www.tarheeltimes.com Open in urlscan Pro
173.248.174.106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tarheeltimes.com/
Effective URL:
https://www.tarheeltimes.com/
Submission: On October 22 via api (October 22nd 2023, 2:17:37 am UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 12 domains to perform 28 HTTP transactions. The main IP is 173.248.174.106, located in United States and belongs to WEHOSTWEBSITES-COM, US. The main domain is www.tarheeltimes.com. The Cisco Umbrella rank of the primary domain is 984184.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on July 2nd 2023. Valid for: a year.

This is the only time www.tarheeltimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	173.248.174.106 173.248.174.106	30475 (WEHOSTWEB...) (WEHOSTWEBSITES-COM)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
7 7	74.205.81.135 74.205.81.135	33070 (RMH-14) (RMH-14)
7	108.138.24.11 108.138.24.11	16509 (AMAZON-02) (AMAZON-02)
1	95.101.111.144 95.101.111.144	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
28	14

2 173.248.174.106 (United States) 1 redirects

ASN30475 (WEHOSTWEBSITES-COM, US)

tarheeltimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tarheeltimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.205.81.135 (United States) 7 redirects

ASN33070 (RMH-14, US)

www.goheels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 108.138.24.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-11.fra56.r.cloudfront.net

dxbhsrqyrr690.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.111.144 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-144.deploy.static.akamaitechnologies.com

feeds.frgimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudfront.net dxbhsrqyrr690.cloudfront.net	112 KB
7	goheels.com 7 redirects www.goheels.com	3 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474 www.google.com — Cisco Umbrella Rank: 2	103 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	5 KB
2	gstatic.com fonts.gstatic.com	173 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6147	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108	184 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	139 KB
2	tarheeltimes.com 1 redirects tarheeltimes.com — Cisco Umbrella Rank: 982506 www.tarheeltimes.com — Cisco Umbrella Rank: 984184	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	4 KB
1	frgimages.com feeds.frgimages.com — Cisco Umbrella Rank: 69417	9 KB
28	12

	Domain	Requested by
7	dxbhsrqyrr690.cloudfront.net	www.tarheeltimes.com
7	www.goheels.com	7 redirects
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
2	fonts.gstatic.com	www.tarheeltimes.com fonts.googleapis.com
2	www.google.de	www.tarheeltimes.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pagead2.googlesyndication.com	www.tarheeltimes.com pagead2.googlesyndication.com
2	www.googletagmanager.com	www.tarheeltimes.com www.googletagmanager.com
1	fonts.googleapis.com
1	www.google.com	www.tarheeltimes.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	feeds.frgimages.com	www.tarheeltimes.com
1	www.tarheeltimes.com
1	tarheeltimes.com	1 redirects
28	16

This site contains links to these domains. Also see Links.

Domain
fanatics.ncw6.net
vivid-seats.pxf.io
tarheeltribune.com
goheels.com
listen.streamon.fm
chapelboro.com
www.on3.com
dailyprogress.com
www.sportsbusinessjournal.com
northcarolina.rivals.com
247sports.com
www.espn.com
fanatics.93n6tx.net
en.wikipedia.org

Subject Issuer	Validity	Valid
www.tarheeltimes.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-07-02` - `2024-07-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
feeds.frgimages.com R3	`2023-09-08` - `2023-12-07`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.tarheeltimes.com/
Frame ID: 3E10713A552D31C2FE557E4A55BA5EA4
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup.html
Frame ID: 5DC2632A78AAC31B6E1467262EE3AE14
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tar Heel Times - UNC Basketball, Football and Recruiting News

Page URL History Show full URLs

http://tarheeltimes.com/ HTTP 301
https://www.tarheeltimes.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

28
Requests

75 %
HTTPS

73 %
IPv6

12
Domains

16
Subdomains

14
IPs

3
Countries

766 kB
Transfer

1856 kB
Size

4
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://fanatics.ncw6.net/yMyNG
Title: Shop

Search URL Search Domain Scan URL

URL: https://vivid-seats.pxf.io/oeLBVg
Title: Tickets

Search URL Search Domain Scan URL

URL: https://tarheeltribune.com/2023/10/21/no-10-unc-pays-for-flat-effort-as-virginia-stuns-the-heels/
Title: Tar Heel Tribune

