S1693848415.832100,VS0,VE0
etag: "571b8e52ee9cf7fba4ca518087ac384a"
vary: Accept-Encoding,,,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 20, 7820, 14

GET
H2 200 card-interference-detector.20230904-14-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 7ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20230904-14-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c75987ca39947e80228f11088132c94393bf8f8cf9628d86dd937a61b0489114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: SqHc63ISWrjEiVeDewr.RKlwt_Q4Ku_r
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 17:26:54 GMT
x-amz-request-id: MJMY6Y9E8KN9HA67
age: 12913
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 2181
x-amz-id-2: uutO7ZGEl9U4A6YPPsi0bXA5UkbA2quJPiwz+NgCNthJesE4ltSA5xo8B20UQPn64QSAX0i0w/I=
x-served-by: cache-fra-eddf8230035-FRA
last-modified: Mon, 04 Sep 2023 13:36:43 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693848415.883686,VS0,VE0
etag: "b8e6208a8c14ed6696f96bfc43c04834"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 37
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 120

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 133ms
79ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46a1a23294f17e33273fe7fe72718bd81c835a36768e24d0eb4de09e60187b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29298
x-xss-protection: 0
server: cafe
etag: 510 / 19604 / 31077537 / config-hash: 15830000896466728742
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 17:26:55 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/gomedia/ 44 KB
18 KB 77ms
4ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/op.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f2b28c2992e49104ad8272f6e66b04abb1aa1d5d250eb0d7ad597a451149dfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: TwgpCivo.3fNEUuv9PxzMmm8Ha0vYmJA
content-encoding: gzip
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
date: Mon, 04 Sep 2023 16:38:27 GMT
x-amz-cf-pop: FRA60-P4
age: 2909
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17798
x-amz-meta-git_commit: e09f10f
last-modified: Fri, 01 Sep 2023 17:32:21 GMT
server: AmazonS3
etag: "ad5dec5995a36cf9d1d0d39d5828090c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 96uRY-mBMFfkUkz55_Fg5PRBQlc_ARCwzczDGUDz0eaZ0YtxK2GvVQ==

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~cde8a5fb.a5e244dc662fdfc45883.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 16 KB
6 KB 11ms
9ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~cde8a5fb.a5e244dc662fdfc45883.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8ab8dab0bfccdfd35b06c441f5cff15059c12e49217f565a4a437de2f2644ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: A2468M4QT348N7NE
age: 1165079
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 5541
x-amz-id-2: GxYWO0Pl5q1Oo7VlDRI5LzkrXA6zDHqNuS4pmkUobPr0cVn6Gwksk3DY8BNV+Ojn+gOA4/pgOZg=
x-served-by: cache-fra-eddf8230034-FRA, cache-fra-eddf8230137-FRA
last-modified: Mon, 21 Aug 2023 19:37:20 GMT
server: AmazonS3
x-timer: S1693848415.013197,VS0,VE1
etag: "b4ec4434a7984ad55f70a1caa70a30de"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 1

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~f857917b.de504fa18f8fac33140d.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 4 KB
2 KB 10ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~f857917b.de504fa18f8fac33140d.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

80438ece7a3caadc84087a78ad2053385c3fd8e06aed6f889e33fb332278f607

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: MGXF5GDCSD40YEDW
age: 1759984
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1357
x-amz-id-2: zoBqXhSdVh3qSlVQPPACMXEvIdj+9H+wK2Yr1RysdUo6vYjxva2z7ZM1c3XSlQaZf2Eblhsz5lKLIdSIJWtVZA==
x-served-by: cache-fra-eddf8230055-FRA, cache-fra-eddf8230137-FRA
last-modified: Tue, 15 Aug 2023 06:30:08 GMT
server: AmazonS3
x-timer: S1693848415.013997,VS0,VE1
etag: "bd63d99b1177981a9fe3a2c17316b6da"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0, 1

GET
H2 200 runtime~adManager.1c22a6e0d76907434259.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
2 KB 21ms
20ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.1c22a6e0d76907434259.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f39914fc25519caa344f949aa026d297a84fb2af1d96f9cd9892cb97820b846b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: HM9NMF85DK1E3T2F
age: 510751
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2005
x-amz-id-2: 4XeKLBT/AwizrN+VU12B5vmYL1z4/B4eeiXCXIFhfoR+4pwUI97l5AwbWSmRV56QHun5oojKZGs=
x-served-by: cache-fra-etou8220114-FRA, cache-fra-eddf8230137-FRA
last-modified: Tue, 29 Aug 2023 19:28:16 GMT
server: AmazonS3
x-timer: S1693848415.015556,VS0,VE1
etag: "e35bf0e59ed54b359f33d7cc933bda33"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 adManager~video-html5-playlist~videoHtml5.8e7ea61bbdf1e8fd6cb6.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
3 KB 15ms
14ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adManager~video-html5-playlist~videoHtml5.8e7ea61bbdf1e8fd6cb6.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9653a847897107ec0dea87337c6ab54924c44cab284f729784f652e90eb2964b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 3GV4PQNG9DDPAWG6
age: 469537
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2357
x-amz-id-2: Ac297F557JMCzOYqJ/16mcy9CgpdXlgk9zD4NJMwPoG48n9iDjw+jHoWcFuzoxaV0NUzlQ+cGnc=
x-served-by: cache-fra-etou8220064-FRA, cache-fra-eddf8230137-FRA
last-modified: Wed, 30 Aug 2023 06:57:53 GMT
server: AmazonS3
x-timer: S1693848415.015084,VS0,VE1
etag: "24e7609d6c38949b1d926366d57fc9ce"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 adManager.a704840912cf9378ea36.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 29 KB
10 KB 14ms
13ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adManager.a704840912cf9378ea36.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2526556bd92f6b632bb706aa61537c52af57299446623e9babc618bb4bc5be7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 829S21NKFMGNZEHK
age: 434360
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 9434
x-amz-id-2: hItJZy7hNWHkxqt3s7kQGHMKLgbHL0C4BEMhn1S/6A2VBZoaR7FEnMlo84HO8c9ZtEwZCldn4f1+d04YycOV/cE+3quXryhO30j8bLaRRM8=
x-served-by: cache-fra-eddf8230080-FRA, cache-fra-eddf8230137-FRA
last-modified: Wed, 30 Aug 2023 16:43:50 GMT
server: AmazonS3
x-timer: S1693848415.015036,VS0,VE1
etag: "8cf45d6396a93b98292ead59065365c1"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~6ffce0cc.ba22825311e1b202967c.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 12ms
11ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~6ffce0cc.ba22825311e1b202967c.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5aec3208c45f71dcf99908719a1a0280691ba83c134f3638c01046f05632a110

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: JR1NZ353Q0471FKC
age: 489855
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 975
x-amz-id-2: ZHDC5zQGTJf3zH4vu9Uc9KFfHqmOf4u3jfuQqC3Eyonl5NoThwjV3oZcDDvoxXCmu+22y/UOLGE=
x-served-by: cache-fra-etou8220100-FRA, cache-fra-eddf8230137-FRA
last-modified: Tue, 29 Aug 2023 20:51:57 GMT
server: AmazonS3
x-timer: S1693848415.015019,VS0,VE1
etag: "f6919640632416e46099ea444d3471d5"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 1

GET
H2 200 runtime~videoHtml5.d72e000291acea35ff14.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 7 KB
3 KB 16ms
15ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoHtml5.d72e000291acea35ff14.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3f83433b213e300bec08d420ce56e939bf1d8f2f26b34913e8dc7d0087c6de81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 1S1AHEWBF4DK6S8P
age: 421589
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2291
x-amz-id-2: epMKmAuDTW5MM4jLX4+783sq8EvtP3TRDLd9wXxdEhZhnxTuCgMdjyEUu/iaXmJrWBKVI7p6TVM=
x-served-by: cache-fra-etou8220116-FRA, cache-fra-eddf8230137-FRA
last-modified: Wed, 30 Aug 2023 20:13:06 GMT
server: AmazonS3
x-timer: S1693848415.014990,VS0,VE1
etag: "a66d33bdaa46671933403355e84963a9"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 vendor~video-html5-playlist~videoHtml5.34581988329de03b0273.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 5 KB
2 KB 17ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~video-html5-playlist~videoHtml5.34581988329de03b0273.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

88b01f2a93eef3a3cde4f6675dbf98162901d2bcd653ce2380b70cd05c9e60b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: G0JR43770W2GQ43S
age: 573069
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1983
x-amz-id-2: 8YU886842JV5aHHB6+SWrQFj2TQJUCpf4fhP+iKkrK/evhZeiZ8Ebj5yAVEOQS5jobfpZn8Z2jM=
x-served-by: cache-fra-etou8220096-FRA, cache-fra-eddf8230137-FRA
last-modified: Mon, 28 Aug 2023 20:19:11 GMT
server: AmazonS3
x-timer: S1693848415.015005,VS0,VE1
etag: "3a94a809177b9952ca94972f7ceef346"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0, 1

GET
H2 200 video-html5-playlist~videoHtml5.f9ef1607a12759b7ed62.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 47 KB
13 KB 19ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.f9ef1607a12759b7ed62.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c5e1aa2464402f34c43a8f2b133e717ab7eb51fdfe5e8f5691cd9f313e2eb6f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 7JCHJ4D7PH4GNJX7
age: 470102
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 13250
x-amz-id-2: QhaIlQdGzqu70UlpwKaFEQyP2CNCDDi5ka6zmM2xOzB+dhjoU5VUaf7EECpeyK8olPA6/DVrSuE=
x-served-by: cache-fra-eddf8230065-FRA, cache-fra-eddf8230137-FRA
last-modified: Wed, 30 Aug 2023 06:49:01 GMT
server: AmazonS3
x-timer: S1693848415.015736,VS0,VE1
etag: "87a81cfb2336a893bca7a6dadb13a6a1"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 videoHtml5.3c27ba2470ef43fd30fe.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 13 KB
5 KB 36ms
36ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/videoHtml5.3c27ba2470ef43fd30fe.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

758fa6eb2a74c0d914aecf819e64c0876671b0eb9f0b8dc13b3d3560176c8887

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: VDRPP2MEY4TTJWEV
age: 462129
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 4583
x-amz-id-2: 6CqCGnhIx3Zl9lyPyBAWxxYj6fssZNUTyjfS1EMsDCQd+U6ybfPnmQg3I8I7rIEwMkHZTCpA9Io=
x-served-by: cache-fra-eddf8230029-FRA, cache-fra-eddf8230137-FRA
last-modified: Wed, 30 Aug 2023 08:58:19 GMT
server: AmazonS3
x-timer: S1693848415.016012,VS0,VE1
etag: "93cc2252e0c13c6f938678ec6ca06d8e"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
43 KB 69ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3733ad181d653f7803ff7a7a4e59426684b435791591a09a815230ed56e9dc4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44052
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 17:26:55 GMT

GET
H2 200 183957-47751755686051.js Show response
js-sec.indexww.com/ht/p/ 47 KB
16 KB 99ms
30ms Script
text/javascript 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2023 17:11:27 GMT
server: cloudflare
age: 688
etag: W/"da174c-bde7-6048b99ccdca1"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 8017f0b2496290d7-FRA
expires: Mon, 04 Sep 2023 21:26:55 GMT

GET
H2 200 runtime~trackers.cab236ddab54d9b50be3.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
2 KB 34ms
33ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~trackers.cab236ddab54d9b50be3.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

684b4de220f2acb97bbd72a8d06ad77da72693f611a47ada428892ba3018c9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: VAS9PJQPQ40MD90F
age: 470778
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1237
x-amz-id-2: 1B2r6u5lMGqt3lPJ9FT4hxHWirpEDY/NWOp+m+ZGJIgE/p7k7RrFHNIqSxcZF9KaCxb1UNBei12LZX0expFOSdjYAkGnWmkG6YWFq6/3G9Q=
x-served-by: cache-fra-eddf8230088-FRA, cache-fra-eddf8230137-FRA
last-modified: Wed, 30 Aug 2023 06:34:02 GMT
server: AmazonS3
x-timer: S1693848415.020332,VS0,VE1
etag: "3aaaeafd41360ff85f54800f5cea93b0"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~d466b74a.3bc8263805f96fb19cc8.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 38 KB
14 KB 35ms
34ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~d466b74a.3bc8263805f96fb19cc8.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c47a818a096c5acf2e79cfba0286462760d36e0ba5a336d45c281d8a723b868

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 4HCE7K1MMT729VPA
age: 1092044
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 13985
x-amz-id-2: UZjnpIv64cKIlSwxuiLXIJzc4EjEMxCJhfG/CsPA0+ROUzuKyQIF05fIwo6ECymVRXSqJ9aymzI=
x-served-by: cache-fra-etou8220058-FRA, cache-fra-eddf8230137-FRA
last-modified: Tue, 22 Aug 2023 18:18:01 GMT
server: AmazonS3
x-timer: S1693848415.021839,VS0,VE1
etag: "f3e8fafe1d3353e33bfd323f493fa187"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0, 1

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~4859dc64.1dff26ce3d0dfd5d4cf9.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 5 KB
2 KB 36ms
9ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~4859dc64.1dff26ce3d0dfd5d4cf9.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

12d795d53e04086036bd662081c08ad28f375df8675dd0e12985361f993d3123

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: DCQNH5QFYYQK53NB
age: 1698955
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2137
x-amz-id-2: 07R2raiqHaeIBEWHvYBekb9zLYveTfLrhJS1WBvRLG6QobyVccSVOKoTW+5TayulKk4KvQySDa4=
x-served-by: cache-fra-etou8220047-FRA, cache-fra-eddf8230137-FRA
last-modified: Tue, 15 Aug 2023 18:27:07 GMT
server: AmazonS3
x-timer: S1693848415.065014,VS0,VE1
etag: "809fe63d8d77d0e261811167c8889983"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~5bdabf3b.4ce08cad0626a2d0e370.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 180 KB
59 KB 35ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~5bdabf3b.4ce08cad0626a2d0e370.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c8a533caec5589dc47cf3cdfb96df6abc0c1c74a49b11895e205f4d621787fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: JRQAXNG3FCTV3Y3D
age: 1767070
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 60236
x-amz-id-2: tWSzU6YJIz1GwbzL+H6iLehuxys2bQNRRgSCml/+PYHoRXM8SzijYLLpD6fDh1s9dPWte6QzDOg=
x-served-by: cache-fra-eddf8230037-FRA, cache-fra-eddf8230137-FRA
last-modified: Tue, 15 Aug 2023 06:30:08 GMT
server: AmazonS3
x-timer: S1693848415.064731,VS0,VE1
etag: "4074caf7d3704b6e878c064315f9ae2c"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~51f8549f.d9ef48729350059e2b75.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 4 KB
2 KB 43ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~51f8549f.d9ef48729350059e2b75.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8a9c90b2af89cb5d0c21fe54f79d301c1755ae1d70769cf60502f1bc96cd9606

