urlscan.io logo urlscan.io
SecurityTrails logo

www.newsobserver.com Open in urlscan Pro
92.123.2.176  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Submission: On October 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 67 IPs in 9 countries across 52 domains to perform 189 HTTP transactions. The main IP is 92.123.2.176, located in Vienna, Austria and belongs to AKAMAI-AS, US. The main domain is www.newsobserver.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 23rd 2021. Valid for: 7 months.
This is the only time www.newsobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
39 92.123.2.176 16625 (AKAMAI-AS)
7 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.194.242.201 14618 (AMAZON-AES)
4 2600:9000:218... 16509 (AMAZON-02)
2 52.18.150.20 16509 (AMAZON-02)
4 142.250.184.194 15169 (GOOGLE)
4 63.32.159.255 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
3 205.185.216.42 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 13.226.145.69 16509 (AMAZON-02)
1 54.194.226.253 16509 (AMAZON-02)
1 3 13.226.145.81 16509 (AMAZON-02)
1 2 107.178.250.234 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.108.145.83 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 199.232.194.217 54113 (FASTLY)
10 104.19.136.78 13335 (CLOUDFLAR...)
1 13.226.145.113 16509 (AMAZON-02)
1 2600:9000:218... 16509 (AMAZON-02)
1 2600:9000:218... 16509 (AMAZON-02)
2 151.101.1.194 54113 (FASTLY)
1 92.123.12.11 16625 (AKAMAI-AS)
1 3 151.101.2.137 54113 (FASTLY)
1 13.226.147.71 16509 (AMAZON-02)
1 5 13.226.145.6 16509 (AMAZON-02)
1 52.18.85.49 16509 (AMAZON-02)
2 13.36.218.177 16509 (AMAZON-02)
1 1 34.248.191.66 16509 (AMAZON-02)
1 3.221.31.176 14618 (AMAZON-AES)
1 13.226.145.37 16509 (AMAZON-02)
9 10 151.101.194.49 54113 (FASTLY)
1 13.226.145.55 16509 (AMAZON-02)
2 3 142.250.185.98 15169 (GOOGLE)
1 3.236.169.116 14618 (AMAZON-AES)
5 75.101.244.20 14618 (AMAZON-AES)
1 35.201.100.179 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 69.173.144.138 26667 (RUBICONPR...)
5 151.101.194.27 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.144.144.142 14618 (AMAZON-AES)
4 52.29.99.170 16509 (AMAZON-02)
1 2 104.108.145.8 16625 (AKAMAI-AS)
1 3.141.186.246 16509 (AMAZON-02)
1 2 37.252.172.249 29990 (ASN-APPNEX)
1 2 34.98.64.218 15169 (GOOGLE)
1 13.226.145.114 16509 (AMAZON-02)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.226.146.56 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.19.133.78 13335 (CLOUDFLAR...)
1 2a0c:5c81:513... 55081 (24SHELLS)
1 1 23.54.109.149 16625 (AKAMAI-AS)
2 88.221.7.65 16625 (AKAMAI-AS)
2 2 76.223.111.131 16509 (AMAZON-02)
1 104.19.216.61 13335 (CLOUDFLAR...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
1 104.16.199.73 13335 (CLOUDFLAR...)
5 5 3.120.56.129 16509 (AMAZON-02)
1 185.64.190.80 62713 (AS-PUBMATIC)
189 67
39    92.123.2.176 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-2-176.deploy.static.akamaitechnologies.com
www.newsobserver.com
media2.newsobserver.com
www.sunherald.com
7    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
5    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    34.194.242.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-242-201.compute-1.amazonaws.com
trinitymedia.ai
4    2600:9000:2182:3a00:15:d134:4e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
ovp.iris.tv
2    52.18.150.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-150-20.eu-west-1.compute.amazonaws.com
mcclatchy.tt.omtrdc.net
mboxedge37.tt.omtrdc.net
4    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
pubads.g.doubleclick.net
4    63.32.159.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-159-255.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
7    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
vd.trinitymedia.ai
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
15    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
contributor.google.com
fundingchoicesmessages.google.com
1    13.226.145.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-69.dus51.r.cloudfront.net
mcclatchy-newsobserver.zeustechnology.com
1    54.194.226.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
ad.crwdcntrl.net
3    13.226.145.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-81.dus51.r.cloudfront.net
mcclatchy-newsobserver.cdn.zephr.com
cm.smadex.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.108.145.83 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-83.deploy.static.akamaitechnologies.com
s.ntv.io
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    199.232.194.217 (United States)

ASN54113 (FASTLY, US)
static.scroll.com
10    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
servicer.mgid.com
cm.mgid.com
1    13.226.145.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-113.dus51.r.cloudfront.net
ats.rlcdn.com
1    2600:9000:2182:bc00:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
1    2600:9000:2182:e000:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)
dyv1bugovvq1g.cloudfront.net
2    151.101.1.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    92.123.12.11 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-12-11.deploy.static.akamaitechnologies.com
www.everestjs.net
3    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
1    13.226.147.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-147-71.dus51.r.cloudfront.net
cdn.parsely.com
5    13.226.145.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-6.dus51.r.cloudfront.net
sb.scorecardresearch.com
1    52.18.85.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
mcclatchy.demdex.net
2    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
mcclatchy.sc.omtrdc.net
1    34.248.191.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    3.221.31.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-31-176.compute-1.amazonaws.com
www.i.matheranalytics.com
1    13.226.145.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-37.dus51.r.cloudfront.net
tags.crwdcntrl.net
10    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
lasteventf-tm.everesttech.net
sync-tm.everesttech.net
1    13.226.145.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-55.dus51.r.cloudfront.net
geo.privacymanager.io
3    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    3.236.169.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-116.compute-1.amazonaws.com
sqs.us-east-1.amazonaws.com
5    75.101.244.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-244-20.compute-1.amazonaws.com
jadserve.postrelease.com
1    35.201.100.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.100.201.35.bc.googleusercontent.com
connect.scroll.com
1    2a00:1450:400c:c01::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
5    151.101.194.27 (United States)