Search URL Search Domain Scan URL

URL: https://tarheeltribune.com/2023/10/21/uncs-closed-scrimmage-at-no-10-florida-atlantic-reportedly-went-well/
Title: Tar Heel Tribune

Search URL Search Domain Scan URL

URL: https://goheels.com/news/2023/10/20/football-the-souths-oldest-rivalry-renewed-on-saturday-versus-virginia.aspx
Title: GoHeels.com

Search URL Search Domain Scan URL

URL: https://listen.streamon.fm/wchl
Title: Chapelboro.com

Search URL Search Domain Scan URL

URL: https://chapelboro.com/sports/unc-football-vs-virginia-2023-how-to-watch-cord-cutting-options-and-kickoff-time
Title: Chapelboro.com

Search URL Search Domain Scan URL

URL: https://www.on3.com/college/north-carolina-tar-heels/news/mack-brown-explains-how-he-keeps-bench-from-becoming-chaotic/
Title: On3.com

Search URL Search Domain Scan URL

URL: https://dailyprogress.com/sports/college/cavalierinsider/football/virginia-defense-will-have-to-be-close-to-perfect-to-stop-north-carolinas-offense/article_49ee7b7e-6e83-11ee-8242-23f814f17925.html
Title: Charlottesville Daily Progress

Search URL Search Domain Scan URL

URL: https://www.sportsbusinessjournal.com/Articles/2023/10/23/college-football.aspx
Title: Sports Business Journal

Search URL Search Domain Scan URL

URL: https://goheels.com/news/2023/10/21/mens-golf-ford-leads-usa-to-world-amateur-team-title.aspx
Title: GoHeels.com

Search URL Search Domain Scan URL

URL: https://tarheeltribune.com/2023/10/17/what-is-the-cw-and-how-can-you-watch-the-unc-virginia-football-game/
Title: Tar Heel Tribune

Search URL Search Domain Scan URL

URL: https://goheels.com/news/2023/10/19/general-tar-heels-celebrate-100-years-of-the-patterson-medal.aspx
Title: GoHeels.com

Search URL Search Domain Scan URL

URL: https://northcarolina.rivals.com/news/patient-atkinson-sees-the-fruits-of-his-labor-coming-to-life
Title: Tar Heel Illustrated

Search URL Search Domain Scan URL

URL: https://247sports.com/college/north-carolina/article/unc-football-uva-preview-virginia-mack-brown-drake-maye-omarion-hampton-kaimon-rucker-218467348/amp/
Title: Inside Carolina

Search URL Search Domain Scan URL

URL: https://tarheeltribune.com/2023/10/21/tar-heels-in-nba-white-locks-down-bulls-starting-spot-sharpe-looks-sharp-bradley-pinson-may-be-teammates/
Title: Tar Heel Tribune

Search URL Search Domain Scan URL

URL: https://vivid-seats.pxf.io/Kj4dgA
Title: Tickets

Search URL Search Domain Scan URL

URL: https://www.espn.com/watch/player/_/id/2e9a28b2-c55e-448c-9214-7a96c01bfda9?om-navmethod=espn:globalsearch:results
Title: Streaming

Search URL Search Domain Scan URL

URL: https://www.espn.com/watch/player/_/id/2ef4c594-d7d9-4730-aa6a-015b9c8c644c
Title: Streaming

Search URL Search Domain Scan URL

URL: https://www.espn.com/watch/player/_/id/3c266bf5-38b0-48aa-a6ac-ec49e304240c
Title: Streaming

Search URL Search Domain Scan URL

URL: https://www.espn.com/watch/player/_/id/a9c33e13-4f36-4e24-b43d-7a8d3dcf62f6
Title: Streaming

Search URL Search Domain Scan URL

URL: https://www.espn.com/watch/player/_/id/6c8edd09-7169-4ea6-b24f-a9e651555dc4?om-navmethod=espn:globalsearch:results
Title: Streaming