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: ZVF3RPKNTYR2EAGX
age: 2301670
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1710
x-amz-id-2: m4apw7xYM8kmmudDdzfq0dp/Tjrd84eXzlyv8kDil7lFSmOBXFBbtSMdH6Hp9lAPgacP/MKLwlI=
x-served-by: cache-fra-etou8220057-FRA, cache-fra-eddf8230137-FRA
last-modified: Tue, 08 Aug 2023 20:42:57 GMT
server: AmazonS3
x-timer: S1693848415.064746,VS0,VE4
etag: "209841c7ddc51d1d922293ebfb033f37"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 1

GET
H2 200 vendor~capPage~featureSwitchPageClient~renderThumbsModal~specialSection~trackers.706ac804f2712aaee5a7.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 22 KB
7 KB 32ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~capPage~featureSwitchPageClient~renderThumbsModal~specialSection~trackers.706ac804f2712aaee5a7.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b0719ecb2765c96a0ed53d5133f54ae746a78478cc2caf48006c7420ed63b196

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: VASAW8C3SFSF7KGN
age: 470778
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 6963
x-amz-id-2: pvhyEWGnX8H3K1ztP8XxiHIXAIiM2fPEJF22TOmlC+8FQiBy7ZYePiCLpZ2Q9Jru5VXwJ1HgSWnf+UT01eiydX3t3c5QsN4b0dDVY+LfS0Y=
x-served-by: cache-fra-eddf8230137-FRA, cache-fra-eddf8230137-FRA
last-modified: Wed, 30 Aug 2023 06:34:04 GMT
server: AmazonS3
x-timer: S1693848415.065558,VS0,VE0
etag: "e5788df16fb773b0aae9c680d6d08d7b"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 12064

GET
H2 200 vendor~trackers.dba99ae55abaa84738c0.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 114 KB
40 KB 40ms
15ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.dba99ae55abaa84738c0.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4e418ca723712dd77e0837394c7c4f8c9be9c8db41a622975d1d5b8b044bc04f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 4HC1V8GGCWVE6GT0
age: 1095430
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 41018
x-amz-id-2: JVP9h9IjX5qC66sWtOfxIQaRJGzvH2KgEEjdi9U+mpYjpmo1r0xk11tXnHy9H2LA4wAA7bw+/EE=
x-served-by: cache-fra-eddf8230062-FRA, cache-fra-eddf8230137-FRA
last-modified: Tue, 22 Aug 2023 18:18:02 GMT
server: AmazonS3
x-timer: S1693848415.065846,VS0,VE1
etag: "7d7c023a7e94548c1f5cc586eb4fb0a7"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~23711350.4428e6b8a8fae52b454f.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 13 KB
4 KB 37ms
13ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~23711350.4428e6b8a8fae52b454f.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d9ac822663d0d4cf50e91a47908374106fc3e7e47aa47d11c6167bbb63baa71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: VAS0H53XR1EK8VCJ
age: 470778
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 4159
x-amz-id-2: O6SwdieWnlfpFett7lm4t7y0DtlP4WGZKDzNEkn6MejOMfLoTfLysMm6cd1NA10vX2BWs1O1m+4juZhI2iwxrQ==
x-served-by: cache-fra-eddf8230133-FRA, cache-fra-eddf8230137-FRA
last-modified: Wed, 30 Aug 2023 06:33:56 GMT
server: AmazonS3
x-timer: S1693848415.065530,VS0,VE1
etag: "d3d947a04ec79d78192eaab42f20c5f9"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~fb1edace.a63add5a8166db667612.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 57 KB
14 KB 36ms
13ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~fb1edace.a63add5a8166db667612.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8171b2fd69a68706ff771e33d26ff77b2f49801b4a3aa7bcdebcc00c42584f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: VAS6272WBDSW130J
age: 470778
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 14414
x-amz-id-2: 9tFt4pQTrVf+vCtR2V00jaPyeMPW3yH8JbojexMuBXr7nGbJw95ZPTBqRRll/uZJEKlmnHuf9po=
x-served-by: cache-fra-eddf8230023-FRA, cache-fra-eddf8230137-FRA
last-modified: Wed, 30 Aug 2023 06:33:56 GMT
server: AmazonS3
x-timer: S1693848415.065498,VS0,VE1
etag: "159c86f99c29c0729fa71591a7d50abd"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~21c6822b.f98cc01722a3c9b8c2ea.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 198 KB
59 KB 35ms
12ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~21c6822b.f98cc01722a3c9b8c2ea.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

814bdf26ab61d460b95d4deb56acf804d12552ffe53a08804976bfc4fe50b82c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: Z7YF5WM813DWE886
age: 462145
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 59988
x-amz-id-2: oVMERWkS6BgegRnXCtUNA/Bay31wAvFCogrFktk0Y7KG5s4uGgPbTyevAm7oxzwfynBBVeZdpvQ=
x-served-by: cache-fra-eddf8230095-FRA, cache-fra-eddf8230137-FRA
last-modified: Wed, 30 Aug 2023 08:58:09 GMT
server: AmazonS3
x-timer: S1693848415.065485,VS0,VE1
etag: "391e1f5dbf52184405286f9f895f62fb"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.2f8ee481248184c9e045.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 13 KB
5 KB 33ms
11ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.2f8ee481248184c9e045.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

12cec41b495be9d7330ff0b3c38089b3a71be9c0d193b008e90e7d1b0ce30fb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: S8N9TH63RFZ51MCM
age: 434263
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 4903
x-amz-id-2: urbyhU2ZJdf0LAo8nlVbXDpvy2ci5XptKnpvTBGhQehHLMMWbFpyjazIci6adfNf+LzzyYhVZ2e0LQeNCGIVsg==
x-served-by: cache-fra-etou8220022-FRA, cache-fra-eddf8230137-FRA
last-modified: Wed, 30 Aug 2023 16:43:51 GMT
server: AmazonS3
x-timer: S1693848415.065476,VS0,VE1
etag: "bd2b7e2cc8d05757a989a4fbfffecd24"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 trackers.b1afe182d121a34e13a3.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 13 KB
4 KB 29ms
12ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/trackers.b1afe182d121a34e13a3.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7bc2fa1c7926439dbaeb0c159fb6adc3e815fc24cabb1eeacb7c3a3444ad4b4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 59MPWQYCXZRXNB2N
age: 618921
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 4305
x-amz-id-2: 2MZPK+qHQnMqtbeNxD0+fFZH1t4I/CCl2/Kv+iCF2sLLPiB9kaxhoPdelZxq57gn3PpvGXci8VI=
x-served-by: cache-fra-eddf8230091-FRA, cache-fra-eddf8230137-FRA
last-modified: Mon, 28 Aug 2023 13:26:13 GMT
server: AmazonS3
x-timer: S1693848415.065471,VS0,VE1
etag: "7a4eaaa2edc197d51b28df0b5daba336"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 runtime~channelSectionPage.55442290fa222553d7f0.js Show response
x.kinja-static.com/assets/new-client/ 25 KB
5 KB 248ms
209ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/runtime~channelSectionPage.55442290fa222553d7f0.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c59e44ba7b1ccc11fa56e99434c28a63a9916865500f9a415b6bf04f6fa372a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: AMSA7BB9T7WA44A0
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 4995
x-amz-id-2: jEoO/ERT203YbmTdYabJNuAecSYAUJORgGmUZxmtoK7/B/lsIJXYbIApjJXcK6h678wBXylVVS42YPjpmX/yWg==
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Fri, 01 Sep 2023 15:43:57 GMT
server: AmazonS3
x-timer: S1693848415.088474,VS0,VE202
etag: "5887b6786bb5eefcecfa1e146a5f0b3c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~PlaylistCarousels~adEditorComponent~adEditorPageComponent~biztools~capPage~car-shopping-widge~987681ae.f023158706af240ec459.js Show response
x.kinja-static.com/assets/new-client/ 29 KB
8 KB 50ms
11ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~PlaylistCarousels~adEditorComponent~adEditorPageComponent~biztools~capPage~car-shopping-widge~987681ae.f023158706af240ec459.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8cf330675d0dce20631db4b7392131fef3583be25ec71256f0f562179878906e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: JRQCS73PG3J16C7H
age: 99
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 8055
x-amz-id-2: XnxGmXjhMTh515EGHHM4RiWeE8GGCgq1lolVXRgQjjIyowg89KLVccSYufk+eJSEjN04VMjqRZY=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Tue, 15 Aug 2023 06:30:08 GMT
server: AmazonS3
x-timer: S1693848415.088484,VS0,VE0
etag: "e5118b3fdaa80249276f2e17c9b28958"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~celebrityPage~channelSectionPage~commerceDashboard~copy-to-clip~0512e254.89612b6c2bb0a3df4c7e.js Show response
x.kinja-static.com/assets/new-client/ 119 KB
33 KB 51ms
12ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~adEditor~biztoolsPage~capPage~celebrityPage~channelSectionPage~commerceDashboard~copy-to-clip~0512e254.89612b6c2bb0a3df4c7e.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ab71542224e581180e9f24246bc8cc18692b536d3035e4ad325b93cc79af169

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: JRQBGE9PQN04CKE8
age: 78
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 33779
x-amz-id-2: FIpVNM8wE/7LKNNs0bQHfLDyBJfKqZ3f3gD2pCRwxK8FmzjH3V/M32/k2YucFmUt0ycP6xzxpzA=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Tue, 15 Aug 2023 06:30:08 GMT
server: AmazonS3
x-timer: S1693848415.088474,VS0,VE0
etag: "f4794a4d210ca523386eb0c8e31991c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~PlaylistCarousels~YMALModule~adEditorComponent~biztools~capPage~car-comparator~car-selector~c~48c7e4ee.c32057424569fa1aca46.js Show response
x.kinja-static.com/assets/new-client/ 3 KB
1 KB 54ms
15ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~PlaylistCarousels~YMALModule~adEditorComponent~biztools~capPage~car-comparator~car-selector~c~48c7e4ee.c32057424569fa1aca46.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d569b378a07eae60c8dc37b16b43560bf18fc959e8716f654b85b2f0f1f8166f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 308871G7SRH1RFWB
age: 105
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1234
x-amz-id-2: EC6DE2P0DZMF6EN6cIVKER5cz/OCdLaqGutPafQv50Hfaotx/690mLNLP53PZr4mH3y7fq5KPEo=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Mon, 28 Aug 2023 16:32:43 GMT
server: AmazonS3
x-timer: S1693848415.088525,VS0,VE1
etag: "633dd2aff6536c71b154d17f44ff6e0e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~83c8be27.6b0dacb0c26faf382b24.js Show response
x.kinja-static.com/assets/new-client/ 3 KB
1 KB 46ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~83c8be27.6b0dacb0c26faf382b24.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

759cc925f137be357585ba1ae5b99415642585ea6ecc4c8645a63cc1d42517d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 5PE39MH5X121SGE0
age: 73
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1033
x-amz-id-2: LFG6xCc78q1fY1z+Zlw1sFY6p36C14FeqM1FxXIy2d5727QbNa0YOxApGnrm7lQbq+D5yaqhFsM=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Mon, 28 Aug 2023 20:19:10 GMT
server: AmazonS3
x-timer: S1693848415.087782,VS0,VE0
etag: "2a9b7f2aa64387045ddad8d1cb47d97c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~PlaylistCarousels~YMALModule~adEditor~biztools~capPage~car-comparator~car-selector~car-shoppi~5ec26682.d22e8ea432f900ae6b73.js Show response
x.kinja-static.com/assets/new-client/ 6 KB
2 KB 53ms
15ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~PlaylistCarousels~YMALModule~adEditor~biztools~capPage~car-comparator~car-selector~car-shoppi~5ec26682.d22e8ea432f900ae6b73.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9b09f315a3f6dd961b1a334448e8c7af694553c1b2c655d00d19d09586fb6295

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: QY3X8GGBCNQEKRAS
age: 120
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1980
x-amz-id-2: ogoApMXSy48Gdxsf450USp2jwatbjPw/wOzudTsDjaoPwgAeUcii/8zYZyUpY0zNUo7B4z2VIQghtd3cNNa8ErG8YuE5C/zBaNDobHwFz8M=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Tue, 15 Aug 2023 18:27:07 GMT
server: AmazonS3
x-timer: S1693848415.088447,VS0,VE1
etag: "65966e49590821bd7da5231ee2f30e5b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~PlaylistCarousels~YMALModule~adEditorComponent~biztools~capPage~car-comparator~car-selector~c~9b1ad6eb.67e2a7fa4a8071bf00d8.js Show response
x.kinja-static.com/assets/new-client/ 8 KB
3 KB 10ms
10ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~PlaylistCarousels~YMALModule~adEditorComponent~biztools~capPage~car-comparator~car-selector~c~9b1ad6eb.67e2a7fa4a8071bf00d8.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1ad0b6437204bb3e82046624064910b016a3380cf41b8bdf31c1d60edf332959

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: QP6EHH7VQXN54VJG
age: 120
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2787
x-amz-id-2: yucSEknxRwm5cqFdkvIs0c5N80l+wSBmnGJ1YzkY2AZ1de8YZLz2FQ8QWhDUZvs3RDTH6pLOnfo=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Mon, 21 Aug 2023 19:37:20 GMT
server: AmazonS3
x-timer: S1693848415.098130,VS0,VE2
etag: "4bb6a65dfd8e7329f69b100845ef7d09"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~PlaylistCarousels~YMALModule~biztools~capPage~car-comparator~car-selector~car-shopping-widget~3ecd5180.d1dbd7afb6b0b4b6238f.js Show response
x.kinja-static.com/assets/new-client/ 5 KB
2 KB 11ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~PlaylistCarousels~YMALModule~biztools~capPage~car-comparator~car-selector~car-shopping-widget~3ecd5180.d1dbd7afb6b0b4b6238f.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e354493c004c49b504a94827e8c8da1073f5c9f3a913732ecc01dcd613db97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: B464FG6JZ6ZQM4K6
age: 34
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1819
x-amz-id-2: 4Stx71crTVlpdxJq3qCxKDibu2f5RGwMtLSfmdZp0HWX5iufSBvWqBCLrh+W7kG4vBYOCDrVgNU=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Wed, 23 Aug 2023 07:09:01 GMT
server: AmazonS3
x-timer: S1693848415.105604,VS0,VE0
etag: "ce89d67fc551d00580c75e5e01a22d07"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~celebrityPage~channelSectionPage~curatedHomepage~frontPage~hamburger-menu-variant2~moviePage~~64e5e735.103f3c8110d0f4b9809a.js Show response
x.kinja-static.com/assets/new-client/ 3 KB
1 KB 9ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~celebrityPage~channelSectionPage~curatedHomepage~frontPage~hamburger-menu-variant2~moviePage~~64e5e735.103f3c8110d0f4b9809a.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6151afd17448b143a40e19bab756dabbcb6ca8a032642b937f8f14487d1e794e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: PJZD1ZAPEWGHW90H
age: 34
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1197
x-amz-id-2: CpH71+YcNvOOVCQFN5zkq2cwlbZ4CtEORR4smSyvhxiBRxei46QeBnQJlG3a6yKD1GnHulsfW8U=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Mon, 21 Aug 2023 19:37:21 GMT
server: AmazonS3
x-timer: S1693848415.105963,VS0,VE0
etag: "cedfecfb8d8af192d35f9181d454f038"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~PlaylistCarousels~YMALModule~car-comparator~car-selector~car-shopping-widget~celebrityPage~ch~e1620044.7deb80157bf978ae715f.js Show response
x.kinja-static.com/assets/new-client/ 4 KB
2 KB 10ms
9ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~PlaylistCarousels~YMALModule~car-comparator~car-selector~car-shopping-widget~celebrityPage~ch~e1620044.7deb80157bf978ae715f.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