ASN54113 (FASTLY, US)
edge.api.brightcove.com
manifest.prod.boltdns.net
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
4    52.29.99.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-99-170.eu-central-1.compute.amazonaws.com
depart.trinitymedia.ai
2    104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    3.141.186.246 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-186-246.us-east-2.compute.amazonaws.com
capi.connatix.com
2    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    13.226.145.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-114.dus51.r.cloudfront.net
context.iris.tv
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    13.226.146.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-146-56.dus51.r.cloudfront.net
cf-images.us-east-1.prod.boltdns.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
1    23.54.109.149 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-109-149.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    88.221.7.65 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-7-65.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    104.19.216.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
1    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
5    3.120.56.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-56-129.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
Apex Domain
Subdomains		 Transfer
38 newsobserver.com
www.newsobserver.com
media2.newsobserver.com
1 MB
18 google.com
www.google.com
contributor.google.com
fundingchoicesmessages.google.com
adservice.google.com
80 KB
12 mgid.com
jsc.mgid.com
c.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
102 KB
11 everesttech.net
cm.everesttech.net
lasteventf-tm.everesttech.net
sync-tm.everesttech.net
2 KB
9 trinitymedia.ai
trinitymedia.ai
vd.trinitymedia.ai
depart.trinitymedia.ai
230 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
266 KB
8 doubleclick.net
pubads.g.doubleclick.net
cm.g.doubleclick.net
stats.g.doubleclick.net
4 KB
7 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
314 KB
7 cookielaw.org
cdn.cookielaw.org
115 KB
5 bidswitch.net
x.bidswitch.net
3 KB
5 rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
11 KB
5 postrelease.com
jadserve.postrelease.com
3 KB
5 scorecardresearch.com
sb.scorecardresearch.com
4 KB
5 demdex.net
dpm.demdex.net
mcclatchy.demdex.net
9 KB
5 iris.tv
ovp.iris.tv
context.iris.tv
77 KB
4 boltdns.net
manifest.prod.boltdns.net
cf-images.us-east-1.prod.boltdns.net
985 KB
4 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
248 KB
4 omtrdc.net
mcclatchy.tt.omtrdc.net
mcclatchy.sc.omtrdc.net
mboxedge37.tt.omtrdc.net
4 KB
3 google-analytics.com
www.google-analytics.com
20 KB
3 matheranalytics.com
js.matheranalytics.com
www.i.matheranalytics.com
41 KB
3 onetrust.com
geolocation.onetrust.com
847 B
2 creativecdn.com
creativecdn.com
687 B
2 adsrvr.org
match.adsrvr.org
903 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
1 KB
2 openx.net
us-u.openx.net
469 B
2 adnxs.com
ib.adnxs.com
2 KB
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 brightcove.com
edge.api.brightcove.com
8 KB
2 parsely.com
cdn.parsely.com
p1.parsely.com
24 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net
84 KB
2 cloudfront.net
d15kdpgjg3unno.cloudfront.net
dyv1bugovvq1g.cloudfront.net
18 KB
2 scroll.com
static.scroll.com
connect.scroll.com
8 KB
2 zephr.com
mcclatchy-newsobserver.cdn.zephr.com
985 B
2 crwdcntrl.net
ad.crwdcntrl.net
tags.crwdcntrl.net
13 KB
2 facebook.net
connect.facebook.net
79 KB
1 smadex.com
cm.smadex.com
528 B
1 idealmedia.io
cm.idealmedia.io
412 B
1 lentainform.com
cm.lentainform.com
495 B
1 adtelligent.com
s.adtelligent.com
sync.adtelligent.com Failed
888 B
1 googlesyndication.com
pagead2.googlesyndication.com
27 KB
1 facebook.com
www.facebook.com
1 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 google.de
www.google.de
522 B
1 amazonaws.com
sqs.us-east-1.amazonaws.com
658 B
1 privacymanager.io
geo.privacymanager.io
619 B
1 sunherald.com
www.sunherald.com
103 KB
1 everestjs.net
www.everestjs.net
91 KB
1 rlcdn.com
ats.rlcdn.com
57 KB
1 ntv.io
s.ntv.io
109 KB
1 zeustechnology.com
mcclatchy-newsobserver.zeustechnology.com
52 KB
0 e-volution.ai Failed
sync.e-volution.ai Failed
189 52
Domain Requested by
31 www.newsobserver.com www.newsobserver.com
14 fundingchoicesmessages.google.com www.newsobserver.com
9 sync-tm.everesttech.net 9 redirects
7 fonts.gstatic.com fonts.googleapis.com
7 cdn.cookielaw.org www.newsobserver.com
cdn.cookielaw.org
7 media2.newsobserver.com www.newsobserver.com
media2.newsobserver.com
6 cm.mgid.com jsc.mgid.com
www.newsobserver.com
5 x.bidswitch.net 5 redirects
5 jadserve.postrelease.com s.ntv.io
www.newsobserver.com
5 sb.scorecardresearch.com 1 redirects www.newsobserver.com
jsc.mgid.com
5 fonts.googleapis.com www.newsobserver.com
vd.trinitymedia.ai
client
4 depart.trinitymedia.ai vd.trinitymedia.ai
4 dpm.demdex.net media2.newsobserver.com
www.newsobserver.com
4 pubads.g.doubleclick.net media2.newsobserver.com
www.newsobserver.com
imasdk.googleapis.com
4 ovp.iris.tv www.newsobserver.com
ovp.iris.tv
3 manifest.prod.boltdns.net www.newsobserver.com
3 cm.g.doubleclick.net 2 redirects www.newsobserver.com
3 www.google-analytics.com media2.newsobserver.com
www.google-analytics.com
3 vd.trinitymedia.ai trinitymedia.ai
3 geolocation.onetrust.com cdn.cookielaw.org
www.newsobserver.com
2 creativecdn.com 2 redirects
2 match.adsrvr.org 2 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 s-img.mgid.com www.newsobserver.com
2 sync.search.spotxchange.com 1 redirects www.newsobserver.com
2 us-u.openx.net 1 redirects www.newsobserver.com
2 ib.adnxs.com 1 redirects www.newsobserver.com
2 dsum-sec.casalemedia.com 1 redirects www.newsobserver.com
2 edge.api.brightcove.com www.newsobserver.com
2 mcclatchy.sc.omtrdc.net media2.newsobserver.com
2 cds.connatix.com www.newsobserver.com
cd.connatix.com
2 confiant-integrations.global.ssl.fastly.net www.newsobserver.com
confiant-integrations.global.ssl.fastly.net
2 jsc.mgid.com www.newsobserver.com
jsc.mgid.com
2 imasdk.googleapis.com www.newsobserver.com
imasdk.googleapis.com
2 js.matheranalytics.com 1 redirects www.newsobserver.com
2 mcclatchy-newsobserver.cdn.zephr.com www.newsobserver.com
2 trinitymedia.ai www.newsobserver.com
2 www.google.com www.newsobserver.com
www.gstatic.com
2 connect.facebook.net www.newsobserver.com
connect.facebook.net
1 token.rubiconproject.com www.newsobserver.com
1 cm.smadex.com 1 redirects
1 simage2.pubmatic.com www.newsobserver.com
1 cm.idealmedia.io www.newsobserver.com
1 cm.lentainform.com www.newsobserver.com
1 secure-assets.rubiconproject.com 1 redirects
1 s.adtelligent.com cm.mgid.com
1 pagead2.googlesyndication.com
1 www.facebook.com www.newsobserver.com
1 adservice.google.com imasdk.googleapis.com
1 cf-images.us-east-1.prod.boltdns.net www.newsobserver.com
1 s0.2mdn.net imasdk.googleapis.com
1 servicer.mgid.com jsc.mgid.com
1 image2.pubmatic.com www.newsobserver.com
1 context.iris.tv ovp.iris.tv
1 c.mgid.com jsc.mgid.com
1 capi.connatix.com cd.connatix.com
1 p1.parsely.com www.newsobserver.com
1 www.google.de www.newsobserver.com
1 pixel.rubiconproject.com www.newsobserver.com
1 stats.g.doubleclick.net www.google-analytics.com
1 connect.scroll.com static.scroll.com
1 sqs.us-east-1.amazonaws.com d15kdpgjg3unno.cloudfront.net
1 geo.privacymanager.io ats.rlcdn.com
1 lasteventf-tm.everesttech.net media2.newsobserver.com
1 tags.crwdcntrl.net www.newsobserver.com
1 www.i.matheranalytics.com www.newsobserver.com
1 mboxedge37.tt.omtrdc.net www.newsobserver.com
1 cm.everesttech.net 1 redirects
1 mcclatchy.demdex.net media2.newsobserver.com
1 cdn.parsely.com www.newsobserver.com
1 cd.connatix.com 1 redirects
1 www.sunherald.com www.newsobserver.com
1 www.everestjs.net media2.newsobserver.com
1 dyv1bugovvq1g.cloudfront.net www.newsobserver.com
1 d15kdpgjg3unno.cloudfront.net www.newsobserver.com
1 ats.rlcdn.com www.newsobserver.com
1 static.scroll.com www.newsobserver.com
1 s.ntv.io www.newsobserver.com
1 ad.crwdcntrl.net www.newsobserver.com
1 mcclatchy-newsobserver.zeustechnology.com www.newsobserver.com
1 contributor.google.com www.newsobserver.com
1 www.gstatic.com www.google.com
1 mcclatchy.tt.omtrdc.net www.newsobserver.com
0 sync.adtelligent.com Failed s.adtelligent.com
0 sync.e-volution.ai Failed www.newsobserver.com
189 85
Subject Issuer Validity Valid
www.mcclatchydc.com
DigiCert SHA2 Secure Server CA		 2021-06-23 -
2022-02-01		 7 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
trinitymedia.ai
Sectigo ECC Domain Validation Secure Server CA		 2020-12-15 -
2021-12-15		 a year crt.sh
iris.tv
Amazon		 2021-09-12 -
2022-10-11		 a year crt.sh
*.tt.omtrdc.net
DigiCert SHA2 Secure Server CA		 2020-11-02 -
2021-11-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
vd.trinitymedia.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-12-15 -
2021-12-15		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.zeustechnology.com
Amazon		 2021-05-15 -
2022-06-13		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
js.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-19 -
2022-04-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
*.scroll.com
R3		 2021-08-30 -
2021-11-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.cdn.zephr.com
Amazon		 2021-05-06 -
2022-06-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
www.everestjs.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-02 -
2022-09-02		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2020-09-29 -
2021-10-19		 a year crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2020-10-29 -
2021-11-29		 a year crt.sh
www.i.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-28 -
2022-01-27		 2 years crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
queue.amazonaws.com
Amazon		 2020-12-04 -
2021-12-03		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adapter.ooyala.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-13 -
2022-06-14		 a year crt.sh
www.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
depart.trinitymedia.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-12-28 -
2021-12-28		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.prod.boltdns.net
Amazon		 2020-12-08 -
2022-01-06		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-08-05 -
2021-11-03		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Frame ID: 49E0652C5EFE27BB7BDEC95BAB1B5128
Requests: 154 HTTP requests in this frame

Frame: https://cds.connatix.com/p/130993/connatix.playspace.dc.js
Frame ID: 1C90146095319D9A3578AD7C68D652DA
Requests: 2 HTTP requests in this frame

Frame: https://sb.scorecardresearch.com/beacon.js
Frame ID: F4C195445D316072D231F4FAA294C7A5
Requests: 2 HTTP requests in this frame

Frame: https://pubads.g.doubleclick.net/subopt/pts?products=newsobserver.com&type=general&u_tz=0&v=1&cdm=www.newsobserver.com&c=456773
Frame ID: 64A794227E2763C4358EE3D2FB5516B1
Requests: 1 HTTP requests in this frame

Frame: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Frame ID: 533A2226583D1F8075394FAEEFC3FA46
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubmV3c29ic2VydmVyLmNvbTo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&badge=inline&cb=vbcn5wiyg0uj
Frame ID: E786DDBCAB10AE6B9A91ED5FF2294F33
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Frame ID: 0294EBE59210EB03E2FEEB4AA2DECD92
Requests: 2 HTTP requests in this frame

Frame: https://trinitymedia.ai/player/audio.php?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&sCampaignID=2900000552&FAB=false&backgroundColor=rgb%28255%2C+255%2C+255%29&playerId=e397f742d5b66155ee92b6dad7058353&isLegacyBrowser=false&version=20210930_af2cf4e105a0153246615c7a9bfc4e9908273ae2&useCFCDN=0&ts=1633051682830&tsServer=1633051681233&FABOnly=0&unitId=2900000552&cf=&themeId=188&themeData=eyJmb250cyI6W3sibGluayI6Imh0dHBzOi8vZm9udHMuZ29vZ2xlYXBpcy5jb20vY3NzMj9mYW1pbHk9Tm90bytTYW5zOndnaHRANDAwOzcwMCZkaXNwbGF5PXN3YXAifV0sImNvbG9yTWFpbiI6IiMzMzMzIiwibG9hZGluZ0ljb24iOnsiY29sb3IiOiIjMmQ0MWE1In0sImxvYWRpbmdUaXRsZSI6eyJDU1MiOnsiZm9udEZhbWlseSI6Ik5vdG8gU2FucyIsImNvbG9yIjoiIzIyMjIyMiJ9fSwicGxheWVyVGl0bGUiOnsiQ1NTIjp7ImZvbnRGYW1pbHkiOiJOb3RvIFNhbnMiLCJjb2xvciI6IiMyMjIyMjIiLCJtYXhIZWlnaHQiOiIxNnB0IiwibWFyZ2luQm90dG9tIjoiM3B4In19LCJwbGF5ZXJDbG9jayI6eyJDU1MiOnsiZm9udEZhbWlseSI6Ik5vdG8gU2FucyIsImNvbG9yIjoiIzcwNzA3MCJ9fSwibWFpbkJ1dHRvbiI6eyJpZCI6Im1jY2xhdGNoeSJ9LCJwcm9ncmVzc2JhciI6eyJjb2xvciI6IiMyMjIyMjIifSwicG93ZXJlZEJ5Ijp7IkNTUyI6eyJmb250RmFtaWx5IjoiTm90byBTYW5zIn19LCJpMThuIjp7ImVuIjp7ImluaXRpYWxUaXRsZSI6Ik9ubHkgaGF2ZSBhIG1pbnV0ZT8gTGlzdGVuIGluc3RlYWQifX0sInRyaW5pdHlIb21lIjp7IkNTUyI6eyJmb250RmFtaWx5IjoiTm90byBTYW5zIiwiY29sb3IiOiIjMzE0MDlGIn19LCJsYXlvdXQiOiJvcGVuLW1vZGUifQ%3D%3D
Frame ID: A87447D98DB6DC3BA0925021F908DD21
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.482.0_en.html
Frame ID: E8E92CEB930BDDA79179AEAEC1333505
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=163305168438634446663
Frame ID: 647BA741C2D7783C067176ECB69A5A37
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: F34947E1ED5167ED388D9D48608BCFAD
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: F11363871720E48B73E1E26774F18FC2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

5 NC prisons renamed due to racist, white supremacy ties | Raleigh News & ObserveremailBack ButtonSearch IconFilter IconArrow