Search URL Search Domain Scan URL

URL: https://fanatics.93n6tx.net/c/280741/669352/9663?prodsku=4170578&u=https%3A%2F%2Fwww.fanatics.com%2FNorth_Carolina_Tar_Heels_Nike_Unisex_Zoom_Pegasus_38_Running_Shoe_-_Navy%2Fp-4170578&intsrc=PUI2_5042

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Lou_Holtz
Title: Lou Holtz

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tarheeltimes.com/ HTTP 301
https://www.tarheeltimes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://www.goheels.com/images/logos/site/site.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/site/site.png

Request Chain 3

https://www.goheels.com/images/logos/nav_logo.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/nav_logo.png

Request Chain 4

https://www.goheels.com/images/logos/Syracuse_logo.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Syracuse_logo.png

Request Chain 5

https://www.goheels.com/images/logos/GT_WBG_200x200.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/GT_WBG_200x200.png

Request Chain 6

https://www.goheels.com/images/logos/Louisville.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Louisville.png

Request Chain 7

https://www.goheels.com/images/logos/Duke.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Duke.png

Request Chain 8

https://www.goheels.com/images/logos/Boston-College.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Boston-College.png

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tarheeltimes.com/
Redirect Chain

http://tarheeltimes.com/
https://www.tarheeltimes.com/

41 KB
14 KB

691ms
160ms

Document
text/html

173.248.174.106
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tarheeltimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.248.174.106 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS
Software: /
Resource Hash: d8960fcdbaafd0ef4eb284e92444033cc4abb45caa1b676e6302d9660a196ba1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=42
content-encoding: gzip
content-length: 14683
content-type: text/html; charset=utf-8
date: Sun, 22 Oct 2023 02:17:31 GMT
expires: Sun, 22 Oct 2023 02:18:14 GMT
last-modified: Sun, 22 Oct 2023 02:15:14 GMT
vary: *

Redirect headers

Content-Length: 152
Content-Type: text/html; charset=UTF-8
Date: Sun, 22 Oct 2023 02:17:30 GMT
Location: https://www.tarheeltimes.com/
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 143ms
55ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2459023-1

Requested by

Host: www.tarheeltimes.com
URL: https://www.tarheeltimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

011b09c1000953a3f30511eec0219758c5e718f323e4d1a40500cacd59725daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 02:17:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51648
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 22 Oct 2023 02:17:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 162ms
60ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7678888810684373

Requested by

Host: www.tarheeltimes.com
URL: https://www.tarheeltimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3edb649deebc9d06f519ba7114a603f49109b57a2ffe10be5c73606f2549bb90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tarheeltimes.com/
Origin: https://www.tarheeltimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 02:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51385
x-xss-protection: 0
server: cafe
etag: 9568943267632019804
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 02:17:31 GMT

GET
H2

200

site.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/site/
Redirect Chain

https://www.goheels.com/images/logos/site/site.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/site/site.png

36 KB
37 KB

151ms
47ms

Image
image/png

108.138.24.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/site/site.png
Requested by: Host: www.tarheeltimes.com
URL: https://www.tarheeltimes.com/
Protocol: H2
Server: 108.138.24.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29280b0db3a9accf7f602ce957de237910595651642c4c5149c17bac65a90789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 08:32:52 GMT
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
last-modified: Mon, 23 Jan 2023 15:52:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 63881
x-amz-server-side-encryption: AES256
etag: "c60402ba029d2b96415683ad0bf76aa5"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 37020
x-amz-cf-id: YkBD-iaqE7pbRO6IQOEwBcOy7q38Vw5ODDwFANmDFIhWLEu8fqnyRA==

Redirect headers

Strict-Transport-Security: max-age=0;
Date: Sun, 22 Oct 2023 02:17:32 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Content-Type: text/html; charset=utf-8
Location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/site/site.png
Content-Length: 224
X-XSS-Protection: 1; mode=block

GET
H2

200

nav_logo.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://www.goheels.com/images/logos/nav_logo.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/nav_logo.png