743af8ea8602e805f162375e8a72f062da9f6e55002be76122ecf8445f680024

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: N67XW2BP2F9B9D63
age: 79
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1736
x-amz-id-2: sIJX+khpQosJ9fugTkSoyrYO/vL1cHZpk+/98HxLprs2EUSN5gM7625Yg7/SZA3UsBiMhxSQt1Q=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Thu, 10 Aug 2023 07:42:18 GMT
server: AmazonS3
x-timer: S1693848415.106445,VS0,VE0
etag: "ae3b1711edafcfe906b68f0d00775d87"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1295566

GET
H2 200 vendor~PlaylistCarousels~YMALModule~car-comparator~car-selector~car-shopping-widget~celebrityPage~ch~23bd618f.1c88e45f5712fa7e38f0.js Show response
x.kinja-static.com/assets/new-client/ 20 KB
7 KB 10ms
9ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~PlaylistCarousels~YMALModule~car-comparator~car-selector~car-shopping-widget~celebrityPage~ch~23bd618f.1c88e45f5712fa7e38f0.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c748686f19ef7fe946240446c69a59c9748fe04128f56d1b911554bce718daf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: CZVARECXF7KRAAT3
age: 91
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 6665
x-amz-id-2: ANGaW6x4P9O3cDP1eew8A8jmYVgTdnU42MeNTTOAwyleIeiyr5NYqMAe3CASI5QKIINEh+1nWyE=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Tue, 08 Aug 2023 20:42:57 GMT
server: AmazonS3
x-timer: S1693848415.106609,VS0,VE1
etag: "b81a7a04a9fe99e799b5bcf277147d33"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~PlaylistCarousels~YMALModule~car-comparator~car-selector~car-shopping-widget~celebrityPage~ch~ca10f589.b7330c54ef94f5711707.js Show response
x.kinja-static.com/assets/new-client/ 4 KB
2 KB 9ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~PlaylistCarousels~YMALModule~car-comparator~car-selector~car-shopping-widget~celebrityPage~ch~ca10f589.b7330c54ef94f5711707.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

421e82331a97b801c088b0762a87384ce657b99c9070fb3bbd16bb30fe89712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: JB95R9PPM38FV8BG
age: 42
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1403
x-amz-id-2: 1SjWX6lG4v92STLWq+0Wv+cc0PBrYDFFKZECLXgyZcqm3FNsknGKWYyhnwgMFWFoaoR7hWpqlmkkxNyow/HCy7z5A6ezDSwKx/XnsqAWLX0=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Tue, 29 Aug 2023 19:47:46 GMT
server: AmazonS3
x-timer: S1693848415.108166,VS0,VE1
etag: "8a7c76125c8cc7ccb64cf4eedff5e129"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~PlaylistCarousels~YMALModule~carousel~channelSectionPage~feed-stream-load-more~homepage-edit~~76e49d52.9d4155f66be3997c9692.js Show response
x.kinja-static.com/assets/new-client/ 9 KB
3 KB 17ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~PlaylistCarousels~YMALModule~carousel~channelSectionPage~feed-stream-load-more~homepage-edit~~76e49d52.9d4155f66be3997c9692.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e0aef2dc58440d2ff6cc7e8f9d62206853dd10a5847f88b835450924db62236c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 765H4MDJSBH0AYST
age: 79
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3045
x-amz-id-2: GYEUAmZ+m4gCTlcLTyDagOHXdXdZ1W1wncVlTgm5LULXkHm/YR3ed/3ZW/xw6P5LS/30V/+MokY=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Mon, 21 Aug 2023 12:42:40 GMT
server: AmazonS3
x-timer: S1693848415.126182,VS0,VE1
etag: "33f39b4171755443284120abe97cbe75"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 channelSectionPage.082447ccf995ee5763d9.js Show response
x.kinja-static.com/assets/new-client/ 2 MB
302 KB 210ms
209ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/channelSectionPage.082447ccf995ee5763d9.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f271b51970229612bf484721c518b5f60aa3e18ac705957bf4caf9d508059711

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: AMS34VGBAMSX570S
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 308641
x-amz-id-2: RCFJGG763+C1qvRnl9CIgGIPk2MNUtbq4W6D+ZBmvATyrbrs6R8StEPrpCdMAIKOdZbcgY+WwG4=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Fri, 01 Sep 2023 15:43:52 GMT
server: AmazonS3
x-timer: S1693848415.126154,VS0,VE196
etag: "e357c94f3554ef5e046c3d7b8f9e7218"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ad-units-default.d374e76083a991fcabb4.js Show response
x.kinja-static.com/assets/new-client/ 14 KB
3 KB 15ms
14ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ad-units-default.d374e76083a991fcabb4.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.1c22a6e0d76907434259.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9c596cd2bad0ad9c8a38a6324fad0f24fca7ff62667d3658b7e8398a26a84a5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: Q50B691HCE1X6PY0
age: 43
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2877
x-amz-id-2: TuBzE7C8F5soB4OzTozhaIBHwVz7Zs6jta7HIFm44sgtCauwR4ZEDkOm8aN/cehz8nswFOxHoNA=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Mon, 21 Aug 2023 07:13:08 GMT
server: AmazonS3
x-timer: S1693848415.126152,VS0,VE0
etag: "8e5d16482dafab731e046db8a5c4387a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 display-theonion-desktop-config.c3ea742a568e1952e8fd.js Show response
x.kinja-static.com/assets/new-client/ 11 KB
1 KB 18ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/display-theonion-desktop-config.c3ea742a568e1952e8fd.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.1c22a6e0d76907434259.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

622fb51880ca649d2bec903515a6ce45ceb17a8b146b38f1909f08cc96874c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 7Q49A187XZJH705V
age: 64
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 919
x-amz-id-2: TXoyHr5MLLDaZ7zhgWZRdpM+OoWAhpsqzLt5vObIMCM6Xzbi0RUt6048PNkzMFPFm1NAUTnC/RA=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Wed, 16 Aug 2023 06:12:18 GMT
server: AmazonS3
x-timer: S1693848415.126106,VS0,VE1
etag: "9468c3e024d25849ffa665f5a086c9cb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 248 KB
61 KB 61ms
9ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/adManager.a704840912cf9378ea36.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:55:03 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
last-modified: Thu, 24 Aug 2023 18:15:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 1913
etag: W/"bfd42dc650471371e7b049251fcaca58"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: CNBbXGkLmwHCU-A0YwlAOL_7f8nybchWNBzdCnKDtHLHUO_9ayen8Q==

GET
H2 200 prebid-js-prod.43bf42174e14caab7eaf.js Show response
x.kinja-static.com/assets/new-client/ 453 KB
114 KB 16ms
15ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.1c22a6e0d76907434259.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b34781cea14bc4049c068db0c857b50f4f1d2cd0069ce99b98b649944d1d51b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 001R623NKAWG658D
age: 91
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 116221
x-amz-id-2: +i1i1UQU2WU4eMoO6IT4ne3f8lWlATvozUsgpOyoIMJNnSn0xfW9v4me/uK64ONZZ2Mgei2jBkfmpaNnDsnRCVsFjoKKiKXw8HgYgKS5KYA=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Tue, 29 Aug 2023 19:28:15 GMT
server: AmazonS3
x-timer: S1693848415.126171,VS0,VE0
etag: "887a8b3554553466d82b36301f014a76"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 356 KB
123 KB 67ms
22ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.f9ef1607a12759b7ed62.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9f0196a37642b04ecaf289a2772042f8d51629c622b87a35b8876315c89f8ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125514
x-xss-protection: 0
expires: Mon, 04 Sep 2023 17:26:55 GMT

GET
H2 200 b-e09f10f-4415d417.js Show response
tagan.adlightning.com/gomedia/ 77 KB
29 KB 8ms
7ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 895fe95f9252951d1b3acfba50546376d3224bb5a19fa40df3be17e6571e844b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 11:23:42 GMT
content-encoding: gzip
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
x-amz-version-id: W1DH6jDxNN9jfL9k8Lwxuy3R7DRroyh6
x-amz-cf-pop: FRA60-P4
age: 3564194
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29341
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:51 GMT
server: AmazonS3
etag: "2bdbd3c490a4d678a49da1f2123b95f8"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 2Z_RpFkvA1dGPzsqWWJCG4Q0V4pJEcJTiDFxzcOqGlC3rO_K8xk2_w==

GET
H2 200 bl-c25b203-af84bf87.js Show response
tagan.adlightning.com/gomedia/ 67 KB
28 KB 9ms
9ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/bl-c25b203-af84bf87.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3eb90a4f182e38f747c3a9329ec0266814a0a78df23fdb56dc62f6ee512197ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 17:37:36 GMT
content-encoding: gzip
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
x-amz-version-id: ux1netr9UXWX2ueaLbWz4iXmRqXGhbjP
x-amz-cf-pop: FRA60-P4
age: 258560
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28086
x-amz-meta-git_commit: c25b203
last-modified: Fri, 01 Sep 2023 17:31:38 GMT
server: AmazonS3
etag: "fa1df19efb3f67b727f715098024a71b"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 9ulZQMQSak9KHJ9cKEkO51JMDLK0DdM5I9kHn8_cf5yezWc7MxznCw==

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
440 B 69ms
17ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 pid Show response
www.theonion.com/api/magma/veritas/ 40 B
855 B 113ms
112ms Fetch
text/html 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/magma/veritas/pid?cb=1693848415287

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.dba99ae55abaa84738c0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

858b04b7c370059a2bdb4d78839ae04ad617b015389fd26d5aa76e42cb1be422

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-kinja-revision: d21cfe35e8c22f2343bf250108252e0f9a505d82
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
date: Mon, 04 Sep 2023 17:26:55 GMT
x-kinja-gdpr: true
x-kinja-build: 4380
x-powered-by: Express
x-cache: MISS, MISS, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube01-754b8dc94f-6x8wj #4380
x-cdn-fetch: mantle-nocache
content-length: 40
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000042-IAD, cache-iad-kiad7000172-IAD, cache-fra-eddf8230137-FRA
x-googlenews-bot: false
x-timer: S1693848415.292470,VS0,VE106
etag: W/"28-0Q09QGEV0vbpbgtbG7SHyjGXT3s"
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location
content-type: text/html; charset=utf-8
cache-control: private, no-store, no-cache
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-kinja-server: kinja-magma-kube01-754b8dc94f-6x8wj
x-cache-hits: 0, 0, 0

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://kinja-com.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=kinja-com&upapi=true

16 KB
7 KB

63ms
21ms

Script
application/javascript

2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=kinja-com&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9697b427ff68f57dffe803235d58c59686e7b4fb2435967ef024d7c4a367182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2023 17:00:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1554
etag: W/"0d83809468630e4e88cf3f49ecb0dfe0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sts1bO8d2WWT7eTNb8iStbjxqKGkkTU2YxRxwFmJj9Tj0CTppbDXbO0aUvoOOBKPOZ3YnYcsLSs7%2BEDABl3ZZbwl7OrYpX3n3gMD61e5UZfHX1HaEbwnppD4fXGZJuEcOO2IuLVEP7ZPcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 8017f0b47f9e1cab-FRA

Redirect headers

date: Mon, 04 Sep 2023 17:26:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CiSpl6d5Qh4LCMePq22zdTeikVXvkeUC1vC%2BvLV%2FAO3OCP0UqE2wG9PEGlfbMVKCLsLzf%2Fi4yQyWklDqltDYlt2e20iTNGP4pfRh4A%2B8j91zkVIE01N9wfutJTcd3gO%2BoB8JMbXccETurZ0xnJ2qEQKEZn3EEUt9RM%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=kinja-com&upapi=true
cache-control: max-age=3600
cf-ray: 8017f0b3dfd03678-FRA
expires: Mon, 04 Sep 2023 18:26:55 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 72ms
7ms Script
application/x-javascript 2600:9000:2057:c200:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:21:21 GMT
content-encoding: gzip
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 00:45:38 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 334
etag: W/"64d2e1b2-94a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: -bZwKvrJTSSTQ_BuFP6xi2qPZiJzRncfI1pkWSOLWh7hE9O9Dt3LFQ==
expires: Tue, 05 Sep 2023 17:21:21 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 116ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Sep 2023 17:26:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 roboto_condensed_ext_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 22 KB
22 KB 7ms
7ms Font
binary/octet-stream 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_bold-webfont.woff2?11012022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aa4a10fb18a7cf972ee266856700400200e09d0557441a4aed5adf6f1d4a94a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: CJZQVA13NN3Y99E2
age: 2
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 22308
x-amz-id-2: hexRpamrjyqT3FJPAAPIkGd7OYcOTa4NVwn55qif2Ifbn3pW/oAM68vuNy6z/j6T3T75b0q4Rfg=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Thu, 10 Aug 2023 17:07:51 GMT
server: AmazonS3
x-timer: S1693848415.300637,VS0,VE0
etag: "5b89baa90ed9f475cc75193a4873c51a"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 roboto_condensed_ext_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 22 KB
22 KB 7ms
6ms Font
binary/octet-stream 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_reg-webfont.woff2?11012022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cf63e82bd1a86cf85c62989cc15541677669740180c62e7855e00a967f18ba06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: PVPPC4SDSFZ9Z99H
age: 55
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 22464
x-amz-id-2: Hx/RPIpFFko3mr9jUmDkxMGT6No1bgMdgGUd+3weufOar/XbsOF7K+QJrNjbxlCb3eU+6HXE0vU=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Thu, 10 Aug 2023 17:07:53 GMT
server: AmazonS3
x-timer: S1693848415.301630,VS0,VE0
etag: "07a9822d47ff9a6f495d0f1c04d185c8"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 18 KB
18 KB 7ms
7ms Font
binary/octet-stream 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: H4VGHZ0SGW59WW48
age: 65
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17984
x-amz-id-2: 4NXjHFnzB9Aur8IiEAdWbJs3pbtNcxQNRB0Ahl30HF3XljJ1wSKbHWq3ADz2bapOCv85mkaNhYG6S7aHedWco186HDDP3fdr
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Mon, 28 Aug 2023 20:26:35 GMT
server: AmazonS3
x-timer: S1693848415.306711,VS0,VE0
etag: "0518781cd45a71291d17ea1febfcc5fe"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
66 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a954b2802f5c6ee2fb9aa302a4598d6c8da18ceca94c7e1a53e7620dc9b84dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67708
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 17:26:55 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
361 B 59ms
18ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
168 B 329ms
122ms XHR
application/json 107.23.63.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=GOMEDIA&sv_domain=www.theonion.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.63.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-63-94.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.theonion.com
date: Mon, 04 Sep 2023 17:26:55 GMT
access-control-allow-credentials: true
server: nginx/1.22.0
content-length: 2
vary: Origin
content-type: application/json