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

189
Requests

97 %
HTTPS

28 %
IPv6

52
Domains

85
Subdomains

67
IPs

9
Countries

4336 kB
Transfer

11013 kB
Size

40
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://js.matheranalytics.com/s/ma12095/74930332/all/ml.js?cb=1575 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma12095/all/6/ml.br.js
Request Chain 76
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/130993/connatix.playspace.dc.js
Request Chain 84
  • https://cm.everesttech.net/cm/dd?d_uuid=11322107618729184440097589551901740633 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVZkIwAAAKuVGgQf
Request Chain 99
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTEzMjIxMDc2MTg3MjkxODQ0NDAwOTc1ODk1NTE5MDE3NDA2MzM= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOUhQp-Mn5ToQgpBQfd9STU&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 106
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=YVZkIwAFndauQgAR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVZaa0l3QUZuZGF1UWdBUg==&_test=YVZkIwAFndauQgAR
Request Chain 113
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YVZkIwAAAKuVGgQf&expires=90
Request Chain 118
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1633051683627&ns_c=UTF-8&ns_if=1&cv=3.5&c8=5%20NC%20prisons%20renamed%20due%20to%20racist%2C%20white%20supremacy%20ties%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1633051683627&ns_c=UTF-8&ns_if=1&cv=3.5&c8=5%20NC%20prisons%20renamed%20due%20to%20racist%2C%20white%20supremacy%20ties%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&c9=
Request Chain 123
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YVZkIwAAAKuVGgQf HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YVZkIwAAAKuVGgQf&C=1
Request Chain 130
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YVZkIwAFndauQgAR HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYVZkIwAFndauQgAR
Request Chain 134
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YVZkIwAFndauQgAR HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YVZkIwAFndauQgAR
Request Chain 136
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVZkIwAFndauQgAR
Request Chain 138
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YVZkIwAFndauQgAR&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YVZkIwAFndauQgAR&img=1&__user_check__=1&sync_id=d305034d-2256-11ec-90c4-10ffbde80406
Request Chain 150
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YVZkIwAFndauQgAR&t=2592000&o=0
Request Chain 166
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 167
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=6b860972-13c1-445d-b650-2b86a021dc6f&ttl=1635643684
Request Chain 170
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=B2sakq0xHA0VHOtHGAV3&pi=mgid&tc=1
Request Chain 172
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l8u3uYgmR4si HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l8u3uYgmR4si HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=68195dd7-6b58-46b7-8018-d28319e4fd39&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 173
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=c26a34f2-9bea-40f6-bf06-37e775fdfdf4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=5a9d1837-461a-47fd-8f2d-76594cd50fff&expires=10&ssp=mgid&bsw_param=c26a34f2-9bea-40f6-bf06-37e775fdfdf4 HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=c26a34f2-9bea-40f6-bf06-37e775fdfdf4&gdpr=&gdpr_consent=&us_privacy=
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDh1M3VZZ21SNHNp&muidn=l8u3uYgmR4si HTTP 302
  • https://cm.mgid.com/google?muidn=l8u3uYgmR4si&google_ula={guid},5&google_gid=CAESEKkZKITozXpeoZcd03VMMEs&google_cver=1

189 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request article254651822.html
www.newsobserver.com/news/state/north-carolina/ 		129 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
1160382ab6bbb58bd71197c21270ec71e9ed6bd63641becae0230e54998aa621

Request headers

:method
GET
:authority
www.newsobserver.com
:scheme
https
:path
/news/state/north-carolina/article254651822.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
MI
content-type
text/html;charset=utf-8
x-proxy-forwarding-type
WhiteList
x-meter
s
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
*
access-control-allow-credentials
false
access-control-max-age
86400
vary
Accept-Encoding
mi-cache
HIT
mi-cache-age
1906
x-mi-in-market
0
etag
W/"1fedc-UufaaUBRV9z5nF+FX8WOFJTeuR4"
x-varnish
78179028, 201983873 190967803
surrogate-control
varnish=ESI/2.1
mi-api
WPS
x-akamai-transformed
9 131378 0 pmb=mTOE,4
content-encoding
gzip
expires
Fri, 01 Oct 2021 01:28:00 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 01 Oct 2021 01:28:00 GMT
content-length
26963
core.js
www.newsobserver.com/static/yozons-lib/ 		255 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/static/yozons-lib/core.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
8e06553a97c89a1d3321b8e9e7b621612e20368d3dbb2dd6a9341ba6291f3555

Request headers

:path
/static/yozons-lib/core.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:00 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
111
content-length
80057
last-modified
Thu, 30 Sep 2021 13:26:50 GMT
server
MI
etag
"3fd7c-5cd3666317a80"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
104197037, 186938127 191269101
access-control-allow-origin
*
cache-control
max-age=10
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript
access-control-allow-headers
*
newsobserver.js
media2.newsobserver.com/misites/nao/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media2.newsobserver.com/misites/nao/newsobserver.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
18f9e6b96e326a7aa705c687fc8893c6b2df53acce477aefe2d0239d7b82fcb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:01 GMT
content-encoding
gzip
last-modified
Sun, 29 Apr 2018 21:38:27 GMT
server
Apache
etag
"9f8-56b038eb73ac0"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1085
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Oct 2021 01:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
BC5xsXKGgJbQbCzkLNvwBQ==
age
4689430
vary
Accept-Encoding
content-length
6328
x-ms-lease-status
unlocked
last-modified
Wed, 04 Aug 2021 01:49:58 GMT
server
cloudflare
etag
0x8D956EA2A6E73F4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b8d637e9-f01e-012a-80bd-8bebf6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6971e96cea462c3a-FRA
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b53a8679f64261d270c8e531fe1e2b8e463f3592155dcf4c2dbc5deeab2f3b63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Oct 2021 01:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vK1pqwR5vAdncTOZa1Txzw==
age
3893
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Tue, 29 Jun 2021 08:52:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8115ff92-401e-00d2-1c45-a866be000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6971e96cea472c3a-FRA
vendor.bundle-f5cc99e62f4013e4087d.js
www.newsobserver.com/wps/build/webpack/ 		396 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/wps/build/webpack/vendor.bundle-f5cc99e62f4013e4087d.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
57a1adec57b006d2f412c1d40a6e2b1c1baf65bb50cbf5735265a6b7fe216524

Request headers

:path
/wps/build/webpack/vendor.bundle-f5cc99e62f4013e4087d.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:00 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
23743
content-length
122758
last-modified
Mon, 27 Sep 2021 20:16:43 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"631eb-17c28e70bf8"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
65080653, 172801152 166346172
access-control-allow-origin
*
cache-control
max-age=490325
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
mi-header.bundle-b809621a261235eaaef0.js
www.newsobserver.com/wps/build/webpack/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/wps/build/webpack/mi-header.bundle-b809621a261235eaaef0.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
2973541ff7462fc85337162712d37c627b51fef84927981f4c86dc37960c8a25

Request headers

:path
/wps/build/webpack/mi-header.bundle-b809621a261235eaaef0.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:00 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
134675
content-length
4407
last-modified
Tue, 14 Sep 2021 14:43:54 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"3463-17be4c3ac10"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
507864056, 804406043 778180663
access-control-allow-origin
*
cache-control
max-age=209501
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
css
fonts.googleapis.com/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f94f28e7998a2f1af1c2a6c9eb199d84101f1e92dbdd9e32e327fb5736826e7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 01:28:01 GMT
server
ESF
date
Fri, 01 Oct 2021 01:28:01 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 01 Oct 2021 01:28:01 GMT
mi-styles.a915df039026a930f83a.css
www.newsobserver.com/wps/build/webpack/css/ 		213 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/wps/build/webpack/css/mi-styles.a915df039026a930f83a.css
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
952bfd1ab5122dabf8f0c65d1b2181f44ae607b5057f65de723068c046a618a6

Request headers

:path
/wps/build/webpack/css/mi-styles.a915df039026a930f83a.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:00 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
353014
content-length
44678
last-modified
Tue, 14 Sep 2021 14:44:03 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"3523c-17be4c3cf38"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
505462866, 83965467 22453384
access-control-allow-origin
*
cache-control
max-age=135115
access-control-allow-credentials
false
mi-cache
HIT
content-type
text/css;charset=UTF-8
access-control-allow-headers
*
guid.js
www.newsobserver.com/wps/source/scripts/libs/ 		1 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/wps/source/scripts/libs/guid.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db

Request headers

:path
/wps/source/scripts/libs/guid.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:00 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
69242
content-length
547
last-modified
Tue, 14 Sep 2021 14:42:05 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"505-17be4c20248"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
493517029, 688923162 680796525
access-control-allow-origin
*
cache-control
max-age=359647
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
06e1c113a84dda6981de86a5ce1fd6e9f393df53cf16c40e8dac233bd3418b36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
CUWqFz1lAyYBxBAckOxHiA==
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Oct 2021 01:31:30 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
qWdnn1+yUWxDYsw+uVNfUHpRjSYADALz1JsNqpS1OWbjO8Z+5cKspk0wQfZ9OBq8lsBMl4bby/NZ/eLPJeR+vg==
x-fb-trip-id
686109401
x-fb-content-md5
1f1960dd37310a89563613ca21e78ba3
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 01 Oct 2021 01:28:02 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"a682768e93e1080520e7f405bad0c827"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
api.js
www.google.com/recaptcha/ 		850 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
88c349655965378a1ae1ddab992925241eb9fcc60d9aa44f7ba5c6737862ab2a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
552
x-xss-protection
1; mode=block
expires
Fri, 01 Oct 2021 01:28:02 GMT
66e93909
www.newsobserver.com/akam/11/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/akam/11/66e93909
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
69d4fb72039697c4b3705136bc68085d13d36d282e4ede1a46d4be8d92a4f05f