8 KB
8 KB

209ms
94ms

Image
image/png

108.138.24.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/nav_logo.png
Requested by: Host: www.tarheeltimes.com
URL: https://www.tarheeltimes.com/
Protocol: H2
Server: 108.138.24.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3ff127238c7a9de76d3ce438b779ed76ecbafad7687d37e0d326e441924208c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 02:17:32 GMT
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
last-modified: Wed, 27 Sep 2023 15:56:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 9396
x-amz-server-side-encryption: AES256
etag: "b3cdae373fcb90cad092757dad60aa1c"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 7941
x-amz-cf-id: Fobo2S-dCs-Wb7hxSEUZAfug9fykCZGNyLDyvPzJGQ4PyNUD38xeyg==

Redirect headers

Strict-Transport-Security: max-age=0;
Date: Sun, 22 Oct 2023 02:17:32 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Content-Type: text/html; charset=utf-8
Location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/nav_logo.png
Content-Length: 223
X-XSS-Protection: 1; mode=block

GET
H2

200

Syracuse_logo.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://www.goheels.com/images/logos/Syracuse_logo.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Syracuse_logo.png

5 KB
5 KB

213ms
82ms

Image
image/png

108.138.24.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Syracuse_logo.png
Requested by: Host: www.tarheeltimes.com
URL: https://www.tarheeltimes.com/
Protocol: H2
Server: 108.138.24.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e032c04cec9369dded2ed1a1006e25963393d0003b8108e37854926c48992e5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 08:14:56 GMT
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
last-modified: Wed, 27 Sep 2023 15:56:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 64957
x-amz-server-side-encryption: AES256
etag: "9cd4d1f9dcdc9430305b6106c18abfac"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 5248
x-amz-cf-id: RzDG4dBatpLTiWywCXHHRKHlr-VAyEV7nCoAkYE6mI89mnXQoMW6-g==

Redirect headers

Strict-Transport-Security: max-age=0;
Date: Sun, 22 Oct 2023 02:17:32 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Content-Type: text/html; charset=utf-8
Location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Syracuse_logo.png
Content-Length: 228
X-XSS-Protection: 1; mode=block

GET
H2

200

GT_WBG_200x200.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://www.goheels.com/images/logos/GT_WBG_200x200.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/GT_WBG_200x200.png

8 KB
8 KB

198ms
83ms

Image
image/png

108.138.24.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/GT_WBG_200x200.png
Requested by: Host: www.tarheeltimes.com
URL: https://www.tarheeltimes.com/
Protocol: H2
Server: 108.138.24.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5901878414ce6c2b724184ad7dd8db18e11d8f1b84686a48b691bd7d6314f1f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 20:34:32 GMT
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
last-modified: Wed, 27 Sep 2023 15:56:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 20581
etag: "fe5c6875ff64577ee0ab929584ce3433"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 8212
x-amz-cf-id: qFdBly0M5UwBvVFMmhxDJmQgXI66wJoqHJ017yghIqKIVPJn9_KHkQ==

Redirect headers

Strict-Transport-Security: max-age=0;
Date: Sun, 22 Oct 2023 02:17:32 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Content-Type: text/html; charset=utf-8
Location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/GT_WBG_200x200.png
Content-Length: 229
X-XSS-Protection: 1; mode=block

GET
H2

200

Louisville.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://www.goheels.com/images/logos/Louisville.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Louisville.png

15 KB
15 KB

196ms
89ms

Image
image/png

108.138.24.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Louisville.png
Requested by: Host: www.tarheeltimes.com
URL: https://www.tarheeltimes.com/
Protocol: H2
Server: 108.138.24.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a4aa63abb59bdec7bc4ddfdba7d97b1ec9ef88fe5ac894e8871927a118e55ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 20:34:32 GMT
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
last-modified: Wed, 27 Sep 2023 15:56:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 20581
x-amz-server-side-encryption: AES256
etag: "51797a94f5c7a7b581d6bbc9ccd12381"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15361
x-amz-cf-id: QiQ8sDCH_BTlMO-P8h7-Lb7tXwThGzGx30N7XxDDB8onFTknS6nRRw==

Redirect headers

Strict-Transport-Security: max-age=0;
Date: Sun, 22 Oct 2023 02:17:32 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Content-Type: text/html; charset=utf-8
Location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Louisville.png
Content-Length: 225
X-XSS-Protection: 1; mode=block