GET
H2 204 any Show response
idx.liadm.com/idex/ie/ 0
314 B 312ms
98ms XHR
text/plain 52.204.63.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/ie/any

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.204.63.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-204-63-111.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.theonion.com
date: Mon, 04 Sep 2023 17:26:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
trace-id: 336b0bcf8bb4554d
vary: Origin
request-time: 1

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
390 B 39ms
33ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183957&gdpr=0
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8c4e01e13c9597f95dac3ad77f2bedc29f4862638f22d5e52f2bc0ad88a6aefc

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 04 Oct 2023 17:26:55 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ 403 KB
127 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:52:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34471
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129682
x-xss-protection: 0
server: cafe
etag: 12917394590533080382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 03 Sep 2024 07:52:24 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
369 B 84ms
16ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 954 B
1 KB 7ms
7ms XHR
application/json 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3076&u=https%3A%2F%2Fwww.theonion.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 067aa3b61bb22a73852b83b49e46e3c54923a017dd005502f370527a32582162

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:37:01 GMT
via: 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 17393
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 954
x-amz-cf-id: 1AJuzCACJ_UnMCdLG7Q-uGxHbLiSJ-j02QhCwE7b80xrxajvvJjmog==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 20ms
6ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront)
date: Mon, 04 Sep 2023 08:31:18 GMT
x-amz-cf-pop: FRA56-P3
age: 32138
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: KlzvjajoGHPPq8FBb9dRN0crIrP3DDcNbebqJu0IiJuvj2YwhiN7IA==

GET
H2 200 bridge3.587.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6908 720 KB
231 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 596713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236429
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:41:42 GMT
expires: Tue, 27 Aug 2024 19:41:42 GMT
last-modified: Mon, 28 Aug 2023 19:39:24 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 57ms
15ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Sep 2023 17:26:55 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 18A9 40 KB
14 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 04 Sep 2023 18:17:38 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 329ms
102ms Image
image/gif 3.208.225.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=theonion.com&p=%2Flocal&u=CYOtHGByliWvBJd5u6&d=theonion.com&g=3012&g0=www.theonion.com%2Clocal&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6178&o=4000&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&b=457&_c=2023-09-04&_m=email&_x=TheOnion_Daily_RSS&t=CSFdydnaY_hD5uZuoYaObGD3gp4J&V=141&i=Local%20-%20America%27s%20Finest%20News%20Source%20%7C%20The%20Onion&tz=-120&sn=1&sv=CO7FQHB-0OhED4eCxBX0nrKCvxoue&sd=1&im=067b0ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.225.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-225-137.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Sep 2023 17:26:55 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 iframe-communication.d153faead67976190b53.js Show response
x.kinja-static.com/assets/new-client/ 3 KB
1 KB 7ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/iframe-communication.d153faead67976190b53.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a4a675c58ebdb96761ce6492beb887ce9cc56ad902827c7dca796681647add7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: RJEBVQRPPKG4QYZG
age: 109
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1136
x-amz-id-2: ife+AHeylnBmGNrf5KhicWUczcmnPx5nvmWgzSotFeWIt4KibrHF3+Oi/9AaoG/JzpGTrGDWBKg=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Mon, 28 Aug 2023 13:26:10 GMT
server: AmazonS3
x-timer: S1693848416.909673,VS0,VE0
etag: "8dc26d93f148352c24e486a521cb6dcb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 next-video-loader.5968d73c59db75364dbd.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
902 B 8ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/next-video-loader.5968d73c59db75364dbd.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4187d54bac080e9b6d8060da70abe3459746b9f19bd42f5acd9af3ed7a72de24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: JRQ78CBRNWQA6TFY
age: 1
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 701
x-amz-id-2: rDkgrE9UZ6lUBTcPGkwpLplrdN9o2ymhWhsrwPudYosj0Xs1/T1OqaQ4isATLL1IyNEMF/+iSys=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Tue, 15 Aug 2023 06:30:05 GMT
server: AmazonS3
x-timer: S1693848416.918858,VS0,VE1
etag: "c0ac174061bb349d0dcd459fd8d26333"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 adEditorComponent~api-video-meta~curatedPageEditor~feed-stream-load-more~getShowBrowserData~in-artic~9fee9799.69933273eae139e3ef45.js Show response
x.kinja-static.com/assets/new-client/ 7 KB
2 KB 7ms
6ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/adEditorComponent~api-video-meta~curatedPageEditor~feed-stream-load-more~getShowBrowserData~in-artic~9fee9799.69933273eae139e3ef45.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b8f85b88a61dfe85dd2dfb0dc983ae79ac1bdc72dca26d2222e450d2e4ab1b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 4AQPKAH8Q5XJXW62
age: 52
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1912
x-amz-id-2: L9VJHlbu7dHE/MohmyAvSaEOn90l6wCcPrbGX7auBvncCepU9sCOKehp2ALiohJUrATrMw29P7I=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Fri, 01 Sep 2023 07:13:19 GMT
server: AmazonS3
x-timer: S1693848416.919066,VS0,VE0
etag: "c0cb0bd3ca0b2242a5b827cb19ca6794"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 15ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=53871450&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&ul=en-us&de=UTF-8&dt=Local%20-%20America%27s%20Finest%20News%20Source%20%7C%20The%20Onion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABFAQCACAAI~&jid=1693012983&gjid=1372206700&cid=885217533.1693848416&tid=UA-223393-1&_gid=454735774.1693848416&_r=1&_slc=1&cd34=Local&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=channelSectionPage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=channelSectionPage&cd132=undefined&cd134=1&z=333652375

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 14ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=53871450&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&ul=en-us&de=UTF-8&dt=Local%20-%20America%27s%20Finest%20News%20Source%20%7C%20The%20Onion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABFAQCACAAI~&jid=1213507379&gjid=65571713&cid=885217533.1693848416&tid=UA-142218-33&_gid=454735774.1693848416&_r=1&_slc=1&cd34=Local&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=channelSectionPage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=channelSectionPage&cd132=undefined&cd134=1&z=295576002

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 236 KB
78 KB 42ms
8ms Script
text/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-49.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding: gzip
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
date: Mon, 04 Sep 2023 04:56:26 GMT
last-modified: Thu, 08 Jun 2023 08:56:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 45031
x-amz-server-side-encryption: AES256
etag: W/"a23e5e8674928ef24c6825d63b8d2927"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: DhzNRPMS0Z_cxIMNie2dQbm96Ykh9lPBzQxKeCC3HdGGE69JFsqYOg==

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 145ms
116ms Fetch 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 17:26:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
944 B 40ms
14ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2417926
x-guploader-uploadid: ADPycdvof54aj3nJF9j2pFkT7XyFfMr2eTNswXxrgFKh1yS0BnLimqeYg1sKLzp2-QT788JsKH4W5KoT_pem8-HW54kFdsBXjpPW
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZ1FG94swuxukt%2BF%2FRv669Pi1PShII3%2B17zps7Hohb3sMRrzjyZHA92gl5dPBFWjb%2BB4cUZRLPJeL%2FW%2F%2BMbeF0HDBD6%2B%2FOO2ktlRghqYxPovBTYk4vO70%2BF3c61c54biT8zEX%2BbP2SGnaNfKbw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8017f0b8e9ab2bec-FRA
expires: Mon, 07 Aug 2023 18:48:06 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 43ms
6ms Image
image/x-icon 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 03:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 03:50:50 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
336 B 44ms
18ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.06433478272590376
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2417926
x-guploader-uploadid: ADPycdvof54aj3nJF9j2pFkT7XyFfMr2eTNswXxrgFKh1yS0BnLimqeYg1sKLzp2-QT788JsKH4W5KoT_pem8-HW54kFdsBXjpPW
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxVeMIW4cIvgl8gKabO2V%2B0pD6Z01hS%2BBE5fBRMmRNiv3DlCKzuzjj2poERY6WiHZFoCI0BpXlI27gUfXhg2irlaN4zYMuO7TRmZWI9sX9abo8rwkev6Zk704xvFDUlZe90pcFmYxh8BfhnWLA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8017f0b8e9ad2bec-FRA
expires: Mon, 07 Aug 2023 18:48:06 GMT

POST headerstats
as-sec.casalemedia.com/ 0
0

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
11 KB 46ms
7ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?48
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:20:07 GMT
content-encoding: br
age: 409
x-guploader-uploadid: ADPycdvEnqMw5DqM6rn-TK35JPwVG9-dilupeMsPk1UYw-UgAZ-jf41QhvE8ZSY7Zcx_8mieFaHWNOkICi59N9Wc1a11
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10525
last-modified: Mon, 10 Apr 2023 17:13:24 GMT
server: UploadServer
etag: W/"b0965f051977c0dd95ffe2c736cac352"
vary: Accept-Encoding
x-goog-generation: 1681146804366265
x-goog-hash: crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type: application/javascript
cache-id: FRA-1209ea83
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: none

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65b0120d3aedf513aee94f243cf360dcebff4fdb0db40290a25476dacc3608da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77019
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Sep 2023 17:26:56 GMT

GET
H2 200 gomedia_015a5_the_onion.js Show response
cdn-magiclinks.trackonomics.net/client/static/v2/ 95 KB
28 KB 47ms
8ms Script
text/javascript 2600:9000:236e:bc00:1d:8c8c:47c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:bc00:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash: 5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 00:38:49 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jun 2022 11:07:33 GMT
server: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
x-amz-cf-pop: FRA60-P1
age: 60505
etag: W/"17c61-5e21b75e9e639"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-id: gETPhUsMv9TWfMoY0I2BCYB0c4-HSJrdyPrSgEsamPzqdYZdgxWM4w==

GET
H2 200 ad-manager-bulbs.c463ea05828bf41db59b.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 11ms
10ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ad-manager-bulbs.c463ea05828bf41db59b.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5e7e337e9b90ce3eae8fb267bbc624428a3d3e24b01f093176ad8790727e9e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: ZKNKFFHTBTXBPZXN
age: 76
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 887
x-amz-id-2: bYeA+b4KD00hA3nBsmfrxic4nBi0zSenRTdH0Q2kBJ68xMcxQaa0QnVpJoKRsXy9xVV2nzZDXKY=
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Tue, 29 Aug 2023 20:51:51 GMT
server: AmazonS3
x-timer: S1693848416.191048,VS0,VE0
etag: "32650a844aaef4cb5374896e9bb83f0d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 108ms
51ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&pid=fTQ7RzueMEwaL&cb=0&ws=1600x1200&v=23.821.1806&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Fchannel_top-banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: 6PWV86V6TA54EKY6CGRV
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: UkZWIXfoQnWb4-NCoOVsL1WOJf9jzkvGpQ9a-Y8UEnfG6bt_riwiMw==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 261 B
495 B 283ms
65ms XHR
application/json 34.242.38.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-1,ss:%5B970.250,970.90,728.90,1600.350%5D,p:/4246/fmg.onion/channel%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252Flocal%253Futm_source%253DTheOnion_Daily_RSS%2526utm_medium%253Demail%2526utm_campaign%253D2023-09-04
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.38.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-38-114.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5f4c1b139f663107e5e32bc05973d987875ac393c19bb2e0efe34621f190af21

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
server: nginx
x-server-name: app08.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 86ms
43ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&pid=fTQ7RzueMEwaL&cb=1&ws=1600x1200&v=23.821.1806&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-8%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Fchannel_left_top%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: 04KJV7KTZJP3GNKD8EJH
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: yVLkdL91rKLAVmqrxVhTayOdSvwUTgeVii4TiQ5HRlvRdorIqIz5dg==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 280 B
513 B 288ms
75ms XHR
application/json 34.242.38.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-8,ss:%5B300.250,360.430%5D,p:/4246/fmg.onion/channel%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252Flocal%253Futm_source%253DTheOnion_Daily_RSS%2526utm_medium%253Demail%2526utm_campaign%253D2023-09-04
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.38.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-38-114.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3d23007267afb8dfbcc85f68ede524ab88a558c8c8ec190643cc266e048e5ed3

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
server: nginx
x-server-name: app01.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 44ms
24ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 33951
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcIoMv2nhW%2FmEpVJHJjUlMhPnJ5A7u15mQNHeqTOQgWzL4YtcMHSvZKgCQK780w%2Bv0f1oz%2FQAJvw91LF04alrSaaOV5ZwYpVJdNp%2FanojJxNK5uza2E7V6%2FfFqtfeujXDwpXGrnnV1kd%2FhcUXM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8017f0b98afa9bd6-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 119 KB
26 KB 39ms
20ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 10:48:56 GMT
server: cloudflare
x-amz-request-id: QTJY3TKXH2S69T4C
age: 885
etag: W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8017f0b98b689c10-FRA
x-amz-id-2: s7gw1DoDpRG506itNAD68zqI0ypREvNRh5xrx/jtpV0kZIChsGBv5p+3bDOjIPbShKEW2FznCbw=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 54ms
20ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 02 Jan 1970 00:00:00 GMT
server: nginx
etag: W/"15180-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Sep 2023 17:26:56 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 197ms
22ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-223393-1&cid=885217533.1693848416&jid=1693012983&gjid=1372206700&_gid=454735774.1693848416&_u=aGDACEAAFAQCACAAI~&z=1518852575

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Sep 2023 17:26:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 197ms
23ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-142218-33&cid=885217533.1693848416&jid=1213507379&gjid=65571713&_gid=454735774.1693848416&_u=aGDACEABFAQCACAAI~&z=1379457074

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Sep 2023 17:26:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 200ms
18ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Mon, 04 Sep 2023 17:26:55 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 prebid Show response
krk2.kargo.com/api/v1/ 0
500 B 175ms
11ms XHR
text/plain 52.57.132.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk2.kargo.com/api/v1/prebid
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.132.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-132-226.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
content-encoding: gzip
x-accel-expires: 0
accept-ch: Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr: 508
vary: Accept-Encoding
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
krk-no-bid-reason: consent
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 23 B
366 B 205ms
28ms XHR
application/json 18.198.172.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.172.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-172-184.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cd0279c0d79900961472bea4e527ecee9af9ead6d2818eb38a9aa2c2c5cbbece