Request headers

:path
/akam/11/66e93909
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:02 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
10433
pragma
no-cache
last-modified
Thu, 02 May 2019 20:03:13 GMT
etag
"8b3abd2ddb70959b6ec1f50f7b00e4369e6b093ac31a5d5f42dd9c7203ae4f28"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
set-cookie
ak_bmsc=2AD058C9822BCD50BF88AF831D84E655~000000000000000000000000000000~YAAQPZoXAn69uhZ7AQAAzid3OQ1VvTiKgjEE3W0PZTaP2bfdbpmhZZd9bThZTZHMVOyMpAbEiOV3ZK0NNxZr72/2znigcgMT+UGXGBolO3tjlrOmwpuc9Tk68n6L2fRXX5wXLcb41N0I+suTvMOisBCiPEvtbDO+srO6o3qb3h7x7+Uby0Z8R29cxQUPtg6q9rc0IPaAC5ic5wzVdhhXsx8HjpApmD14gIuHxygYLfXfTdk/7q7ae+SwPM7S5M6Y/+EiyQT5i5QzWEenemBUtH9/2mPOtQOIyFjT/iPjDbCYq5jqSZP6431sYOQ1t/KVnweAxBwc6X3hpVIadBWKGPS0UjVAhKQJaHR1Y/lFTeR/xeYqV1x/j7qb8v9EbFjNuvX81meLhgfYPjaG3i17akw9nVyBkHODQw0eSkxw0QpgBfU75f42DeabpH4j34VfMPXSym638Y+MZnYL5uaMtHCztCuNCCMk8kmtbEzusxZETO+dwg==; Domain=.newsobserver.com; Path=/; Expires=Fri, 01 Oct 2021 03:28:02 GMT; Max-Age=7200; HttpOnly
access-control-allow-headers
*
expires
Fri, 01 Oct 2021 01:28:02 GMT
/
trinitymedia.ai/player/trinity/2900000552/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trinitymedia.ai/player/trinity/2900000552/?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.194.242.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-242-201.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2f5410bd9e775a91f266a0dbb03b5c9b0fce7fead8fd21c589b4f0aa2980be01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:01 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store
content-length
2356
escenic_s_code.js
media2.newsobserver.com/mistats/products/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media2.newsobserver.com/mistats/products/escenic_s_code.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1cc5573434bc9b7f1f814fa8ec4014b19334c45b6711b67fd55ea00ebb1427ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:01 GMT
last-modified
Tue, 31 Aug 2021 18:56:10 GMT
server
Apache
etag
"17823-5cadf80be6e91"
vary
Origin
content-type
application/javascript
accept-ranges
bytes
content-length
96291
escenic.js
media2.newsobserver.com/mistats/products/ 		62 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media2.newsobserver.com/mistats/products/escenic.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c3c40ea1b0f7ff5e49b5f9b7ea4e912b5eded849571b6bb388f692c55b3fa12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:01 GMT
last-modified
Wed, 08 Sep 2021 18:37:06 GMT
server
Apache
etag
"f70f-5cb802b4e8439"
vary
Origin
content-type
application/javascript
accept-ranges
bytes
content-length
63247
finalizestats.js
media2.newsobserver.com/mistats/ 		60 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media2.newsobserver.com/mistats/finalizestats.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9b9661d9e08e91d45ab439abc3e516d809cedcac6cf4254716d40c8fae3a74c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:01 GMT
last-modified
Wed, 08 Sep 2021 18:37:50 GMT
server
Apache
etag
"f0d9-5cb802df41b8f"
vary
Origin
content-type
application/javascript
accept-ranges
bytes
content-length
61657
mi-footer.bundle-b9a47dc85e05422023bb.js
www.newsobserver.com/wps/build/webpack/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/wps/build/webpack/mi-footer.bundle-b9a47dc85e05422023bb.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
088bf99363c367a9df19e55730893261c22ca3021ee95d9e06429fff2391535f

Request headers

:path
/wps/build/webpack/mi-footer.bundle-b9a47dc85e05422023bb.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:00 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
247
content-length
3660
last-modified
Tue, 14 Sep 2021 14:43:54 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"2873-17be4c3ac10"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
447741837, 772196270 776159299
access-control-allow-origin
*
cache-control
max-age=341112
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
iris.adaptive.js
ovp.iris.tv/libs/adaptive/v2/ 		151 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3a00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b91d0633ab726f6fba5bfac7b37bfb0a7b736f9470898612c7d328a60316a9b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
VV_tW04Wx3zcwJY1igcOQe6z3Zi4ab5p
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 01:11:17 GMT
server
AmazonS3
age
44715
etag
W/"1352c2358f7f8a7ea80a8109066a1e76"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
date
Thu, 30 Sep 2021 13:02:47 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
H6P_6jDesSGjqkT1tFskD6K_oKxJXaJDoliwatHIG8FKOoKCvpYcGQ==
iris-context.min.js
ovp.iris.tv/libs/context/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/libs/context/iris-context.min.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3a00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cec2c1b07ec561c19dbb290120711abfcfffc93359080ab3760af6119a364bad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
slqHeAfcx7ypAfjiCBQaUewyYpq955Ao
via
1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
last-modified
Tue, 23 Mar 2021 20:29:32 GMT
server
AmazonS3
age
107965
etag
W/"7715a659dc0df79086ae769c891dfd9b"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
date
Thu, 30 Sep 2021 13:43:08 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
13833
x-amz-cf-id
XRUHQu41BNTPxJ6ytC09xKYuXD58EA0Qb__HX-U9fU22CCX-7LqU9w==
vue.bundle-2dcbd1661e4d11979a36.js
www.newsobserver.com/wps/build/webpack/ 		107 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/wps/build/webpack/vue.bundle-2dcbd1661e4d11979a36.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
f6af14b9709e48f965fb10a329f09df18b558acc3ef35b870d0740d0f1082694

Request headers

:path
/wps/build/webpack/vue.bundle-2dcbd1661e4d11979a36.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:00 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
241
content-length
38913
last-modified
Tue, 14 Sep 2021 14:44:15 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"1ad47-17be4c3fe18"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
445674892, 777110842 777922411
access-control-allow-origin
*
cache-control
max-age=143620
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
videojs.bundle-72bc93f6cff879e57cfb.js
www.newsobserver.com/wps/build/webpack/ 		455 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/wps/build/webpack/videojs.bundle-72bc93f6cff879e57cfb.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
55c3cb915a25afd5b4f397c1da96bd50486b4d1f5eca6493cfedec1091a4193a

Request headers

:path
/wps/build/webpack/videojs.bundle-72bc93f6cff879e57cfb.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:00 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
241
content-length
121809
last-modified
Tue, 14 Sep 2021 14:44:15 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"71b1f-17be4c3fe18"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
449522077, 586001558 589858330
access-control-allow-origin
*
cache-control
max-age=192499
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
videoStory.bundle-ebf6fae87170ecd55ce3.js
www.newsobserver.com/wps/build/webpack/ 		208 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-ebf6fae87170ecd55ce3.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
82b3fca1f4be0b30252100c67b01766d2fdbc760fd29524d1f202cd0af5a72df

Request headers

:path
/wps/build/webpack/videoStory.bundle-ebf6fae87170ecd55ce3.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:00 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
586
content-length
61702
last-modified
Mon, 27 Sep 2021 20:17:05 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"34107-17c28e761e8"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
51719037, 137999753 142427347
access-control-allow-origin
*
cache-control
max-age=375242
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
galleryStoryPage.bundle-2fefc33f0bb2df768685.js
www.newsobserver.com/wps/build/webpack/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/wps/build/webpack/galleryStoryPage.bundle-2fefc33f0bb2df768685.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
094076988d05ef99f2cfc12c9cd5a5f5f63aa2f822c6652821bcd3497b62a915

Request headers

:path
/wps/build/webpack/galleryStoryPage.bundle-2fefc33f0bb2df768685.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:00 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
288
content-length
6770
last-modified
Tue, 14 Sep 2021 14:44:15 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"5687-17be4c3fe18"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
506417569, 778898662 778275806
access-control-allow-origin
*
cache-control
max-age=327266
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
footer.bundle-1f06f5f8ac3bfe589066.js
www.newsobserver.com/wps/build/webpack/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/wps/build/webpack/footer.bundle-1f06f5f8ac3bfe589066.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
962633a9b2b7df607d091396cbe096cef615f8bd36ea627151254a5743c4e0c7

Request headers

:path
/wps/build/webpack/footer.bundle-1f06f5f8ac3bfe589066.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:00 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
106649
content-length
2570
last-modified
Mon, 27 Sep 2021 20:16:43 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"284c-17c28e70bf8"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
73253009, 190204338 173114957
access-control-allow-origin
*
cache-control
max-age=581617
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
netdale.59f36f7b97eb5f90f838.js
www.newsobserver.com/static/yozons-lib/ 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/static/yozons-lib/netdale.59f36f7b97eb5f90f838.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
4ba03e99e92b712b7e9859d68b9d101dfded6a64b596a63e6a8e6224bd3600d6

Request headers

:path
/static/yozons-lib/netdale.59f36f7b97eb5f90f838.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:02 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
445
content-length
19196
last-modified
Thu, 30 Sep 2021 13:26:49 GMT
server
MI
etag
W/"1241b-5cd3666223840"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
100429980 101442299
access-control-allow-origin
*
cache-control
max-age=562368
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript
access-control-allow-headers
*
adobe.t2_3.js
www.newsobserver.com/static/yozons-lib/ 		91 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/static/yozons-lib/adobe.t2_3.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
5fd8bc8f1abe2eca0f650c16cd0f04bea980adbc2f228e4bc7bb6357923a9c36

Request headers

:path
/static/yozons-lib/adobe.t2_3.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:00 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
46523
content-length
31126
last-modified
Mon, 27 Sep 2021 13:07:00 GMT
server
MI
etag
W/"16dbe-5ccf9c5bd6500"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
90677453, 182264473 170658294
access-control-allow-origin
*
cache-control
max-age=514589
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript
access-control-allow-headers
*
gfc.2bd5ae0ba499dff1b6a9.js
www.newsobserver.com/static/yozons-lib/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/static/yozons-lib/gfc.2bd5ae0ba499dff1b6a9.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
26466a9aa0fc7d58397175917d2f1a0aa6eb133f5015cf22fe0bbcf879e0e04d

Request headers

:path
/static/yozons-lib/gfc.2bd5ae0ba499dff1b6a9.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:02 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
444
content-length
5133
last-modified
Thu, 30 Sep 2021 13:26:49 GMT
server
MI
etag
W/"2dcd-5cd3666223840"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
190188991 187579368
access-control-allow-origin
*
cache-control
max-age=562333
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript
access-control-allow-headers
*
pdp.gif
www.newsobserver.com/static/yozons-lib/ 		42 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsobserver.com/static/yozons-lib/pdp.gif?y=eyJkZXByIjoiZ2V0UGFnZUluZm8ifQ==
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path
/static/yozons-lib/pdp.gif?y=eyJkZXByIjoiZ2V0UGFnZUluZm8ifQ==
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:02 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
205142
content-length
42
last-modified
Thu, 23 Sep 2021 16:32:18 GMT
server
MI
etag
"2a-5ccac2c95a880"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
54027613 22858773
access-control-allow-origin
*
cache-control
max-age=314544
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/gif
access-control-allow-headers
*
pdp.gif
www.newsobserver.com/static/yozons-lib/ 		42 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsobserver.com/static/yozons-lib/pdp.gif?y=eyJkZXByIjoiY3JlYXRlVHJhbnNhY3Rpb25JZCJ9
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path
/static/yozons-lib/pdp.gif?y=eyJkZXByIjoiY3JlYXRlVHJhbnNhY3Rpb25JZCJ9
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:02 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
233720
content-length
42
last-modified
Thu, 23 Sep 2021 16:32:18 GMT
server
MI
etag
"2a-5ccac2c95a880"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
22858772, 129068479 82403307
access-control-allow-origin
*
cache-control
max-age=343166
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/gif
access-control-allow-headers
*
delivery
mcclatchy.tt.omtrdc.net/rest/v1/ 		189 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcclatchy.tt.omtrdc.net/rest/v1/delivery?client=mcclatchy&sessionId=675dfe8ec151491abd831db06ce84b2c&version=2.3.0
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/adobe.t2_3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.150.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-150-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1d7195383d21453849079cf2e8f0bfba518244acf5308996d468885df5209053