GET
H2

200

Duke.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://www.goheels.com/images/logos/Duke.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Duke.png

3 KB
3 KB

212ms
81ms

Image
image/png

108.138.24.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Duke.png
Requested by: Host: www.tarheeltimes.com
URL: https://www.tarheeltimes.com/
Protocol: H2
Server: 108.138.24.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2241e094e5b94af857260c5e75866c0fe49dc78c63e8f18ffd1fbd61c061b6f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 14:59:26 GMT
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
last-modified: Wed, 27 Sep 2023 15:56:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 40687
x-amz-server-side-encryption: AES256
etag: "ee943c656fbc83d2c150a3e47282e603"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2973
x-amz-cf-id: exei546Oy-n9VfHL8TtsrJkappB1IkuSQKmnyDdGZfIx8poc90TzQA==

Redirect headers

Strict-Transport-Security: max-age=0;
Date: Sun, 22 Oct 2023 02:17:32 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Content-Type: text/html; charset=utf-8
Location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Duke.png
Content-Length: 219
X-XSS-Protection: 1; mode=block

GET
H2

200

Boston-College.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://www.goheels.com/images/logos/Boston-College.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Boston-College.png

34 KB
35 KB

44ms
44ms

Image
image/png

108.138.24.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Boston-College.png
Requested by: Host: www.tarheeltimes.com
URL: https://www.tarheeltimes.com/
Protocol: H2
Server: 108.138.24.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e7198036fd4d8ad94f64c7fefd2d3178b00c2bd93b165640bfe271a1a79e184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 21:47:37 GMT
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
last-modified: Wed, 27 Sep 2023 15:56:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 16195
etag: "374eaca8fe0367d9b4e588ad01a4ce89"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 35195
x-amz-cf-id: Z-T_gVj6JcdN8BcG6WEzt3QenSzFKJuL3A2eY6fBSDwaytn3YmVTFQ==

Redirect headers

Strict-Transport-Security: max-age=0;
Date: Sun, 22 Oct 2023 02:17:32 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Content-Type: text/html; charset=utf-8
Location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Boston-College.png
Content-Length: 229
X-XSS-Protection: 1; mode=block

GET
H2 200 thumb.aspx
feeds.frgimages.com/FFImage/ 9 KB
9 KB 883ms
640ms Image
image/avif 95.101.111.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://feeds.frgimages.com/FFImage/thumb.aspx?i=/productImages/_4170000/ff_4170578-9aab06e56e4f6d9d557a_full.jpg&w=400
Requested by: Host: www.tarheeltimes.com
URL: https://www.tarheeltimes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-144.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 5d64f22387c9e50803cb7fee1d0f390b79360f63e4bda58be944fa041efd1481

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 02:17:32 GMT
last-modified: Fri, 22 Sep 2023 08:18:10 GMT
server: Akamai Image Manager
etag: "3e9ebd88e576e085e134c76370495287"
content-type: image/avif
cache-control: private, no-transform, max-age=31536000
timing-allow-origin: *
content-length: 9248
frg-ct: pid_4170578
expires: Mon, 21 Oct 2024 02:17:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
88 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2QBS9897W5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2459023-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8a21e9c49e058e5fc9a39efbf759750e15a7b6c0788734d80f13dd49ac45514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 02:17:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90065
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 22 Oct 2023 02:17:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2459023-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 22 Oct 2023 01:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1559
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 22 Oct 2023 03:51:33 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/ 394 KB
134 KB 159ms
79ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7678888810684373&plah=www.tarheeltimes.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7678888810684373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ba5214dc0d2c24f2caf10b75467d469ad243b2dcc66dbee18322e1e5d6950cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 02:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136860
x-xss-protection: 0
server: cafe
etag: 5704317048586356387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 02:17:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/ Frame 5DC2 10 KB
5 KB 132ms
45ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7678888810684373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tarheeltimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 18:11:57 GMT
etag: 4569948109300706969
expires: Sat, 04 Nov 2023 18:11:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 136ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2QBS9897W5&gtm=45je3ai0&_p=2099423122&_gaz=1&cid=787471571.1697941052&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1697941052&sct=1&seg=0&dl=https%3A%2F%2Fwww.tarheeltimes.com%2F&dt=Tar%20Heel%20Times%20-%20UNC%20Basketball%2C%20Football%20and%20Recruiting%20News&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2QBS9897W5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 02:17:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tarheeltimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 171ms
55ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2QBS9897W5&cid=787471571.1697941052&gtm=45je3ai0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2QBS9897W5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 02:17:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tarheeltimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 140ms
50ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2QBS9897W5&cid=787471571.1697941052&gtm=45je3ai0&aip=1&z=1401588736