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 04 Sep 2023 17:26:56 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 48

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 214ms
39ms XHR
application/json 52.223.4.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 466 B
804 B 298ms
124ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392270&zone_id=2189722&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&kw=TheOnion&tg_v.iab_segments=1-4&tg_i.domain=theonion.com&tg_i.page=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&tg_i.mobile=1&tg_i.pbadslot=%2F4246%2Ffmg.onion%2Fchannel%2F1%2Ftop&tk_flint=pbjs_lite_v7.54.4&x_source.tid=979459b3-9e5b-4184-982e-3ad03d97b984&l_pb_bid_id=103c0364e85812&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=979459b3-9e5b-4184-982e-3ad03d97b984&rp_hard_floor=0.65&rp_maxbids=1&p_gpid=%2F4246%2Ffmg.onion%2Fchannel%2F1%2Ftop&slots=1&rand=0.020795320344960677
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9bfb9fa2ce6c94ad17bd7c0e42a73a99307afe6fb8441f8be2d7274d8daad487

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 466
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 138 B
702 B 187ms
16ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f135af61bb5f9d85d1c36631a373301a4e480780782b557608877cd2fd5c554c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
an-x-request-uuid: a8a70888-f441-4e7f-8323-4838b5895752
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.72; 45.141.152.72; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 138
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 84 B
610 B 206ms
36ms XHR
application/json 18.239.83.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-101.ams58.r.cloudfront.net
Software: istio-envoy /
Resource Hash: ec2b0bccae5f8e928e051ce78668f26b52d540d6868c51d44699fde13a5e5cef

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
via: 1.1 c27d2e9d4c6e59d1b92ac8671f0bfb9c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS58-P5
x-reason: maxmind anonymous vpn
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84
x-amz-cf-id: 54DS954hKt3cF1lV4FG7v82BgeHP-QrSLBXSDd0qZ9Um3URJSyJvAQ==
alt-svc: h3=":443"; ma=86400

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
527 B 327ms
157ms XHR
application/json 52.59.77.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.59.77.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-77-223.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
accept-ch: sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
555 B 228ms
62ms XHR
application/json 104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=727144
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16f4b4a76ab83417c6cd7a468a5d9c53ea56a6f09e63059023bb50028b997dfb

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAm4nhXtsKqGCCotUqLGsi0nLGlJdmbF5%2F%2BGtRyuchRO9DlHj%2Fqn8iFAFyVhKXp%2FD5Y6FylGQqRWg%2BMFABWZzLPfA4y56Vyey1HeiH5%2BDVN6izdGyavnZ%2FwGYlHmJerZj9TmWM%2FB"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8017f0baaef7bbd1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
195 B 186ms
23ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=29638477905&lsavail=1

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Mon, 04 Sep 2023 17:26:55 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 449 B
789 B 280ms
123ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392270&zone_id=2189708&size_id=15&p_pos=atf&rf=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&kw=TheOnion&tg_v.iab_segments=1-4&tg_i.domain=theonion.com&tg_i.page=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&tg_i.mobile=1&tg_i.pbadslot=%2F4246%2Ffmg.onion%2Fchannel%2F8%2Fleft_top&tk_flint=pbjs_lite_v7.54.4&x_source.tid=aea4ec80-a7e1-458a-8de0-d59e7dd816c1&l_pb_bid_id=22b242bd9862e75&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=aea4ec80-a7e1-458a-8de0-d59e7dd816c1&rp_hard_floor=0.65&rp_maxbids=1&p_gpid=%2F4246%2Ffmg.onion%2Fchannel%2F8%2Fleft_top&slots=1&rand=0.6930501656577681
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a4ea039371cdb104162475cd7123b654afc6151b6a397364cc956e6bcf4deb9e

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 449
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
310 B 220ms
63ms XHR
application/json 104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=727138
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36c41df39af019a613f545dcfc7bfa73060c8b6df0d71459e1f8928cfddc93a1

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acDNPKWle7sYcDQm2KnBJjuxgOvA5U6fP5gzLoSzIH4pnN0dJM4p2yy11oGHM%2BB3dBc8hk0u2OJPHkROcULqHagMfLzb%2Bc%2FqWGlCCeaPNM9%2FUZLZrIzsLAV71UCR0HKpMnh6EfDP"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8017f0baaefbbbd1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
367 B 190ms
35ms XHR
application/json 18.198.172.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.172.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-172-184.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 42705e567513031d25bbf7dfa493c62d7cd08b009e2908ed3fb07e4d5e45d393

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 04 Sep 2023 17:26:56 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
528 B 233ms
77ms XHR
application/json 52.59.77.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.59.77.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-77-223.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
accept-ch: sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 172ms
18ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Mon, 04 Sep 2023 17:26:56 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 179ms
24ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=44559613928&lsavail=1

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Mon, 04 Sep 2023 17:26:56 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 192ms
40ms XHR
application/json 52.223.4.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
703 B 167ms
15ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6786ca4177bacfecd4e4c7dfb3dd572485ff969c3f1b5387b59d1afe15395599

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
an-x-request-uuid: 604035f7-03f5-453e-9452-c1b8c83e126e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.72; 45.141.152.72; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 84 B
608 B 194ms
42ms XHR
application/json 18.239.83.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-101.ams58.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 913abea338a1058786a6f15932be5c1534f08bd40717d5a071503da6a78ff683

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
via: 1.1 c27d2e9d4c6e59d1b92ac8671f0bfb9c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS58-P5
x-reason: maxmind anonymous vpn
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84
x-amz-cf-id: VjoWO-cOl2F7Fk-M2nNlusVGO0TCdYcUACyLw5qb5KdHXOPFd2Y1Rg==
alt-svc: h3=":443"; ma=86400

GET
H2 200 country Show response
api.btloader.com/ 16 B
141 B 118ms
117ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 120ms
119ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=SKPWJGHZn&w=5197056576585728&o=5726495427264512&cv=2.1.17-2-g0b33bd3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&sid=142zyZ2pn&upapi=true
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 17:26:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
609 B 117ms
8ms Fetch
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 00:58:33 GMT
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront), 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 59303
x-amzn-requestid: d1bce43e-d526-4e81-9e7c-2ad7b8a91324
x-amzn-trace-id: Root=1-64f52bb9-55d6e3bc1a4add714e31e785;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: KtPFBGpujoEFgew=
content-length: 30
x-amz-cf-id: HRyrP2zd84UK6RtwLq7HGRm0O9VmArntVm5zq4xpARtiIv_ZzdLWIA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
325 B 102ms
10ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Mon, 04 Sep 2023 17:26:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
309 B 33ms
32ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=90810&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&pv=1693848416330_le55n8yjx&bl=en-us&cb=5918248&return=&ht=&d=&dc=&si=1693848416330_le55n8yjx&cid=&s=1600x1200&rp=&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?48
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:55 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7DE4 15 KB
6 KB 58ms
18ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 17:26:56 GMT
server: Kestrel
server-processing-duration-in-ticks: 332043
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 76ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FBJXBGD4M8&gtm=45je38u0&_p=53871450&cid=885217533.1693848416&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693848416&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&dt=Local%20-%20America%27s%20Finest%20News%20Source%20%7C%20The%20Onion&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 44ms
44ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&pid=fTQ7RzueMEwaL&cb=2&ws=1600x1200&v=23.821.1806&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-10%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Fchannel_left%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: DTZBVT91EDRP9DVTCCMC
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: _iYxiRRneQKihZ46MP-DfYsQu4zwaEMtV4oS5lkNS0BveoD-zlZOpg==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 281 B
516 B 108ms
59ms XHR
application/json 34.242.38.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-10,ss:%5B300.250,300.600%5D,p:/4246/fmg.onion/channel%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252Flocal%253Futm_source%253DTheOnion_Daily_RSS%2526utm_medium%253Demail%2526utm_campaign%253D2023-09-04
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.38.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-38-114.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 92d4a044e31a158b47da3479d8f82ed1cc338aa223e2cc87b106472b4c4248e6

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
server: nginx
x-server-name: app07.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 48ms
47ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&pid=fTQ7RzueMEwaL&cb=3&ws=1600x1200&v=23.821.1806&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-7%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Fchannel_mid_banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: 8RQ02M5WQ4NWSP80QSYQ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: gy97UuYLN_89OSTcqgUdMzSgs3y3dT7Ajkenn1mdn-UbP8JDTUIC8A==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 280 B
514 B 109ms
66ms XHR
application/json 34.242.38.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-7,ss:%5B970.250,728.90,1600.350%5D,p:/4246/fmg.onion/channel%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252Flocal%253Futm_source%253DTheOnion_Daily_RSS%2526utm_medium%253Demail%2526utm_campaign%253D2023-09-04
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.38.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-38-114.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f170d05412c9e342e6afffdcb0a668057d7ad0e82802f3a30d2bce110e00d61a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
server: nginx
x-server-name: app09.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 48ms
48ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&pid=fTQ7RzueMEwaL&cb=4&ws=1600x1200&v=23.821.1806&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-9%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Fchannel_left%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: G879VBYBG4SHSCY3SXMP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: yp_VDT2RqPs9Xr8-eceuFZPzSidFFs_yzugF1-L90Xm5EXowoZOT0A==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 280 B
514 B 100ms
61ms XHR
application/json 34.242.38.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-9,ss:%5B300.250,300.600%5D,p:/4246/fmg.onion/channel%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252Flocal%253Futm_source%253DTheOnion_Daily_RSS%2526utm_medium%253Demail%2526utm_campaign%253D2023-09-04
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.38.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-38-114.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 86a7891b591c476199a403113d10730cead8fdc88025599020c93704dcbacdf4

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
server: nginx
x-server-name: app16.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

POST
H2 204 prebid Show response
krk2.kargo.com/api/v1/ 0
499 B 35ms
18ms XHR
text/plain 52.57.132.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk2.kargo.com/api/v1/prebid
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.132.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-132-226.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
content-encoding: gzip
x-accel-expires: 0
accept-ch: Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr: 508
vary: Accept-Encoding
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
krk-no-bid-reason: consent
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
367 B 59ms
27ms XHR
application/json 18.198.172.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.172.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-172-184.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c86abbd94e20e5870e532f1a9ff536004023f51612ba013e089020b7028b9989

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 04 Sep 2023 17:26:56 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 138 B
701 B 48ms
17ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8dbc515d574a8fce7b97e9899f28432419bf25e7678a5a804553fe098fb9e870

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
an-x-request-uuid: 0602bc02-8a85-428d-88ad-c21c8b4dd103
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.72; 45.141.152.72; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 138
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 104ms
38ms XHR
application/json 52.223.4.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 55ms
25ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=27554933064&lsavail=1

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Mon, 04 Sep 2023 17:26:56 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
303 B 179ms
150ms XHR
application/json 104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=727136
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f872215e936012b1b2ca74c0382d5acaa21e12a2712e5f3d9f96671cac31919b

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EW7D1NridLa30u7B6vzstz5JDFYUnaFeJG8So7iWw9sypUsDAW9ks9iFYmCAfKFKrQ0moaUqxI6Wq6UjAYAVEMq6w4123oMkl0TRil7cvZEto7p4O5FTGYzWc1Bl8F5Rv87VNDiQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8017f0baaefdbbd1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
527 B 231ms
203ms XHR
application/json 52.59.77.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.59.77.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-77-223.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
accept-ch: sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 84 B
608 B 67ms
39ms XHR
application/json 18.239.83.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-101.ams58.r.cloudfront.net
Software: istio-envoy /
Resource Hash: d277ef3b1358bda3675dc6aca9a07108f3703fc3051504b0712aa2fa72f97808

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
via: 1.1 c27d2e9d4c6e59d1b92ac8671f0bfb9c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS58-P5
x-reason: maxmind anonymous vpn
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84
x-amz-cf-id: P0YhxciiMJH8StImOLqIKYuGq_OnKmv5mrCPv7v8q8z1t8p8xDl2OQ==
alt-svc: h3=":443"; ma=86400

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 46ms
19ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Mon, 04 Sep 2023 17:26:55 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 466 B
980 B 142ms
115ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392270&zone_id=2189704&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&kw=TheOnion&tg_v.iab_segments=1-4&tg_i.domain=theonion.com&tg_i.page=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&tg_i.mobile=1&tg_i.pbadslot=%2F4246%2Ffmg.onion%2Fchannel%2F10%2Fleft&tk_flint=pbjs_lite_v7.54.4&x_source.tid=db73d85c-803d-421e-8de9-1b86d22346d6&l_pb_bid_id=58408d46bca0cdf&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=db73d85c-803d-421e-8de9-1b86d22346d6&rp_hard_floor=0.65&rp_maxbids=1&p_gpid=%2F4246%2Ffmg.onion%2Fchannel%2F10%2Fleft&slots=1&rand=0.09135330533499908
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 40a82d38771733df5ccc264063772da9704208bfbe1a6a9d214ef92451a1c18c

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 466
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
367 B 67ms
43ms XHR
application/json 18.198.172.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.172.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-172-184.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 053f8a52c740bbf13f0384851ec9ea9d7d46df9247554269df3bb43faa45e1dc

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 04 Sep 2023 17:26:56 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
702 B 39ms
16ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d04c1c204354bb7239c7c3241b97ac2ffb1b967c2d5fe5ca633633fd25c50738

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
an-x-request-uuid: 0272d02d-5cfa-4acf-acfb-058854bc44a9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.72; 45.141.152.72; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 84 B
607 B 64ms
41ms XHR
application/json 18.239.83.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-101.ams58.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 545a0f2f496fb49ea16cd1853d69ad8572954cc4a0232a0bc1ff565941b2c42c

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
via: 1.1 c27d2e9d4c6e59d1b92ac8671f0bfb9c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS58-P5
x-reason: maxmind anonymous vpn
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84
x-amz-cf-id: cej4Uip-gAdN9diOv69wW-IKS6WsjNtE-wSingYvcsaR1Ghxbv5cjw==
alt-svc: h3=":443"; ma=86400

POST
H2 204 prebid Show response
krk2.kargo.com/api/v1/ 0
499 B 18ms
12ms XHR
text/plain 52.57.132.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk2.kargo.com/api/v1/prebid
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.132.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-132-226.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
content-encoding: gzip
x-accel-expires: 0
accept-ch: Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr: 508
vary: Accept-Encoding
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
krk-no-bid-reason: consent
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
527 B 206ms
184ms XHR
application/json 52.59.77.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.59.77.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-77-223.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
accept-ch: sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 63ms
44ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Mon, 04 Sep 2023 17:26:55 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 91ms
35ms XHR
application/json 52.223.4.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 41ms
24ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=70123721551&lsavail=1

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Mon, 04 Sep 2023 17:26:55 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 info Show response
www.theonion.com/api/veritas/ 107 B
819 B 123ms
122ms Fetch
application/json 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/veritas/info?pi=c55914e3c22325aaeecb5b97aeff1d2851390aec&cb=1693848416442

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.dba99ae55abaa84738c0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0516299c12ed2c63405fb5f70718c10ca91256d1c0b23a70c7cb259a05fc514d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 17:26:56 GMT
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-kinja-gdpr: true
age: 0
x-cache: MISS, MISS, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 115
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200102-IAD, cache-iad-kjyo7100041-IAD, cache-fra-eddf8230041-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1693848416.446866,VS0,VE110
x-frame-options: DENY
vary: Accept-Encoding, Authorization, X-Valid-Scroll-User
content-type: application/json
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

POST
H2 200 b
www.theonion.com/api/veritas/ 0
0 128ms
128ms Fetch 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/veritas/b?debug=0

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.dba99ae55abaa84738c0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Veritas-Version: 1.1.2
Content-Encoding: gzip
Referer: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 17:26:56 GMT
x-permitted-cross-domain-policies: master-only
x-kinja-gdpr: true
x-cache: MISS, MISS, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-nocache
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100030-IAD, cache-iad-kjyo7100030-IAD, cache-fra-eddf8230041-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1693848416.453358,VS0,VE121
x-frame-options: DENY
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 109ms
85ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-142218-33&cid=885217533.1693848416&jid=1213507379&_u=aGDACEABFAQCACAAI~&z=123309485

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 72ms
47ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-142218-33&cid=885217533.1693848416&jid=1213507379&_u=aGDACEABFAQCACAAI~&z=123309485

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7DE4
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=YJYvOXxqMi9PVlRUMnRvS0pFWGd5SnFPWnJFeWxVbGhNMDdiTzNheUEwc05yRThjOU9qUTh5cUtHLzI2Zmc2S284djJJRmtPUnpFdUZTdmdvV016b2tobHN1dkF3KytQbkpFUWZLa2JITUFPQmlaVStnTmxsYXd3SVp2US...