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsobserver.com
date
Fri, 01 Oct 2021 01:28:01 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id
7b2364f5c5561314cf17a913e591326f
content-type
application/json;charset=UTF-8
common.js
media2.newsobserver.com/misites/all/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media2.newsobserver.com/misites/all/common.js
Requested by
Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/misites/nao/newsobserver.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec2cc99b7d1be6fb64d9ce3622e5584e39002529d87a71ffad76435b800de309

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:02 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 13:27:05 GMT
server
Apache
etag
"ee5-59232dc43bc40"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1412
micb.js
media2.newsobserver.com/mistats/ 		129 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media2.newsobserver.com/mistats/micb.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
003ee5a6d6c34ac5b8d8a5a30d3005d851d1ed86097e6833f3d1139e3927267a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:01 GMT
last-modified
Thu, 02 Sep 2021 11:53:48 GMT
server
Apache
etag
"2054b-5cb01d5f89742"
vary
Origin
content-type
application/javascript
accept-ranges
bytes
content-length
132427
pts
pubads.g.doubleclick.net/subopt/ 		149 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/subopt/pts?products=newsobserver.com&type=general&extrainfo=null&u_tz=0&v=1&cdm=www.newsobserver.com&c=196173
Requested by
Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a74d852658985eb87374624c6402abf16819dd6004fb0a3f21dd5597d045a361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122
x-xss-protection
0
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.newsobserver.com
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Oct 2021 01:28:03 GMT
id
dpm.demdex.net/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_coop_safe=1&ts=1633051682724
Requested by
Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-159-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
207286d63ecaf896c93c15d7d5c64b666ef7bf40ae7ee7ffe62640eb743b0c85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v018-0d71bd386.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
0RWktkhPR6I=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.newsobserver.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1001
Expires
Thu, 01 Jan 1970 00:00:00 UTC
data
pubads.g.doubleclick.net/subopt/ 		0
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/subopt/data?states=newsobserver.com%3Aunknown&extrainfo=null&u_tz=0&v=1&cdm=www.newsobserver.com&c=749840
Requested by
Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 01:28:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://www.newsobserver.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
89ec5922-1183-4866-8824-09f66181e549.json
cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/89ec5922-1183-4866-8824-09f66181e549.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0827a540ffd8faac9bc0bcdcb724fdb6e0a4fb3d073d46ff9a93ea105e1613ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Oct 2021 01:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
VEhEeWxZ9Hxrgg8t3QZJ7w==
age
4131
vary
Accept-Encoding
content-length
1277
x-ms-lease-status
unlocked
last-modified
Thu, 20 Aug 2020 15:58:01 GMT
server
cloudflare
etag
0x8D84521D12CED36
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a156ae51-001e-0012-3b15-b6ecfa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6971e9792e5f6973-FRA
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		188 B
393 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f404b3d0e264e954218f87aaa6612bdf6b2753eaafae1b7b2c7eb99cc8acdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6971e97b6dc45c14-FRA
geofeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		188 B
221 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/geofeed
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f7069fffad934e4dbfdbb72531a453a9f18bc32fb9f5fe18a37350718e582cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6971e97b6dc65c14-FRA
identityModulev3.min.js
www.newsobserver.com/wps/source/scripts/libs/ 		35 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/wps/source/scripts/libs/identityModulev3.min.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5

Request headers

:path
/wps/source/scripts/libs/identityModulev3.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:02 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
38598
content-length
11142
last-modified
Tue, 14 Sep 2021 14:42:05 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"8dbb-17be4c20248"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
555630522, 675139108 671844677
access-control-allow-origin
*
cache-control
max-age=233644
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v21/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v21/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsobserver.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 17:44:02 GMT
x-content-type-options
nosniff
age
200640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16180
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:43:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Sep 2022 17:44:02 GMT
ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v16/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v16/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18a7a29489626785e9f96d890e366909787b80ad977baeec8149de3c1f7e85dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsobserver.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 17:50:45 GMT
x-content-type-options
nosniff
age
200237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27412
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:37:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Sep 2022 17:50:45 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v21/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v21/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsobserver.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 17:44:02 GMT
x-content-type-options
nosniff
age
200640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16056
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:44:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Sep 2022 17:44:02 GMT
logo.svg
www.newsobserver.com/wps/build/images/newsobserver/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsobserver.com/wps/build/images/newsobserver/logo.svg
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
3081cd5942a29f59f16b662f9487cdb95dc4473722804097a0d697bd72fb1693

Request headers

:path
/wps/build/images/newsobserver/logo.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:02 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
311
content-length
1605
last-modified
Mon, 27 Sep 2021 20:16:43 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"10fe-17c28e70bf8"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
60413820, 142991638 143474787
access-control-allow-origin
*
cache-control
max-age=379388
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/svg+xml;charset=ISO-8859-1
access-control-allow-headers
*
fontawesome-webfont.woff2
www.newsobserver.com/wps/source/sass/main/fonts/font-awesome/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/wps/source/sass/main/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.a915df039026a930f83a.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a

Request headers

sec-fetch-mode
cors
origin
https://www.newsobserver.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
ak_bmsc=2AD058C9822BCD50BF88AF831D84E655~000000000000000000000000000000~YAAQPZoXAn69uhZ7AQAAzid3OQ1VvTiKgjEE3W0PZTaP2bfdbpmhZZd9bThZTZHMVOyMpAbEiOV3ZK0NNxZr72/2znigcgMT+UGXGBolO3tjlrOmwpuc9Tk68n6L2fRXX5wXLcb41N0I+suTvMOisBCiPEvtbDO+srO6o3qb3h7x7+Uby0Z8R29cxQUPtg6q9rc0IPaAC5ic5wzVdhhXsx8HjpApmD14gIuHxygYLfXfTdk/7q7ae+SwPM7S5M6Y/+EiyQT5i5QzWEenemBUtH9/2mPOtQOIyFjT/iPjDbCYq5jqSZP6431sYOQ1t/KVnweAxBwc6X3hpVIadBWKGPS0UjVAhKQJaHR1Y/lFTeR/xeYqV1x/j7qb8v9EbFjNuvX81meLhgfYPjaG3i17akw9nVyBkHODQw0eSkxw0QpgBfU75f42DeabpH4j34VfMPXSym638Y+MZnYL5uaMtHCztCuNCCMk8kmtbEzusxZETO+dwg==
:path
/wps/source/sass/main/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/wps/build/webpack/css/mi-styles.a915df039026a930f83a.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.newsobserver.com/wps/build/webpack/css/mi-styles.a915df039026a930f83a.css
Origin
https://www.newsobserver.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
1259
content-length
56780
last-modified
Mon, 27 Sep 2021 20:14:31 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"ddcc-17c28e50858"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
72006939, 89885156 88678593
access-control-allow-origin
*
cache-control
max-age=166
access-control-allow-credentials
false
mi-cache
HIT
content-type
font/woff2;charset=ISO-8859-1
access-control-allow-headers
*
ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v16/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v16/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93d058f2a331f04fbe74786d01c50adde19e56db580b140c8e8ca023c19552d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsobserver.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 17:50:45 GMT
x-content-type-options
nosniff
age
200237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24036
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:37:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Sep 2022 17:50:45 GMT
trinity-injector-script.js
vd.trinitymedia.ai/trinity-player/tts-player/20210930_af2cf4e105a0153246615c7a9bfc4e9908273ae2/ 		300 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vd.trinitymedia.ai/trinity-player/tts-player/20210930_af2cf4e105a0153246615c7a9bfc4e9908273ae2/trinity-injector-script.js
Requested by
Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity/2900000552/?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
AmazonS3 /
Resource Hash
ca7a28a6309a39f28f9dabb6f1c938e2ab39dbfbbb679fd03921c45802b2fc39

Request headers

Referer
https://www.newsobserver.com/
Origin
https://www.newsobserver.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 14:04:44 GMT
server
AmazonS3
x-amz-request-id
JZ1C33104ZKHR1WE
etag
"8f9d99f9f2954f8df260df12f343e0a5"
x-hw
1633051683.dop242.fr8.t,1633051683.cds227.fr8.hn,1633051683.cds056.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
48444
x-amz-id-2
AcDhxKj0wjCLJvtigpszwTfwAYQAMlWbuhT2JY2WMiRS58XRPIYj67k22WTGzwpaiRScPM6hGVU=
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		190 B
233 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdb0480ae109e29bf90b17ec301704d2bad5bb4cde2ad74a6c6ec91ae2c83133
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6971e97b6dc75c14-FRA
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ 		346 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsobserver.com/
Origin
https://www.newsobserver.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 18:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138353
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 04:02:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Fri, 30 Sep 2022 18:14:51 GMT
loader.js
contributor.google.com/scripts/7df76a16abfcab18/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contributor.google.com/scripts/7df76a16abfcab18/loader.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cHKHae7A91IqmsR2HXPwmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-cHKHae7A91IqmsR2HXPwmg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorTargetingHttp/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorTargetingHttp"
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"ContributorTargetingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorTargetingHttp/external"}]}
content-type
application/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=3600
content-security-policy
script-src 'report-sample' 'nonce-cHKHae7A91IqmsR2HXPwmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-cHKHae7A91IqmsR2HXPwmg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
expires
Fri, 01 Oct 2021 01:28:03 GMT
main.js
mcclatchy-newsobserver.zeustechnology.com/ 		226 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcclatchy-newsobserver.zeustechnology.com/main.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.59f36f7b97eb5f90f838.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-69.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
191fcdb96d66efc52ce505747408b26e44e40a85854f5e3d83f0b02fc1600576