Requested by

Host: www.tarheeltimes.com
URL: https://www.tarheeltimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 02:17:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 48ms
48ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2099423122&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tarheeltimes.com%2F&ul=en-us&de=UTF-8&dt=Tar%20Heel%20Times%20-%20UNC%20Basketball%2C%20Football%20and%20Recruiting%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1759336035&gjid=178862289&cid=787471571.1697941052&tid=UA-2459023-1&_gid=46795204.1697941052&_r=1&gtm=457e3ai0&jsscut=1&z=276385910

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tarheeltimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 02:17:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tarheeltimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 100ms
54ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2459023-1&cid=787471571.1697941052&jid=1759336035&gjid=178862289&_gid=46795204.1697941052&_u=YADAAUAAAAAAACAAI~&z=1127617346

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tarheeltimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 22 Oct 2023 02:17:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tarheeltimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-7678888810684373 Show response
fundingchoicesmessages.google.com/i/ 158 KB
52 KB 164ms
69ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7678888810684373?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7678888810684373&plah=www.tarheeltimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c580fda06a623a9117c2b0014f973c0899ff0f889f27c808087d3a69eedb2b76

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-r5nJOXjk3s8lc75vaIY4-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 02:17:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-r5nJOXjk3s8lc75vaIY4-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 152ms
52ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2459023-1&cid=787471571.1697941052&jid=1759336035&_u=YADAAUAAAAAAACAAI~&z=1544427562

Requested by

Host: www.tarheeltimes.com
URL: https://www.tarheeltimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 02:17:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 52ms
51ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2459023-1&cid=787471571.1697941052&jid=1759336035&_u=YADAAUAAAAAAACAAI~&z=1544427562

Requested by

Host: www.tarheeltimes.com
URL: https://www.tarheeltimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 02:17:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxU0O1OwOAjg8ZuB99UioPm53ufNHEyyXXiQQehRNln_cxjfCg4wK9O6pXeV39ry7deZ91QhNZ-LKPd9n5Ji9Bw0JmaDC2xycLUDYDhjcB_nxa5Vsi-aahmMLg0EcG1piy3WD2ltKQ== Show response
fundingchoicesmessages.google.com/f/ 303 KB
50 KB 120ms
118ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU0O1OwOAjg8ZuB99UioPm53ufNHEyyXXiQQehRNln_cxjfCg4wK9O6pXeV39ry7deZ91QhNZ-LKPd9n5Ji9Bw0JmaDC2xycLUDYDhjcB_nxa5Vsi-aahmMLg0EcG1piy3WD2ltKQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk3OTQxMDUyLDY1NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudGFyaGVlbHRpbWVzLmNvbS8iLG51bGwsW1s4LCIxajBlc051MFJXQSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMySwWY9nT6oDPgqelYCNhzqEE1t-A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b1deaf1a292f7bf28b6b6afdb3260ab6019e0c4541310919c921dfd482548f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GBQ68btO6QpRmu5b6NAJ2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 02:17:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-GBQ68btO6QpRmu5b6NAJ2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 69 KB
4 KB 147ms
56ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1j0esNu0RWA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwnTF3BdmiQfW8xryYMvMG2mG_AGA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

da4485322b09758f7177cc201d69a4743b839c8c831005675b213501c26535fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tarheeltimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 22 Oct 2023 02:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 22 Oct 2023 02:17:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 Oct 2023 02:17:32 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 130ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.tarheeltimes.com
URL: https://www.tarheeltimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tarheeltimes.com/
Origin: https://www.tarheeltimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 07:35:16 GMT
x-content-type-options: nosniff
age: 153736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 07:35:16 GMT