425 B
645 B

42ms
15ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=YJYvOXxqMi9PVlRUMnRvS0pFWGd5SnFPWnJFeWxVbGhNMDdiTzNheUEwc05yRThjOU9qUTh5cUtHLzI2Zmc2S284djJJRmtPUnpFdUZTdmdvV016b2tobHN1dkF3KytQbkpFUWZLa2JITUFPQmlaVStnTmxsYXd3SVp2UStSUnB3Rld2RkpDT2NNTlNleG4yY3N4L3V0bzB5d1ZhYWJVcWZKTWUyenpIclBlV2gyaE9VR2ptTjNZU3BOM3haSHU3NUtZQU54RFFRRkE3cnRNT3Q3WldkeUluNEFPVUZGclUzZ0hJaVFiZlphOXBGbW5IWUVUcGI4TUF4bEt5Yk9BTjF0Q3lrZEZZZHZqeXcwM3VWQXFQanVNeGhqRkVLMi91aGptZXZEUE5pRUdrZVNxMD18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7639776f865d92a739c44b753257c7261d403ae1305c5a5c1a3c47f521a0b98e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 930224
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=YJYvOXxqMi9PVlRUMnRvS0pFWGd5SnFPWnJFeWxVbGhNMDdiTzNheUEwc05yRThjOU9qUTh5cUtHLzI2Zmc2S284djJJRmtPUnpFdUZTdmdvV016b2tobHN1dkF3KytQbkpFUWZLa2JITUFPQmlaVStnTmxsYXd3SVp2UStSUnB3Rld2RkpDT2NNTlNleG4yY3N4L3V0bzB5d1ZhYWJVcWZKTWUyenpIclBlV2gyaE9VR2ptTjNZU3BOM3haSHU3NUtZQU54RFFRRkE3cnRNT3Q3WldkeUluNEFPVUZGclUzZ0hJaVFiZlphOXBGbW5IWUVUcGI4TUF4bEt5Yk9BTjF0Q3lrZEZZZHZqeXcwM3VWQXFQanVNeGhqRkVLMi91aGptZXZEUE5pRUdrZVNxMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 299638
content-length: 0
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 465 B
804 B 138ms
137ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392270&zone_id=2189704&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&kw=TheOnion&tg_v.iab_segments=1-4&tg_i.domain=theonion.com&tg_i.page=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&tg_i.mobile=1&tg_i.pbadslot=%2F4246%2Ffmg.onion%2Fchannel%2F9%2Fleft&tk_flint=pbjs_lite_v7.54.4&x_source.tid=2a044e18-8c5e-475c-9441-8bd2388acf6d&l_pb_bid_id=78871321dc8d732&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=2a044e18-8c5e-475c-9441-8bd2388acf6d&rp_hard_floor=0.65&rp_maxbids=1&p_gpid=%2F4246%2Ffmg.onion%2Fchannel%2F9%2Fleft&slots=1&rand=0.761869437677978
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a0a45c67f5080285c5edc54fc6879bf13042799d8053294dfceaf7028544fcca

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 465
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 18ms
18ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Mon, 04 Sep 2023 17:26:56 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 prebid Show response
krk2.kargo.com/api/v1/ 0
499 B 15ms
15ms XHR
text/plain 52.57.132.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk2.kargo.com/api/v1/prebid
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.132.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-132-226.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
content-encoding: gzip
x-accel-expires: 0
accept-ch: Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr: 508
vary: Accept-Encoding
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
krk-no-bid-reason: consent
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 84 B
609 B 60ms
59ms XHR
application/json 18.239.83.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-101.ams58.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e50b4127ad21b7b0a7980dddbf7f92f3cbc5b68210b5444196b8e0632426dd84

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
via: 1.1 c27d2e9d4c6e59d1b92ac8671f0bfb9c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS58-P5
x-reason: maxmind anonymous vpn
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 25
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84
x-amz-cf-id: wRPWfEYYrNFHTMVdFmJ8oCxdsrZEoFAxXZL51o8-lkab0ij575nIIg==
alt-svc: h3=":443"; ma=86400

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
527 B 218ms
218ms XHR
application/json 52.59.77.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.59.77.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-77-223.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
312 B 119ms
118ms XHR
application/json 104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=727136
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dfcaa8abfacdced0265abd8663e5f9c52e3acf3c2bcf020ca7fbfc5887711d3

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYyTrSG3ZnED1zwZhX4V5hrzHbkZJL%2FSMM1M1hWi7aVa9a4lp9mk1K5GKr1vVMpbRFNt72w%2Fk50EKpGKPuM%2Fjxv%2FW7qgkgECKMJqm0V9JgfM8a%2BGf6qFmpGDHpt1ETLLg2eWpsW1"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8017f0bb2fcdbbd1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
367 B 38ms
38ms XHR
application/json 18.198.172.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.172.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-172-184.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cd494d77d3872713fbafb11c2251c64bd2b68cb83101623bccee31d1ec787539

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 04 Sep 2023 17:26:56 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
702 B 14ms
14ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5e55a58d469ba300453d8fc26cb56656d8b41950020c67b8f7681308e239b45e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:56 GMT
an-x-request-uuid: 2397f03d-a784-4b6d-a505-28a13fde0795
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.72; 45.141.152.72; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 29ms
29ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=34316159438&lsavail=1

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Mon, 04 Sep 2023 17:26:56 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 37ms
37ms XHR
application/json 52.223.4.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 17:26:55 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 799 B
466 B 412ms
412ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1179115621645041&correlator=2729977862604377&eid=31076479%2C31077537%2C31076770%2C31068366&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cchannel&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C360x430&ifi=1&didk=1378598710&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693848416564&lmt=1693841216&adxs=2279&adys=2320&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&vis=1&psz=372x0&msz=372x0&fws=1028&ohw=4000&ga_vid=885217533.1693848416&ga_sid=1693848417&ga_hid=53871450&ga_fc=true&dlt=1693848414533&idt=1639&prev_scp=article_position%3Dnone%26pos%3Dleft_top%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dleft_top-01%26amznbid%3D2%26amznp%3D2%26id%3D346ab18f-4b48-11ee-bb02-06d8cca89c2a%26vw05%3D40%26vw%3D40%2C50%2C60%26fr%3Dfalse%26ias-kw%3DIAS_3007987_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3Dlow&cust_params=veritas-iab%3D1-4%26tags%3Dlocal%26blogName%3Dtheonion%26channel%3Dlocal%26section%3D%26subsection%3D%26page%3Dchannel%26utm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&adks=1579876302&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2b5246b599faa589118d14d9ec6dd98d3614c103f88f642fe0a49e3ed65a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 435
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 71ms
56ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb64f7c09c34af08018b2463bada10762b88032bfc21a9669a80f2c449acd179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11834
x-xss-protection: 0

GET
H2 200 container.html Show response
4062671dbcaa9207b00213f6833c9d72.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F7E3 6 KB
3 KB 234ms
14ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4062671dbcaa9207b00213f6833c9d72.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 17:26:56 GMT
expires: Tue, 03 Sep 2024 17:26:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 617 B
306 B 760ms
760ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1179115621645041&correlator=2729977862604377&eid=31076479%2C31077537%2C31076770%2C31068366&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cchannel&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90%7C1600x350&ifi=2&didk=1378598719&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693848416588&lmt=1693841216&adxs=1515&adys=366&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&vis=1&psz=4000x351&msz=4000x351&fws=1028&ohw=4000&ga_vid=885217533.1693848416&ga_sid=1693848417&ga_hid=53871450&ga_fc=true&dlt=1693848414533&idt=1639&prev_scp=article_position%3Dnone%26pos%3Dtop%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dtop-01%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_3007987_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3Dlow&cust_params=veritas-iab%3D1-4%26tags%3Dlocal%26blogName%3Dtheonion%26channel%3Dlocal%26section%3D%26subsection%3D%26page%3Dchannel%26utm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&adks=2345862306&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a26bfe73edd9788912e593ba27c7987b49f35e11c16d6c31fc9a1ae5f7c0f118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 275
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 617 B
305 B 989ms
988ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1179115621645041&correlator=2729977862604377&eid=31076479%2C31077537%2C31076770%2C31068366&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cchannel&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x350&ifi=3&didk=1378598709&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693848416612&lmt=1693841216&adxs=1220&adys=2280&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&vis=1&psz=1600x0&msz=1600x0&fws=1028&ohw=4000&ga_vid=885217533.1693848416&ga_sid=1693848417&ga_hid=53871450&ga_fc=true&dlt=1693848414533&idt=1639&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-01%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_3007987_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3Dlow&cust_params=veritas-iab%3D8%252C%25202%252C%252020%26tags%3Dlocal%26blogName%3Dtheonion%26channel%3Dlocal%26section%3D%26subsection%3D%26page%3Dchannel%26utm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04%26veritas-segments%3D4%252C%25205%252C%25208&adks=2170612626&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7658da947c803fe2f131e1eb256c488743f1e8896254b0d467d830deb8b8c60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 617 B
305 B 1213ms
1213ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1179115621645041&correlator=2729977862604377&eid=31076479%2C31077537%2C31076770%2C31068366&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cchannel&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=4&didk=136931552&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693848416630&lmt=1693841216&adxs=2279&adys=3001&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&vis=1&psz=372x650&msz=372x0&fws=1028&ohw=4000&ga_vid=885217533.1693848416&ga_sid=1693848417&ga_hid=53871450&ga_fc=true&dlt=1693848414533&idt=1639&prev_scp=article_position%3Dnone%26pos%3Dleft%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dleft-02%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_3007987_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3Dlow&cust_params=veritas-iab%3D8%252C%25202%252C%252020%26tags%3Dlocal%26blogName%3Dtheonion%26channel%3Dlocal%26section%3D%26subsection%3D%26page%3Dchannel%26utm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04%26veritas-segments%3D4%252C%25205%252C%25208&adks=4261292688&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fde60796e882bfb886a3e3d00182137b83c9c3c208017a431e145671254068f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 199ms
48ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 17:26:56 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 617 B
308 B 1434ms
1434ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1179115621645041&correlator=2729977862604377&eid=31076479%2C31077537%2C31076770%2C31068366&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cchannel&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=5&didk=1378598711&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693848416727&lmt=1693841216&adxs=2279&adys=2351&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&vis=1&psz=372x650&msz=372x0&fws=1028&ohw=4000&ga_vid=885217533.1693848416&ga_sid=1693848417&ga_hid=53871450&ga_fc=true&dlt=1693848414533&idt=1639&prev_scp=article_position%3Dnone%26pos%3Dleft%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dleft-01%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_3007987_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3Dlow&cust_params=veritas-iab%3D8%252C%25202%252C%252020%26tags%3Dlocal%26blogName%3Dtheonion%26channel%3Dlocal%26section%3D%26subsection%3D%26page%3Dchannel%26utm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04%26veritas-segments%3D4%252C%25205%252C%25208&adks=1988376597&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16f8d8d06a464946f2a3f6822d43c68a768c06a5491d9563c716762c15f8af25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 277
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D57A 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 16:58:50 GMT
expires: Tue, 03 Sep 2024 16:58:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F948 829 B
991 B 18ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3447c0a62ed5dba89ba10d32d371499653d50aa8eea11df90aa099c1a3efc802

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R74YmProCJ56-fltois4aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 535
content-security-policy: script-src 'report-sample' 'nonce-R74YmProCJ56-fltois4aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 17:26:56 GMT
expires: Mon, 04 Sep 2023 17:26:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js Show response
pagead2.googlesyndication.com/bg/ Frame D57A 38 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0312bb2a1c664a1e47f77dd4d22bd7065f28082337c029a7891db83787f23cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 16:23:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 263026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 31 Aug 2024 16:23:10 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F948 0
0 110ms
110ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308290101&jk=1179115621645041&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D57A 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Qit2QA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 112ms
112ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308290101&jk=1179115621645041&bg=!BAelB0jNAAYHwnCgJ8I7ADQBe5WfOIENCaqrpcJ15WZR6jAv5aPDCNCYzqcFwmM4-N6AmSCWJkDtq0Q5DZ2Bbmar4HpUAgAAAFhSAAAADmgBB5kCsTbFdgLyyZ2NZ8Wazaw0kfr7VlL5zu1XR5FHwD3oI4d5P-5vkLJZj2hXBLOXX-yeE_kZV2hVcg3wQ_a5gDzBOvcKru7aqb7DvUk4CHXG-UlEwyzjuSPBo8EOtAAHz3o8wiaYbC3iINDeUEjZS8HNwuwaWLdc73uAHXdWXUQ4B0QoZE8XnVs2BzdX2RpsT3hXoQloygtpJia5NC01uhGZUs9wee4O-oT1ePBJBaeDhGBmSQU4qbmk_uCYxdDdq77SC1WFO-fNIPB0kMbYA43IqinnCin1VFsXtknudU4_tZSn-orxdAU5jixkIoThsizGxDbd26n7ruv-FUaL9zoTSzKq-c7PqljXAQPwAaGn_Xnfsz5l5L5OVc44o_RlRVBmIfZMuYMbPEyPteIFUIOaqqTHqKb-8mJBot5AXxIJuFIdu3YSTRp7Mf4F8Hm49C4YJFRRbQxJIkbeZIVDrvPXpRqtStI5axGVc8TkWmjxt3NomyYtEMjTJNdFlyQbF9Xi5z6bBaClvbvLtPsydFVYMT0Hc3WpCfKkTfXTJT0BOsiMjSsZEMh_4BMqH42CpV6HKBFKwAZBamUw5UudlIqPFqXAcbcHT6JUXAxdT46QSecitWAqayps0ma-HK4bjw_b-sU2p7ex9QdIc0dRAuG-a9MnAkV0slH_dq9wzIh3IktutTfi4pHicyIxSrLhBLqjuaxYfx8UKBXzUBBx7qczh-0nOFgcbRlwnUomqX2D1h9FMkre2x7uns6YV6GSvHXa2EnAYVLUGooJnc8K5qrIUGQr7XtNJkBFNCxEVqeL--J0CJhMlt7DOSgFgFmZXtdV4YArRci9a_5o070JLS_2WIh4jCH4u-xwxFPPjfXuX7J1HcAiJRbm5VdYX2qQbq8t5BIMyPDFoiyct2i97EUFGUpY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 26ms
25ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Sep 2023 17:26:57 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6C25 15 KB
6 KB 20ms
20ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 17:26:57 GMT
server: Kestrel
server-processing-duration-in-ticks: 1652934
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 62ms
31ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Sep 2023 17:26:57 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6C25
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=3&topUrl=www.theonion.com&bundle=37WENF9PQzFiMHpJenBrQXclMkZPdXRBdHdFRWRGRm5HZ045RTlGak9kMWhMJTJGbnE2S0...
https://mug.criteo.com/sid?cpp=V85CdXxOTEtGZS8yOTBFd1hUM0NsVVh6cHdVQmxaelVwQ2ptYjJ5NzM5Q0xmK3UrR2FCVnVlR2Iwa09qQzA0OVdmNUUvVkl2ZnhhVW1uaDdsMlBlTkxGWENrVVY5ZG1ETnNwWk1yVVJqeHRhZk5QdW54bWxOaWxDcnNNS1...