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
QSc477pzAQ63HbSOhgjfFvXEdbRW_qfp
content-encoding
br
last-modified
Tue, 14 Sep 2021 14:19:16 GMT
server
AmazonS3
age
553
etag
W/"41e0443b2b8b7e0c9d37bd487eb6f90f"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
cache-control
max-age=600,s-maxage=3600
date
Fri, 01 Oct 2021 01:18:50 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
71f8PpDo481E_88vEmQQ3XLQzsBFc-CnkzkBT5qiPdTrrE78-IYjnA==
callback=mi.ads.extractPid
ad.crwdcntrl.net/5/c=7436/pe=y/ 		82 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.crwdcntrl.net/5/c=7436/pe=y/callback=mi.ads.extractPid
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
8e26c82b3a05d2306015e1d1414cffced4a6ab6e012e8aadfcb0db6798314a79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.28.51
content-type
application/javascript;charset=utf-8
content-length
82
expires
0
pdp.gif
www.newsobserver.com/static/yozons-lib/ 		42 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsobserver.com/static/yozons-lib/pdp.gif?y=eyJpZCI6Im1pX2FzX25hb183MTEyOTM1MDZfMV80XzE2MzMwNTE2ODI4NjMiLCJkZXByIjoiZ2V0UGFnZUluZm8ifQ==
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path
/static/yozons-lib/pdp.gif?y=eyJpZCI6Im1pX2FzX25hb183MTEyOTM1MDZfMV80XzE2MzMwNTE2ODI4NjMiLCJkZXByIjoiZ2V0UGFnZUluZm8ifQ==
pragma
no-cache
cookie
ak_bmsc=2AD058C9822BCD50BF88AF831D84E655~000000000000000000000000000000~YAAQPZoXAn69uhZ7AQAAzid3OQ1VvTiKgjEE3W0PZTaP2bfdbpmhZZd9bThZTZHMVOyMpAbEiOV3ZK0NNxZr72/2znigcgMT+UGXGBolO3tjlrOmwpuc9Tk68n6L2fRXX5wXLcb41N0I+suTvMOisBCiPEvtbDO+srO6o3qb3h7x7+Uby0Z8R29cxQUPtg6q9rc0IPaAC5ic5wzVdhhXsx8HjpApmD14gIuHxygYLfXfTdk/7q7ae+SwPM7S5M6Y/+EiyQT5i5QzWEenemBUtH9/2mPOtQOIyFjT/iPjDbCYq5jqSZP6431sYOQ1t/KVnweAxBwc6X3hpVIadBWKGPS0UjVAhKQJaHR1Y/lFTeR/xeYqV1x/j7qb8v9EbFjNuvX81meLhgfYPjaG3i17akw9nVyBkHODQw0eSkxw0QpgBfU75f42DeabpH4j34VfMPXSym638Y+MZnYL5uaMtHCztCuNCCMk8kmtbEzusxZETO+dwg==
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
495344
content-length
42
last-modified
Thu, 23 Sep 2021 16:32:18 GMT
server
MI
etag
"2a-5ccac2c95a880"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
116105044 22858773
access-control-allow-origin
*
cache-control
max-age=604775
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/gif
access-control-allow-headers
*
sdk.js
connect.facebook.net/en_US/ 		269 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=21e6b0aa4462e7710170404954c3a687
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
17bbef635a6628656aca5c8bde5fee06af64ac392879542660f43e5fb5b57719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.newsobserver.com/
Origin
https://www.newsobserver.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
HAsZrNXCAXN3cOLQsPRmbg==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
77729
x-fb-rlafr
0
x-fb-debug
+5RSKvqGcWfhEG0JH3x9//+fAjdBubyddGGap595FomXqCUiQEO6xN1VcwpPc6JUwTOayFLeBmKOCYo92Mjcog==
x-fb-trip-id
686109401
x-fb-content-md5
3956cebe19b7e63bf078c8b51aea1edc
x-frame-options
DENY
date
Fri, 01 Oct 2021 01:28:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"aa82ffcf13f7503b4c12bfd0e379e25e"
timing-allow-origin
*
expires
Sat, 01 Oct 2022 00:34:48 GMT
decision-engine
mcclatchy-newsobserver.cdn.zephr.com/zephr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcclatchy-newsobserver.cdn.zephr.com/zephr/decision-engine
Protocol
H2
Server
13.226.145.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-81.dus51.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.newsobserver.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Fri, 01 Oct 2021 01:28:03 GMT
access-control-allow-origin
https://www.newsobserver.com
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-credentials
true
x-cache
Miss from cloudfront
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
kGRHFpiiFnox6s_hZUbg8Tjrn_czYrKaPfNv60nuFuyxUqOSE8bGsg==
ml.br.js
js.matheranalytics.com/static/ltm/ma12095/all/6/
Redirect Chain
  • https://js.matheranalytics.com/s/ma12095/74930332/all/ml.js?cb=1575
  • https://js.matheranalytics.com/static/ltm/ma12095/all/6/ml.br.js
140 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma12095/all/6/ml.br.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
5a36bfb7995c90e80bc907138d7f0dd0193ea597c39e0e2a03825456b108c5d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 17:28:24 GMT
content-encoding
br
last-modified
Thu, 15 Jul 2021 21:18:49 GMT
server
nginx
age
28779
etag
"20650b71c4c2f963c8608629cb2edbdb"
vary
Accept-Encoding
x-cache
HIT Thu, 15 Jul 2021 21:29:09 GMT
content-type
application/x-javascript
via
1.1 google
cache-control
public,max-age=3600
alt-svc
clear
content-length
41736

Redirect headers

date
Fri, 01 Oct 2021 01:28:03 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma12095/all/6/ml.br.js
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
5-gc-euw1-10929
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/finalizestats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2163
date
Fri, 01 Oct 2021 00:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 01 Oct 2021 02:52:00 GMT
mi_content_tracker.js
media2.newsobserver.com/mistats/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media2.newsobserver.com/mistats/mi_content_tracker.js
Requested by
Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/misites/nao/newsobserver.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
last-modified
Wed, 04 Jun 2014 15:41:43 GMT
server
Apache
etag
"11ff-4fb047712bbc0"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1432
load.js
s.ntv.io/serve/ 		374 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/mi-footer.bundle-b9a47dc85e05422023bb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.83 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-83.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49a637e7b55893e5f5af55286b87b6bd28509dae240ec93f9b96b50fe965a192

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 01:28:03 GMT
Content-Encoding
gzip
x-amz-request-id
SF6KHVCYJ5QT1YZ4
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
+Xapoh+N0Ip5HSnuKm+4/SIBzZv/MMIp3idmtyBkRrpbK4WIXIngOOzfp2vfyoRxWJw4QKqtJRXrmYuk+S5SZg==
Last-Modified
Wed, 29 Sep 2021 23:43:48 GMT
Server
AmazonS3
ETag
"44d8f8d050ee1ea5165a51fed8e92745"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		346 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-ebf6fae87170ecd55ce3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ac092a75b7f716a2652a6e0c63164b802fdbe07212e229251cb1f86a4640952
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121639
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Fri, 01 Oct 2021 01:28:03 GMT
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b63a17e3de0488258d9d7c4742605bee614cbc97bbf64f836998ff623ed3dbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
scroll.js
static.scroll.com/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.scroll.com/js/scroll.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
01522e70e4807e89bf3303d4f2e01fb141b4ce91dba4023d23794e255028ed9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
age
3095
x-guploader-uploadid
ADPycduAlWqEV0MKdiy8BAJGp_W_5gJ5OTZ5S21LZzvqCAtBA3fa0JyKZsXuRUYGl8HrsfKl03HbWNqM4ctm--l3pBOyZDp4fQ
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
6459
x-served-by
cache-fra19177-FRA
last-modified
Thu, 25 Feb 2021 20:29:37 GMT
server
UploadServer
x-timer
S1633051683.422158,VS0,VE0
etag
"334dd94887922f13e29acca6ed203eb7"
vary
Origin
x-goog-hash
crc32c=kcQgZA==, md5=M03ZSIeSLxPimsym7SA+tw==
x-goog-generation
1614284976930081
via
1.1 varnish
expires
Thu, 05 Aug 2021 01:19:32 GMT
cache-control
public, max-age=0, s-maxage=86400
access-control-allow-credentials
true
x-goog-stored-content-length
6459
accept-ranges
bytes
content-type
application/javascript
x-scrolljs
3
x-cache-hits
291
performance.fe64298785e6b304b3e4.js
www.newsobserver.com/static/yozons-lib/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/static/yozons-lib/performance.fe64298785e6b304b3e4.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
2142dc28cc995dfa5be78dd72ca375c7014f63b7d402e5d7bf0cd719d959e1d9

Request headers

:path
/static/yozons-lib/performance.fe64298785e6b304b3e4.js
pragma
no-cache
cookie
ak_bmsc=2AD058C9822BCD50BF88AF831D84E655~000000000000000000000000000000~YAAQPZoXAn69uhZ7AQAAzid3OQ1VvTiKgjEE3W0PZTaP2bfdbpmhZZd9bThZTZHMVOyMpAbEiOV3ZK0NNxZr72/2znigcgMT+UGXGBolO3tjlrOmwpuc9Tk68n6L2fRXX5wXLcb41N0I+suTvMOisBCiPEvtbDO+srO6o3qb3h7x7+Uby0Z8R29cxQUPtg6q9rc0IPaAC5ic5wzVdhhXsx8HjpApmD14gIuHxygYLfXfTdk/7q7ae+SwPM7S5M6Y/+EiyQT5i5QzWEenemBUtH9/2mPOtQOIyFjT/iPjDbCYq5jqSZP6431sYOQ1t/KVnweAxBwc6X3hpVIadBWKGPS0UjVAhKQJaHR1Y/lFTeR/xeYqV1x/j7qb8v9EbFjNuvX81meLhgfYPjaG3i17akw9nVyBkHODQw0eSkxw0QpgBfU75f42DeabpH4j34VfMPXSym638Y+MZnYL5uaMtHCztCuNCCMk8kmtbEzusxZETO+dwg==
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:02 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
447
content-length
2628
last-modified
Thu, 30 Sep 2021 13:26:49 GMT
server
MI
etag
W/"1e86-5cd3666223840"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
98203374 106503433
access-control-allow-origin
*
cache-control
max-age=562264
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript
access-control-allow-headers
*
parsely.3a4df1e4b1a47b99ad4d.js
www.newsobserver.com/static/yozons-lib/ 		1 KB
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/static/yozons-lib/parsely.3a4df1e4b1a47b99ad4d.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
850792a09c52850e671bc81e6899fcbd50593475d46afe5f38b362490c5767c2