POST
H3 204 AGSKWxWCTngEEwpFy4TZS-80hO8-Sv65Sg1XjtRkTt9pwdxW1DNapX56fYWb3mBXIOGKjNnT3Si3jle3YNS5KamHM0S7jFJt4LUv_b1M8lCOcKhWIKq1d6zlcmaz5Td2E6Ibdt3UzKMqcQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 134ms
53ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWCTngEEwpFy4TZS-80hO8-Sv65Sg1XjtRkTt9pwdxW1DNapX56fYWb3mBXIOGKjNnT3Si3jle3YNS5KamHM0S7jFJt4LUv_b1M8lCOcKhWIKq1d6zlcmaz5Td2E6Ibdt3UzKMqcQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5M7VCfcTZDOejL00GfxYlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tarheeltimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 Oct 2023 02:17:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5M7VCfcTZDOejL00GfxYlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.tarheeltimes.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 103ms
102ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tarheeltimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 201674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:16:19 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tarheeltimes.com/	1970-01-21 01:15:01	Name: _ga_2QBS9897W5 Value: GS1.1.1697941052.1.0.1697941052.60.0.0
.tarheeltimes.com/	1970-01-21 01:15:01	Name: _ga Value: GA1.2.787471571.1697941052
.tarheeltimes.com/	1970-01-20 15:40:27	Name: _gid Value: GA1.2.46795204.1697941052
.tarheeltimes.com/	1970-01-20 15:39:01	Name: _gat_gtag_UA_2459023_1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dxbhsrqyrr690.cloudfront.net
feeds.frgimages.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
region1.analytics.google.com
stats.g.doubleclick.net
tarheeltimes.com
www.goheels.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.tarheeltimes.com
108.138.24.11
173.248.174.106
2001:4860:4802:34::36
2a00:1450:4001:801::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2003
2a00:1450:400c:c00::9b
74.205.81.135
95.101.111.144
011b09c1000953a3f30511eec0219758c5e718f323e4d1a40500cacd59725daa
2241e094e5b94af857260c5e75866c0fe49dc78c63e8f18ffd1fbd61c061b6f6
29280b0db3a9accf7f602ce957de237910595651642c4c5149c17bac65a90789
3b1deaf1a292f7bf28b6b6afdb3260ab6019e0c4541310919c921dfd482548f3
3edb649deebc9d06f519ba7114a603f49109b57a2ffe10be5c73606f2549bb90
5901878414ce6c2b724184ad7dd8db18e11d8f1b84686a48b691bd7d6314f1f8
5d64f22387c9e50803cb7fee1d0f390b79360f63e4bda58be944fa041efd1481
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ba5214dc0d2c24f2caf10b75467d469ad243b2dcc66dbee18322e1e5d6950cb
8e7198036fd4d8ad94f64c7fefd2d3178b00c2bd93b165640bfe271a1a79e184
9a4aa63abb59bdec7bc4ddfdba7d97b1ec9ef88fe5ac894e8871927a118e55ac
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b3ff127238c7a9de76d3ce438b779ed76ecbafad7687d37e0d326e441924208c
c580fda06a623a9117c2b0014f973c0899ff0f889f27c808087d3a69eedb2b76
d8960fcdbaafd0ef4eb284e92444033cc4abb45caa1b676e6302d9660a196ba1
d8a21e9c49e058e5fc9a39efbf759750e15a7b6c0788734d80f13dd49ac45514
da4485322b09758f7177cc201d69a4743b839c8c831005675b213501c26535fa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e032c04cec9369dded2ed1a1006e25963393d0003b8108e37854926c48992e5d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.tarheeltimes.com Open in urlscan Pro 173.248.174.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

75 %HTTPS

73 %IPv6

12 Domains

16 Subdomains

14 IPs

3 Countries

766 kBTransfer

1856 kBSize

4 Cookies

24 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tarheeltimes.com Open in urlscan Pro
173.248.174.106 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

75 %
HTTPS

73 %
IPv6

12
Domains

16
Subdomains

14
IPs

3
Countries

766 kB
Transfer

1856 kB
Size

4
Cookies

28 HTTP transactions
0 data transactions