430 B
650 B

15ms
15ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=V85CdXxOTEtGZS8yOTBFd1hUM0NsVVh6cHdVQmxaelVwQ2ptYjJ5NzM5Q0xmK3UrR2FCVnVlR2Iwa09qQzA0OVdmNUUvVkl2ZnhhVW1uaDdsMlBlTkxGWENrVVY5ZG1ETnNwWk1yVVJqeHRhZk5QdW54bWxOaWxDcnNNS1JNMytHa1YyMzhwYllmTERxeE9xNmk5bXpHVFdMWlFVNW4rQkpjN2lvQjM0ZW0xRllUTVhTMkpndGJUVEF0UFF2MEhQMGl4bFF3L3puMjI1TFIwNm9HODg3Rkdiby9rTmFSbyt5N2lrTk1LVHllL3B1NmZTTTVUQUw2TU95YXppNFFqcWdFVEo4bk53ZGZjeG1mYzNHQjJDMmQrSjl3OHM4VTZaOXVsREpBQ2xRcC9QMHRVQT18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ad5ec3390d6dd92846754ef3c0439a658bfcce3de61fe16b3c2cc574211fe772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 879396
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:26:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=V85CdXxOTEtGZS8yOTBFd1hUM0NsVVh6cHdVQmxaelVwQ2ptYjJ5NzM5Q0xmK3UrR2FCVnVlR2Iwa09qQzA0OVdmNUUvVkl2ZnhhVW1uaDdsMlBlTkxGWENrVVY5ZG1ETnNwWk1yVVJqeHRhZk5QdW54bWxOaWxDcnNNS1JNMytHa1YyMzhwYllmTERxeE9xNmk5bXpHVFdMWlFVNW4rQkpjN2lvQjM0ZW0xRllUTVhTMkpndGJUVEF0UFF2MEhQMGl4bFF3L3puMjI1TFIwNm9HODg3Rkdiby9rTmFSbyt5N2lrTk1LVHllL3B1NmZTTTVUQUw2TU95YXppNFFqcWdFVEo4bk53ZGZjeG1mYzNHQjJDMmQrSjl3OHM4VTZaOXVsREpBQ2xRcC9QMHRVQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 258422
content-length: 0
expires: 0

GET
H2 200 action_links.json Show response
fr-actions.trackonomics.net/prod/www.theonion.com/local/ 4 B
447 B 434ms
405ms Fetch
application/json 18.66.122.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fr-actions.trackonomics.net/prod/www.theonion.com/local/action_links.json
Requested by: Host: cdn-magiclinks.trackonomics.net
URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-67.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5c24f7ca1c946fa4dfd44407409c8e11ec6e41f0e1c7c45bf8381b42afb31f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:59 GMT
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
last-modified: Sun, 19 Dec 2021 11:43:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 97
etag: "5ad5cc4d26869082efd29c436b57384a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Error from cloudfront
accept-ranges: bytes
content-length: 4
x-amz-cf-id: PsTZP2Z1uH9_ocMc4_iDorWTVccQhxJvqsAo_esIJGtBMk8KNpjL0Q==

GET
H2 200 i.png
trx-hub.com/i/m/ 128 B
463 B 49ms
13ms Image
image/png 18.239.36.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DZQOAdBDPVEOLO8ebElGwMRNMAEAfl4ISlhDY2oAXgAVVwB5D3dYABEwLAEAT1gAJQBlQoAycMiabF5KWOpKLIEyiNggymUsPBxYgCYABm6AZgBaXoBOEYAWEApoanhqaFnoU2nwKDgkVHRsfFESAF0KTV4hCF9YGjpFEE0BLDkIdXYdQhA+wZHx3on4gEYAdkI3QAbIQAKyjRwDCYDABaq2UqieEAELxAABlAsEAARDbEAQRo0CwQQA5EJsQAxXDUU7YgBy1BQFMKRmg2mxAB9sYlqNiUp4cKssFgFK8RRhfsDRgMABwTeW-GUwvB4ABWq2oADcHuocrJTOwpLMhEJBatjqdfAtYKLTHhrdgwLBer8wWAwepXLB3OajqKpL97Y6sM7Xe7PS4dP6MFJuqZfe4QCQgA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-19.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:48:17 GMT
via: 1.1 2e727a8c78efdc43baa0571190ea0f4a.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 04:40:25 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 36540
etag: "90eb1bf3b49429bde87a3b5f0b53e6a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 128
x-amz-cf-id: 3VLw2tbT_VsTrg23OvnxyIych554Nlqvwa-LqEAYaM1NTwPHVLdZcA==

GET
H2 200 usersync
match.adsrvr.org/track/ 70 B
260 B 32ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Sep 2023 17:26:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
eb2.3lift.com/ 37 B
140 B 54ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727136&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727136&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=0
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=d09e0eb7-2700-cd11-ef1cc022

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=d09e0eb7-2700-cd11-ef1cc022
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 17:26:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

date: Mon, 04 Sep 2023 17:26:59 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=d09e0eb7-2700-cd11-ef1cc022
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=161204
https://image8.pubmatic.com/AdServer/ImgSync?p=161204&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REM1QUVDODktRkQ3Qy00NTY2LTg1MUItRjQ4OTE4Qzg0MkYz&gdpr=-1&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
217 B

17ms
17ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Protocol: H2
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 17:26:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date: Mon, 04 Sep 2023 17:26:59 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FBJXBGD4M8&gtm=45je38u0&_p=53871450&cid=885217533.1693848416&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1693848416&sct=1&seg=1&dl=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&dt=Local%20-%20America%27s%20Finest%20News%20Source%20%7C%20The%20Onion&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 17:27:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: as-sec.casalemedia.com
URL: https://as-sec.casalemedia.com/headerstats?s=365217&u=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&v=3

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.theonion.com/	1969-12-31 23:59:59	Name: geocc Value: DE
.theonion.com/	1970-01-20 23:16:24	Name: KinjaBucket Value: 7
www.theonion.com/	1970-01-20 14:30:48	Name: KinjaSetBucket Value: 7\|1693848300\|uUQWzkqZ8Hk28mkKNtUAUyTVg0M1977YQkazZ+8uLag=
kinja.com/	1970-01-20 14:40:53	Name: KinjaSession Value: 9fe97fd8-e174-4a06-839b-350ae781da17
.kinja.com/	1970-01-20 23:16:24	Name: KinjaBucket Value: 7
kinja.com/	1970-01-20 14:30:48	Name: KinjaSetBucket Value: 7\|1693848300\|uUQWzkqZ8Hk28mkKNtUAUyTVg0M1977YQkazZ+8uLag=
www.theonion.com/	1970-01-20 15:14:00	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.theonion.com/	1970-01-20 14:32:14	Name: pageDepth Value: 1
.theonion.com/	1970-01-20 23:59:36	Name: _cb Value: CYOtHGByliWvBJd5u6
.theonion.com/	1970-01-20 23:59:36	Name: _chartbeat2 Value: .1693848415676.1693848415676.1.CO7FQHB-0OhED4eCxBX0nrKCvxoue.1
.theonion.com/	1970-01-20 14:30:50	Name: _cb_svref Value: null
.liadm.com/	1970-01-21 00:06:48	Name: lidid Value: 9b5c2462-6580-4c0c-b9ee-7549175c8f2e
.theonion.com/	1970-01-20 14:30:52	Name: AMP_TOKEN Value: %24NOT_FOUND
.theonion.com/	1970-01-20 14:32:14	Name: _gid Value: GA1.2.454735774.1693848416
.theonion.com/	1970-01-20 14:30:48	Name: _gat_unique Value: 1
.theonion.com/	1970-01-20 14:30:48	Name: _gat Value: 1
www.theonion.com/	1969-12-31 23:59:59	Name: utm_source Value: TheOnion_Daily_RSS
www.theonion.com/	1969-12-31 23:59:59	Name: utm_medium Value: email
www.theonion.com/	1969-12-31 23:59:59	Name: utm_campaign Value: 2023-09-04
.theonion.com/	1970-01-21 00:06:48	Name: _ga Value: GA1.1.885217533.1693848416
.theonion.com/	1970-01-21 00:06:48	Name: _ga_FBJXBGD4M8 Value: GS1.1.1693848416.1.1.1693848416.0.0.0
.kargo.com/	1970-01-20 23:16:24	Name: ktcid Value: 8b17088d-fa4f-0e64-1805-d1ffbd7c415b
www.theonion.com/	1970-01-20 15:14:00	Name: vtas_f Value: c55914e3c22325aaeecb5b97aeff1d2851390aec
www.theonion.com/	1970-01-20 15:14:00	Name: vtas_version Value: 1.1.2
.criteo.com/	1970-01-20 23:52:24	Name: uid Value: 447a1eab-26b5-4c5f-a7ec-36bab0382844
www.theonion.com/	1970-01-20 14:32:14	Name: _lr_geo_location Value: DE
www.theonion.com/	1970-01-20 15:14:00	Name: vtas_kv Value: {"veritas-segments":"4, 5, 8","veritas-iab":"8, 2, 20"}
.rubiconproject.com/	1970-01-20 23:16:24	Name: khaos Value: LM55M2V0-1K-BYYE
.rubiconproject.com/	1970-01-20 23:16:24	Name: audit Value: 1\|naVuGyos1qrJ4GekMKRjTGWQ0NNjmqbPd94gXYLevqKZMlS2W7OC3oao8aGULWle7rZKjN0Z2OPk0mG4eFehuuBxGCOXoSK1FOEX4J5Aa3W+xUA9sgf/4b7FQD2yB//h
.theonion.com/	1970-01-20 23:52:24	Name: cto_bundle Value: L2aOgF9PQzFiMHpJenBrQXclMkZPdXRBdHdFRVUlMkJPbXJBMDF3OVhwSkt1M1lLamt3VEhoUjhZSktZYTM5dGp6Y3ZXREdQZDl3N0o0NXl0d2VxJTJCT1paanFPMm13TUJMMHh4azNvd0JkNGx6Zk1YRGZmV0tqRmNPWllaNXk4SmhaZmtmRXpPb0p5Vmw3Y2ZlQkRIcHRkRnJ4c3NGYVElM0QlM0Q
.theonion.com/	1970-01-20 23:52:24	Name: __gads Value: ID=db9af330eb66485f:T=1693848416:RT=1693848416:S=ALNI_MbQTOlDrMQhnuQ_MwBcJmeRsTAqtA
.theonion.com/	1970-01-20 23:52:24	Name: __gpi Value: UID=00000c6f04adeefc:T=1693848416:RT=1693848416:S=ALNI_MYLCH_CQbFh0wIPeWLmxjeApj0Hjg
.casalemedia.com/	1970-01-20 23:16:24	Name: CMID Value: ZPYTYzrARXtDANM4F7Od3wAA
.casalemedia.com/	1970-01-20 16:40:24	Name: CMPS Value: 3395
.casalemedia.com/	1970-01-20 16:40:24	Name: CMPRO Value: 3395
.pubmatic.com/	1970-01-20 14:32:14	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 16:40:24	Name: SyncRTB3 Value: 1694995200%3A220
.pubmatic.com/	1970-01-20 23:16:24	Name: KADUSERCOOKIE Value: DC5AEC89-FD7C-4566-851B-F48918C842F3
.doubleclick.net/	1970-01-20 23:52:24	Name: IDE Value: AHWqTUnpdiCzLhvdlmwXR8lwmYFd3_fxsb3FtKu6ZD2FqqTzrADDGK6RlJoed4UNbNs
.brand-display.com/	1970-01-21 00:06:48	Name: _knxq_ Value: d09e0eb7-2700-cd11-ef1cc022.1693848419.0.1693848419.1693848419
.pubmatic.com/	1970-01-20 14:32:14	Name: pi Value: 161204:3
.pubmatic.com/	1970-01-20 16:40:24	Name: chkChromeAb67Sec Value: 2