Request headers

:path
/static/yozons-lib/parsely.3a4df1e4b1a47b99ad4d.js
pragma
no-cache
cookie
ak_bmsc=2AD058C9822BCD50BF88AF831D84E655~000000000000000000000000000000~YAAQPZoXAn69uhZ7AQAAzid3OQ1VvTiKgjEE3W0PZTaP2bfdbpmhZZd9bThZTZHMVOyMpAbEiOV3ZK0NNxZr72/2znigcgMT+UGXGBolO3tjlrOmwpuc9Tk68n6L2fRXX5wXLcb41N0I+suTvMOisBCiPEvtbDO+srO6o3qb3h7x7+Uby0Z8R29cxQUPtg6q9rc0IPaAC5ic5wzVdhhXsx8HjpApmD14gIuHxygYLfXfTdk/7q7ae+SwPM7S5M6Y/+EiyQT5i5QzWEenemBUtH9/2mPOtQOIyFjT/iPjDbCYq5jqSZP6431sYOQ1t/KVnweAxBwc6X3hpVIadBWKGPS0UjVAhKQJaHR1Y/lFTeR/xeYqV1x/j7qb8v9EbFjNuvX81meLhgfYPjaG3i17akw9nVyBkHODQw0eSkxw0QpgBfU75f42DeabpH4j34VfMPXSym638Y+MZnYL5uaMtHCztCuNCCMk8kmtbEzusxZETO+dwg==
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:02 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
446
content-length
549
last-modified
Thu, 30 Sep 2021 13:26:49 GMT
server
MI
etag
W/"456-5cd3666223840"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
106503434, 190520006 190259218
access-control-allow-origin
*
cache-control
max-age=562318
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript
access-control-allow-headers
*
quarantine.a4f607c6299893eb2c62.js
www.newsobserver.com/static/yozons-lib/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/static/yozons-lib/quarantine.a4f607c6299893eb2c62.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
d9dce58dcd36485ed3d934f1164eeb26e41d5e5de3ab5504f9dc2f7f73af320f

Request headers

:path
/static/yozons-lib/quarantine.a4f607c6299893eb2c62.js
pragma
no-cache
cookie
ak_bmsc=2AD058C9822BCD50BF88AF831D84E655~000000000000000000000000000000~YAAQPZoXAn69uhZ7AQAAzid3OQ1VvTiKgjEE3W0PZTaP2bfdbpmhZZd9bThZTZHMVOyMpAbEiOV3ZK0NNxZr72/2znigcgMT+UGXGBolO3tjlrOmwpuc9Tk68n6L2fRXX5wXLcb41N0I+suTvMOisBCiPEvtbDO+srO6o3qb3h7x7+Uby0Z8R29cxQUPtg6q9rc0IPaAC5ic5wzVdhhXsx8HjpApmD14gIuHxygYLfXfTdk/7q7ae+SwPM7S5M6Y/+EiyQT5i5QzWEenemBUtH9/2mPOtQOIyFjT/iPjDbCYq5jqSZP6431sYOQ1t/KVnweAxBwc6X3hpVIadBWKGPS0UjVAhKQJaHR1Y/lFTeR/xeYqV1x/j7qb8v9EbFjNuvX81meLhgfYPjaG3i17akw9nVyBkHODQw0eSkxw0QpgBfU75f42DeabpH4j34VfMPXSym638Y+MZnYL5uaMtHCztCuNCCMk8kmtbEzusxZETO+dwg==
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
446
content-length
6636
last-modified
Thu, 30 Sep 2021 13:26:49 GMT
server
MI
etag
W/"4c06-5cd3666223840"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
187579361, 107225356 101612858
access-control-allow-origin
*
cache-control
max-age=562315
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript
access-control-allow-headers
*
newsobserver.com.1035175.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsobserver.com.1035175.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.59f36f7b97eb5f90f838.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
709b4ea36a5700f7b2b311a34a7809250ac6201d8cd4a86a84311628aff5e2d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
br
cf-cache-status
HIT
age
977
last-modified
Wed, 08 Sep 2021 13:10:25 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
1DT3X0YT9SJ6YYB7
x-amz-id-2
51PZ+X+Av/6LqbHk/cpOFHqxTYfczUOGeLEOnwFu0Hs9Btiguc1xNLNag2gOSIOsu2EfEjGuhmA=
cf-bgj
minify
server
cloudflare
etag
W/"0153c6813e2741f431e29afd5b92692c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6971e97c9ae8c27c-FRA
expires
Fri, 01 Oct 2021 04:28:03 GMT
decision-engine
mcclatchy-newsobserver.cdn.zephr.com/zephr/ 		131 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcclatchy-newsobserver.cdn.zephr.com/zephr/decision-engine
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-81.dus51.r.cloudfront.net
Software
/
Resource Hash
2c8e9c17c51ac13646a59b8c82f28ddbc7567ae6c99a102904383d8fb3408c13

Request headers

Accept
application/json
Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-length
131
x-amz-cf-id
0mHUUXg48CpPiw30GbzA1mrHmcHCNiofmD6uK7uirbXS1v7HBgcrdQ==
x-blaize-request
77e111ba
ats.js
ats.rlcdn.com/ 		184 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.59f36f7b97eb5f90f838.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-113.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66292d1f2876ac355465cd5ca1562a9b1dc18c2cf0c498c7d5862ab0f22e5d6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
9bnkdZ.QZZ0I_dvcV.i.7nS6.mh1GXo3
content-encoding
br
etag
W/"e7cbbf596270d500e1b8c4407933c91a"
age
46092
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:47f2f39e-adb2-473d-bd2d-2589e73b0672
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
5afceba0404268d8179075673482977d
last-modified
Wed, 29 Sep 2021 12:20:21 GMT
server
AmazonS3
date
Thu, 30 Sep 2021 12:39:52 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
e62204c8b13649b2a430d3eb62cf86725da7d2d0db3079f168ca2d40c37e0c7b
via
1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
content-type
application/x-javascript
x-amz-cf-id
RvqjGwoePU89tf1OKO-TPLKLj0yt7bKMo4P5WvR7v5JvqKD9fPR0lw==
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		82 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:bc00:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
506f3f3858010805e574f60e3062695603947c2a7c8a11b257d967566ac5daef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
pmPlzlzqQ07yF.i0SKSC3aOIOrxg8OgY
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 15:16:07 GMT
server
AmazonS3
age
54514
etag
W/"db4d1e69c9e49098ca95fdfff935e300"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
cache-control
max-age=84600
date
Thu, 30 Sep 2021 10:19:30 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
MLNtixN6gz1QuixY5sKsl653X8e9FqfZp5XNk_TXoS3qcRzEtqb3DA==
article254651822.html.js
dyv1bugovvq1g.cloudfront.net/11/www.newsobserver.com/news/state/north-carolina/ 		501 B
542 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dyv1bugovvq1g.cloudfront.net/11/www.newsobserver.com/news/state/north-carolina/article254651822.html.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:e000:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa8fdeeb20b5bb10837273d2c016237e64efbfaa82fe6990683113fb51c96224

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 23:36:47 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"9d3bee61a310a2b4202b7e3ef51777e0"
x-cache
RefreshHit from cloudfront
content-type
application/json; charset=utf-8
via
1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
144
x-amz-cf-id
ctMZydwNm9cI0SDWG4ubRZdOjzSXNdojN7d5YfHq5gAqav03jXdqCw==
config.js
confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 		119 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.59f36f7b97eb5f90f838.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fb7737cef7a8c81648da3edd93b090fb1706c09b0e0b3e2926c88ff1014b0d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 01:28:04 GMT
Content-Encoding
gzip
Age
3590
X-Cache
HIT
Connection
keep-alive
Content-Length
27102
x-amz-id-2
iBIrcNM/mOA83rqdQyEZ6JLCAUVNX+RV5G0UyPpVTr3vMJsTKJYJXxEXTM30Ju8b/6Cub1bamJo=
X-Served-By
cache-fra19174-FRA
Last-Modified
Thu, 30 Sep 2021 22:32:21 GMT
Server
AmazonS3
X-Timer
S1633051684.306663,VS0,VE1
ETag
"9552065074c4b1f66557f0d8bde8ab9e"
x-amz-request-id
17R4BQ974XAGHFDW
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
1
sponsored.fe30a736f65491aa8413.js
www.newsobserver.com/static/yozons-lib/ 		1 KB
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/static/yozons-lib/sponsored.fe30a736f65491aa8413.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
d5c29b0eb934f0783eb1fca4abacf2187f5bcffb2af5cb91e9365c2fe19d8d75

Request headers

:path
/static/yozons-lib/sponsored.fe30a736f65491aa8413.js
pragma
no-cache
cookie
ak_bmsc=2AD058C9822BCD50BF88AF831D84E655~000000000000000000000000000000~YAAQPZoXAn69uhZ7AQAAzid3OQ1VvTiKgjEE3W0PZTaP2bfdbpmhZZd9bThZTZHMVOyMpAbEiOV3ZK0NNxZr72/2znigcgMT+UGXGBolO3tjlrOmwpuc9Tk68n6L2fRXX5wXLcb41N0I+suTvMOisBCiPEvtbDO+srO6o3qb3h7x7+Uby0Z8R29cxQUPtg6q9rc0IPaAC5ic5wzVdhhXsx8HjpApmD14gIuHxygYLfXfTdk/7q7ae+SwPM7S5M6Y/+EiyQT5i5QzWEenemBUtH9/2mPOtQOIyFjT/iPjDbCYq5jqSZP6431sYOQ1t/KVnweAxBwc6X3hpVIadBWKGPS0UjVAhKQJaHR1Y/lFTeR/xeYqV1x/j7qb8v9EbFjNuvX81meLhgfYPjaG3i17akw9nVyBkHODQw0eSkxw0QpgBfU75f42DeabpH4j34VfMPXSym638Y+MZnYL5uaMtHCztCuNCCMk8kmtbEzusxZETO+dwg==
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
446
content-length
457
last-modified
Thu, 30 Sep 2021 13:26:49 GMT
server
MI
etag
W/"407-5cd3666223840"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
108628401 106503437
access-control-allow-origin
*
cache-control
max-age=562342
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript
access-control-allow-headers
*
st.v3.js
www.everestjs.net/static/ 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.everestjs.net/static/st.v3.js
Requested by
Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/products/escenic.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.12.11 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-12-11.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a7b2e960f7628e2b6d292e1e5e51cedf3243dab1c9d7cafb9897ba05c8185ce4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
null
Last-Modified
Thu, 24 Jun 2021 13:55:47 GMT
Server
AmazonS3
x-amz-request-id
JFQD8VFNGTE8EVB6
ETag
"9a2486101572abfab95503fa8e906001"
Content-Type
text/javascript
Date
Fri, 01 Oct 2021 01:28:03 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93112
x-amz-id-2
VmUX5mGzRaMb4tKcpWcXT5HLkK0EsuVoQIiAs661l6qE+KUkvnRa3BroC0ewDqvk0ddKpwNv8fk=
001.JPG
www.newsobserver.com/latest-news/7xzw79/picture252878843/alternates/LANDSCAPE_1140/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsobserver.com/latest-news/7xzw79/picture252878843/alternates/LANDSCAPE_1140/001.JPG
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
96f39052443ccc11b0424e8915bb0e0a159adc8cfa753a252538d32299b445aa