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://www.theonion.com/local?utm_source=TheOnion_Daily_RSS&utm_medium=email&utm_campaign=2023-09-04 Message: Access to XMLHttpRequest at 'https://as-sec.casalemedia.com/headerstats?s=365217&u=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&v=3' from origin 'https://www.theonion.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://as-sec.casalemedia.com/headerstats?s=365217&u=https%3A%2F%2Fwww.theonion.com%2Flocal%3Futm_source%3DTheOnion_Daily_RSS%26utm_medium%3Demail%26utm_campaign%3D2023-09-04&v=3 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4062671dbcaa9207b00213f6833c9d72.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ampcid.google.com
ampcid.google.de
api.btloader.com
api.rlcdn.com
as-sec.casalemedia.com
ats.rlcdn.com
bidder.criteo.com
btloader.com
c.amazon-adsystem.com
cdn-magiclinks.trackonomics.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.taboola.com
cm.g.doubleclick.net
direct.adsrvr.org
dmp.brand-display.com
dsum.casalemedia.com
eb2.3lift.com
f.kinja-static.com
fastlane.rubiconproject.com
fr-actions.trackonomics.net
geo.privacymanager.io
grid.bidswitch.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.kinja-img.com
ib.adnxs.com
id.sv.rkdms.com
id5-sync.com
idx.liadm.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
insight.adsrvr.org
js-sec.indexww.com
kinja-com.videoplayerhub.com
kinja.com
krk2.kargo.com
match.adsrvr.org
ml314.com
mug.criteo.com
no.kinja-img.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pm-widget.taboola.com
region1.google-analytics.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
tagan.adlightning.com
tlx.3lift.com
tpc.googlesyndication.com
trx-hub.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.theonion.com
x.kinja-static.com
as-sec.casalemedia.com
104.18.38.76
104.18.39.155
107.23.63.94
13.32.119.77
13.32.99.59
130.211.23.194
142.250.185.226
142.250.185.70
143.204.98.49
151.101.130.166
151.101.65.44
151.101.66.166
162.19.138.83
178.250.1.11
18.198.172.184
18.239.36.19
18.239.83.101
18.66.112.34
18.66.122.67
18.66.147.50
185.64.189.112
185.64.190.79
185.64.190.80
185.80.39.216
185.89.211.12
2001:4860:4802:32::36
2600:9000:2057:c200:18:1fcd:353:c61
2600:9000:236e:bc00:1d:8c8c:47c0:93a1
2602:803:c003:200::45
2606:4700:10::6816:3556
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:20::681a:932
2606:4700::6810:5914
2a00:1450:4001:800::2006
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:827::2004
2a00:1450:4001:829::2001
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c09::9d
2a02:2638:3::7
2a02:2638:d::2
2a02:2638:d::d
3.208.225.137
3.33.220.150
34.111.234.236
34.120.133.55
34.160.19.107
34.242.38.114
52.204.63.111
52.222.208.154
52.223.4.62
52.57.132.226
52.59.77.223
76.223.111.18
03373eb90a89218f4d4c5073bd27f4e574a372a8e3ef50169d264d0f7288d0f9
0516299c12ed2c63405fb5f70718c10ca91256d1c0b23a70c7cb259a05fc514d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
053f8a52c740bbf13f0384851ec9ea9d7d46df9247554269df3bb43faa45e1dc
067aa3b61bb22a73852b83b49e46e3c54923a017dd005502f370527a32582162
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0e354493c004c49b504a94827e8c8da1073f5c9f3a913732ecc01dcd613db97b
0efb5308b665e0b6f79564ca65cdbb3c5ebe5f7086a91d0d97bb1853a4292f70
10d1a838380aaec261e6b61732df157e9753ef8b2a145307efbee2ebb4a26f61
115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
12cec41b495be9d7330ff0b3c38089b3a71be9c0d193b008e90e7d1b0ce30fb4
12d795d53e04086036bd662081c08ad28f375df8675dd0e12985361f993d3123
16f4b4a76ab83417c6cd7a468a5d9c53ea56a6f09e63059023bb50028b997dfb
16f8d8d06a464946f2a3f6822d43c68a768c06a5491d9563c716762c15f8af25
1ad0b6437204bb3e82046624064910b016a3380cf41b8bdf31c1d60edf332959
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
2526556bd92f6b632bb706aa61537c52af57299446623e9babc618bb4bc5be7c
28fc2565ccd03e07db41fa3f113793bc8f2553fb41e1844cf005507491e42a54
32a4f630fcc22ae4d318d9d3a94ab47e165cb2026c21e58de13260c54d4eba74
3447c0a62ed5dba89ba10d32d371499653d50aa8eea11df90aa099c1a3efc802
36c41df39af019a613f545dcfc7bfa73060c8b6df0d71459e1f8928cfddc93a1
3733ad181d653f7803ff7a7a4e59426684b435791591a09a815230ed56e9dc4c
3ab71542224e581180e9f24246bc8cc18692b536d3035e4ad325b93cc79af169
3d23007267afb8dfbcc85f68ede524ab88a558c8c8ec190643cc266e048e5ed3
3eb90a4f182e38f747c3a9329ec0266814a0a78df23fdb56dc62f6ee512197ac
3f83433b213e300bec08d420ce56e939bf1d8f2f26b34913e8dc7d0087c6de81
40a82d38771733df5ccc264063772da9704208bfbe1a6a9d214ef92451a1c18c
4187d54bac080e9b6d8060da70abe3459746b9f19bd42f5acd9af3ed7a72de24
421e82331a97b801c088b0762a87384ce657b99c9070fb3bbd16bb30fe89712c
42705e567513031d25bbf7dfa493c62d7cd08b009e2908ed3fb07e4d5e45d393
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a1a23294f17e33273fe7fe72718bd81c835a36768e24d0eb4de09e60187b93
4d9ac822663d0d4cf50e91a47908374106fc3e7e47aa47d11c6167bbb63baa71
4dfcaa8abfacdced0265abd8663e5f9c52e3acf3c2bcf020ca7fbfc5887711d3
4e418ca723712dd77e0837394c7c4f8c9be9c8db41a622975d1d5b8b044bc04f
545a0f2f496fb49ea16cd1853d69ad8572954cc4a0232a0bc1ff565941b2c42c
557f64e58e17972bffbe930e0534973a28d06da7e906ee34414a57d6cc245ccd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc
5aec3208c45f71dcf99908719a1a0280691ba83c134f3638c01046f05632a110
5c47a818a096c5acf2e79cfba0286462760d36e0ba5a336d45c281d8a723b868
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e55a58d469ba300453d8fc26cb56656d8b41950020c67b8f7681308e239b45e
5e7e337e9b90ce3eae8fb267bbc624428a3d3e24b01f093176ad8790727e9e7a
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
5f4c1b139f663107e5e32bc05973d987875ac393c19bb2e0efe34621f190af21
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
6151afd17448b143a40e19bab756dabbcb6ca8a032642b937f8f14487d1e794e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622fb51880ca649d2bec903515a6ce45ceb17a8b146b38f1909f08cc96874c8f
62a73c7e2e1fdb6a1aa248ee414de734fc1c78fb36522e9c40a5bc2f1b84cca7
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
65b0120d3aedf513aee94f243cf360dcebff4fdb0db40290a25476dacc3608da
6786ca4177bacfecd4e4c7dfb3dd572485ff969c3f1b5387b59d1afe15395599
684b4de220f2acb97bbd72a8d06ad77da72693f611a47ada428892ba3018c9d8
693ed1430ba92b44569c0e67b539c59b50f9c71154ba68079954c4c04f6b40ba
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d87c7ff3d2452025a212149a7dac507a9c36b0dcc9f851a52a29d2d87e8ba2b
6f2b28c2992e49104ad8272f6e66b04abb1aa1d5d250eb0d7ad597a451149dfe
72bdedc9235a631a54746266f91519c028e486cd6383972881ea60be96eaa079
743af8ea8602e805f162375e8a72f062da9f6e55002be76122ecf8445f680024
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74ef785634aca91e662fa91304a7c2ea3c774bdcb21c47a4fa123f2ad7e05f52
758fa6eb2a74c0d914aecf819e64c0876671b0eb9f0b8dc13b3d3560176c8887
759cc925f137be357585ba1ae5b99415642585ea6ecc4c8645a63cc1d42517d2
7639776f865d92a739c44b753257c7261d403ae1305c5a5c1a3c47f521a0b98e
7a2b5246b599faa589118d14d9ec6dd98d3614c103f88f642fe0a49e3ed65a82
7bc2fa1c7926439dbaeb0c159fb6adc3e815fc24cabb1eeacb7c3a3444ad4b4e
7db302f15e521723cb38638ef858a80128a9ab6d480dbb69003b6c3ff0f2f4ab
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
80438ece7a3caadc84087a78ad2053385c3fd8e06aed6f889e33fb332278f607
814bdf26ab61d460b95d4deb56acf804d12552ffe53a08804976bfc4fe50b82c
8235b3bab2a1571b7135f627a136b15feb8f85b057b10e5874ed580801aab158
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858b04b7c370059a2bdb4d78839ae04ad617b015389fd26d5aa76e42cb1be422
86a7891b591c476199a403113d10730cead8fdc88025599020c93704dcbacdf4
88b01f2a93eef3a3cde4f6675dbf98162901d2bcd653ce2380b70cd05c9e60b9
895fe95f9252951d1b3acfba50546376d3224bb5a19fa40df3be17e6571e844b
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a9c90b2af89cb5d0c21fe54f79d301c1755ae1d70769cf60502f1bc96cd9606
8ab8dab0bfccdfd35b06c441f5cff15059c12e49217f565a4a437de2f2644ea0
8c4e01e13c9597f95dac3ad77f2bedc29f4862638f22d5e52f2bc0ad88a6aefc
8cf330675d0dce20631db4b7392131fef3583be25ec71256f0f562179878906e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbc515d574a8fce7b97e9899f28432419bf25e7678a5a804553fe098fb9e870
913abea338a1058786a6f15932be5c1534f08bd40717d5a071503da6a78ff683
92d4a044e31a158b47da3479d8f82ed1cc338aa223e2cc87b106472b4c4248e6
9653a847897107ec0dea87337c6ab54924c44cab284f729784f652e90eb2964b
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a4a675c58ebdb96761ce6492beb887ce9cc56ad902827c7dca796681647add7
9b09f315a3f6dd961b1a334448e8c7af694553c1b2c655d00d19d09586fb6295
9bfb9fa2ce6c94ad17bd7c0e42a73a99307afe6fb8441f8be2d7274d8daad487
9c596cd2bad0ad9c8a38a6324fad0f24fca7ff62667d3658b7e8398a26a84a5f
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a0a45c67f5080285c5edc54fc6879bf13042799d8053294dfceaf7028544fcca
a26bfe73edd9788912e593ba27c7987b49f35e11c16d6c31fc9a1ae5f7c0f118
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a4ea039371cdb104162475cd7123b654afc6151b6a397364cc956e6bcf4deb9e
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a954b2802f5c6ee2fb9aa302a4598d6c8da18ceca94c7e1a53e7620dc9b84dee
aa4a10fb18a7cf972ee266856700400200e09d0557441a4aed5adf6f1d4a94a0
ad5ec3390d6dd92846754ef3c0439a658bfcce3de61fe16b3c2cc574211fe772
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0312bb2a1c664a1e47f77dd4d22bd7065f28082337c029a7891db83787f23cf
b0719ecb2765c96a0ed53d5133f54ae746a78478cc2caf48006c7420ed63b196
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34781cea14bc4049c068db0c857b50f4f1d2cd0069ce99b98b649944d1d51b6
b7b3f8231add9120f5c34eb41672bbf8c10b4e5d5f5c82f9ffed5d070e544917
b8f85b88a61dfe85dd2dfb0dc983ae79ac1bdc72dca26d2222e450d2e4ab1b75
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c59e44ba7b1ccc11fa56e99434c28a63a9916865500f9a415b6bf04f6fa372a9
c5c24f7ca1c946fa4dfd44407409c8e11ec6e41f0e1c7c45bf8381b42afb31f1
c5e1aa2464402f34c43a8f2b133e717ab7eb51fdfe5e8f5691cd9f313e2eb6f6
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c748686f19ef7fe946240446c69a59c9748fe04128f56d1b911554bce718daf3
c75987ca39947e80228f11088132c94393bf8f8cf9628d86dd937a61b0489114
c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948
c86abbd94e20e5870e532f1a9ff536004023f51612ba013e089020b7028b9989
c8a533caec5589dc47cf3cdfb96df6abc0c1c74a49b11895e205f4d621787fc1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd0279c0d79900961472bea4e527ecee9af9ead6d2818eb38a9aa2c2c5cbbece
cd494d77d3872713fbafb11c2251c64bd2b68cb83101623bccee31d1ec787539
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf63e82bd1a86cf85c62989cc15541677669740180c62e7855e00a967f18ba06
d04c1c204354bb7239c7c3241b97ac2ffb1b967c2d5fe5ca633633fd25c50738
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d277ef3b1358bda3675dc6aca9a07108f3703fc3051504b0712aa2fa72f97808
d3e6ff2649ac9a0611e35d957b3a5b693d0efb3a53c2ebe79e990f178a7e5768
d569b378a07eae60c8dc37b16b43560bf18fc959e8716f654b85b2f0f1f8166f
d7658da947c803fe2f131e1eb256c488743f1e8896254b0d467d830deb8b8c60
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585
d9f0196a37642b04ecaf289a2772042f8d51629c622b87a35b8876315c89f8ef
d9fe79da6ea809e4b3441aad4803831ca669e7d9f6b6a95f483e7cca5cbb70dc
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0aef2dc58440d2ff6cc7e8f9d62206853dd10a5847f88b835450924db62236c
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50b4127ad21b7b0a7980dddbf7f92f3cbc5b68210b5444196b8e0632426dd84
e8171b2fd69a68706ff771e33d26ff77b2f49801b4a3aa7bcdebcc00c42584f2
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
e883fb97a3770315c1644cbf1e40a5dfbf1372a5fa97162cb8054c3ec20824ab
e9697b427ff68f57dffe803235d58c59686e7b4fb2435967ef024d7c4a367182
ec1f4a4013a7f72fa41f340a47b1a2d9ec3ae976460d1121c0d7c951aba9b0b0
ec2b0bccae5f8e928e051ce78668f26b52d540d6868c51d44699fde13a5e5cef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f135af61bb5f9d85d1c36631a373301a4e480780782b557608877cd2fd5c554c
f170d05412c9e342e6afffdcb0a668057d7ad0e82802f3a30d2bce110e00d61a
f271b51970229612bf484721c518b5f60aa3e18ac705957bf4caf9d508059711
f39914fc25519caa344f949aa026d297a84fb2af1d96f9cd9892cb97820b846b
f872215e936012b1b2ca74c0382d5acaa21e12a2712e5f3d9f96671cac31919b
fb64f7c09c34af08018b2463bada10762b88032bfc21a9669a80f2c449acd179
fde60796e882bfb886a3e3d00182137b83c9c3c208017a431e145671254068f0

www.theonion.com Open in urlscan Pro 151.101.66.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

211 Requests

97 %HTTPS

40 %IPv6

44 Domains

69 Subdomains

59 IPs

9 Countries

2766 kBTransfer

8944 kBSize

42 Cookies

15 Outgoing links

Redirected requests

211 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theonion.com Open in urlscan Pro
151.101.66.166 Public Scan

Screenshot
Live screenshot

Full Image

211
Requests

97 %
HTTPS

40 %
IPv6

44
Domains

69
Subdomains

59
IPs

9
Countries

2766 kB
Transfer

8944 kB
Size

42
Cookies

211 HTTP transactions
1 data transactions