Request headers

:path
/latest-news/7xzw79/picture252878843/alternates/LANDSCAPE_1140/001.JPG
pragma
no-cache
cookie
ak_bmsc=2AD058C9822BCD50BF88AF831D84E655~000000000000000000000000000000~YAAQPZoXAn69uhZ7AQAAzid3OQ1VvTiKgjEE3W0PZTaP2bfdbpmhZZd9bThZTZHMVOyMpAbEiOV3ZK0NNxZr72/2znigcgMT+UGXGBolO3tjlrOmwpuc9Tk68n6L2fRXX5wXLcb41N0I+suTvMOisBCiPEvtbDO+srO6o3qb3h7x7+Uby0Z8R29cxQUPtg6q9rc0IPaAC5ic5wzVdhhXsx8HjpApmD14gIuHxygYLfXfTdk/7q7ae+SwPM7S5M6Y/+EiyQT5i5QzWEenemBUtH9/2mPOtQOIyFjT/iPjDbCYq5jqSZP6431sYOQ1t/KVnweAxBwc6X3hpVIadBWKGPS0UjVAhKQJaHR1Y/lFTeR/xeYqV1x/j7qb8v9EbFjNuvX81meLhgfYPjaG3i17akw9nVyBkHODQw0eSkxw0QpgBfU75f42DeabpH4j34VfMPXSym638Y+MZnYL5uaMtHCztCuNCCMk8kmtbEzusxZETO+dwg==
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
3011
content-length
115227
last-modified
Mon, 19 Jul 2021 18:51:51 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
"e9ac9732815f5e90c7e19c735a9f095f"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
113127152, 195616335 192340272
access-control-allow-origin
*
cache-control
max-age=598952
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/jpeg
access-control-allow-headers
*
jail%20cell%20stock%20photo
www.sunherald.com/site-services/x666av/picture254657212/alternates/FREE_768/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sunherald.com/site-services/x666av/picture254657212/alternates/FREE_768/jail%20cell%20stock%20photo
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
935ded3593371c60969197855487396f39746d5e3cd71cf0aebf161a7e9b95f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
13004
content-length
105018
last-modified
Thu, 30 Sep 2021 21:01:24 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
"4b23128f3cc8252c8b8e5f6d592d926d"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
487589923, 482241313 488868793
access-control-allow-origin
*
cache-control
max-age=604783
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/jpeg
access-control-allow-headers
*
06bb0cfb-ad0b-47ea-90b5-f39685eb8f25
https://www.newsobserver.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.newsobserver.com/06bb0cfb-ad0b-47ea-90b5-f39685eb8f25
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
connatix.playspace.dc.js
cds.connatix.com/p/130993/ Frame 1C90
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/130993/connatix.playspace.dc.js
1 MB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/130993/connatix.playspace.dc.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
415c2848aa4a274a1e80af7986607cd96b1a43c198978a97a639e258f0b195b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
br
last-modified
Wed, 29 Sep 2021 08:45:12 GMT
age
135023
etag
"6829c49f4ccc11939e7105ce13c57063"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
239640

Redirect headers

location
https://cds.connatix.com/p/130993/connatix.playspace.dc.js
date
Fri, 01 Oct 2021 01:28:03 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
pdp.gif
www.newsobserver.com/static/yozons-lib/ 		42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsobserver.com/static/yozons-lib/pdp.gif?k=eyJpZCI6Im1pX2FzX25hb183MTEyOTM1MDZfMV80XzE2MzMwNTE2ODI4NjMiLCJkb21JbnRlcmFjdGl2ZSI6MzQxMywicmVxdWVzdFN0YXJ0IjoyNjB9
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path
/static/yozons-lib/pdp.gif?k=eyJpZCI6Im1pX2FzX25hb183MTEyOTM1MDZfMV80XzE2MzMwNTE2ODI4NjMiLCJkb21JbnRlcmFjdGl2ZSI6MzQxMywicmVxdWVzdFN0YXJ0IjoyNjB9
pragma
no-cache
cookie
ak_bmsc=2AD058C9822BCD50BF88AF831D84E655~000000000000000000000000000000~YAAQPZoXAn69uhZ7AQAAzid3OQ1VvTiKgjEE3W0PZTaP2bfdbpmhZZd9bThZTZHMVOyMpAbEiOV3ZK0NNxZr72/2znigcgMT+UGXGBolO3tjlrOmwpuc9Tk68n6L2fRXX5wXLcb41N0I+suTvMOisBCiPEvtbDO+srO6o3qb3h7x7+Uby0Z8R29cxQUPtg6q9rc0IPaAC5ic5wzVdhhXsx8HjpApmD14gIuHxygYLfXfTdk/7q7ae+SwPM7S5M6Y/+EiyQT5i5QzWEenemBUtH9/2mPOtQOIyFjT/iPjDbCYq5jqSZP6431sYOQ1t/KVnweAxBwc6X3hpVIadBWKGPS0UjVAhKQJaHR1Y/lFTeR/xeYqV1x/j7qb8v9EbFjNuvX81meLhgfYPjaG3i17akw9nVyBkHODQw0eSkxw0QpgBfU75f42DeabpH4j34VfMPXSym638Y+MZnYL5uaMtHCztCuNCCMk8kmtbEzusxZETO+dwg==
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
495345
content-length
42
last-modified
Thu, 23 Sep 2021 16:32:18 GMT
server
MI
etag
"2a-5ccac2c95a880"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
22858772, 204048411 82403307
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/gif
access-control-allow-headers
*
p.js
cdn.parsely.com/keys/newsobserver.com/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/newsobserver.com/p.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/parsely.3a4df1e4b1a47b99ad4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.147.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-147-71.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
d6ff18ffd87027f5dd27f34be6c640fe2d1914b2c97d12613f4cba12dcafeca9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 22:23:48 GMT
server
nginx
x-edge-origin-shield-skipped
0
etag
W/"60946c74-1070c"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
to1fRwWwD20lF5kOGOnViaqe4iaimtnw6ezhX0ClRRoVqApLF3v_3w==
expires
Sat, 02 Oct 2021 01:28:03 GMT
beacon.js
sb.scorecardresearch.com/ Frame F4C1 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-6.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 05:46:45 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
157277
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
AVo5v1Zjc7QNP3D_cucdf5MC3xab1rLE_2nD0duiPDGTTbhGuQA4cg==
pts
pubads.g.doubleclick.net/subopt/ Frame 64A7 		149 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/subopt/pts?products=newsobserver.com&type=general&u_tz=0&v=1&cdm=www.newsobserver.com&c=456773
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a74d852658985eb87374624c6402abf16819dd6004fb0a3f21dd5597d045a361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122
x-xss-protection
0
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.newsobserver.com
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Oct 2021 01:28:03 GMT
AGSKWxXAZrJRCvuYysT9c1RumEDbR5v3PFPRPP4qISzVM2SGrMWLHOoFS46a3aKEhVgJ8a8zdSI_hQzf81OBst2I
fundingchoicesmessages.google.com/f/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXAZrJRCvuYysT9c1RumEDbR5v3PFPRPP4qISzVM2SGrMWLHOoFS46a3aKEhVgJ8a8zdSI_hQzf81OBst2I
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/gfc.2bd5ae0ba499dff1b6a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9757cf510647d1fac7099cd18744fae6fb3326118daa87c8fbd02b8fe5370581
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z7qO+uZIZqokA8gfzzDT2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-z7qO+uZIZqokA8gfzzDT2g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-z7qO+uZIZqokA8gfzzDT2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-z7qO+uZIZqokA8gfzzDT2g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
dest5.html
mcclatchy.demdex.net/ Frame 533A 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Requested by
Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
mcclatchy.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newsobserver.com/
Accept-Encoding
gzip, deflate, br
Cookie
demdex=11322107618729184440097589551901740633
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Fri, 1 Oct 2021 01:28:03 GMT
DCS
dcs-prod-irl1-2-v018-00f2f395f.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 23 Sep 2021 12:09:26 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
Mtejw5/tRjc=
Content-Length
2791
Connection
keep-alive
id
mcclatchy.sc.omtrdc.net/ 		2 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcclatchy.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=11103360923469537550109329205661628910&ts=1633051683089
Requested by
Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-567564d5d5-9chgr
vary
Origin
x-c
main-1531.I2ae8be.M0-520
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YVZkIwAAAKuVGgQf
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=11322107618729184440097589551901740633
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVZkIwAAAKuVGgQf
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVZkIwAAAKuVGgQf
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-159-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v018-08210a8d7.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
TaVgGTHfQZM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVZkIwAAAKuVGgQf
Date
Fri, 01 Oct 2021 01:28:03 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
mboxedge37.tt.omtrdc.net/rest/v1/ 		2 KB
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mboxedge37.tt.omtrdc.net/rest/v1/delivery?client=mcclatchy&sessionId=675dfe8ec151491abd831db06ce84b2c&version=2.3.0
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/adobe.t2_3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.150.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-150-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1863cc30c8beff53ac1167e4a9b4f62387fb541dd1817e2240528bc6e23478a6

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsobserver.com
date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id
c463ffd2fd4b1cca09f80b7cc0e52f76
content-type
application/json;charset=UTF-8
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=5%20NC%20prisons%20renamed%20due%20to%20racist%2C%20white%20supremacy%20ties%20%7C%20Raleigh%20News%20%26%20Observer&sec=North%20Carolina&prem=metered&ptype=Story&auth=Laura%20Brache&artpubt=1633039200&tv=js-3.0.134&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=6&tvcfg=all&tid=de0e6981-6965-4e92-ac96-b203fe374377&pid=76a70068-a96a-45f8-b92d-ea5e5852f0c6&dtm=1633051683115&qnm=_matherq&visible=1&tabid=8354e697-144b-465b-92aa-bac5aa0beee7&url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&vp=1600x1200&ds=1600x5639&tofa=1633051683&vid=1&lvidt=1633051683&duid=654ec7fd07a34d4a&fp=560948675&cid=ma12095&mrk=74930332&cx=eyJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJOZXdzfFN0YXRlfHx8Il1dfSwicGVyZiI6eyJzdGFydCI6IjE2MzMwNTE2Nzk1MjYiLCJyZWRpckNudCI6IjAiLCJuYXZUeXBlIjoibGluayIsImhlYXBVIjoiMTUuMm1iIiwiaGVhcFQiOiIxNy4xbWIiLCJmc3RQYWludCI6IjMyMzkiLCJmZXRjaFMiOiIwIiwiZG9tYWluUyI6IjEiLCJkb21haW5FIjoiMjIyIiwiY29ublMiOiIyMjIiLCJjb25uRSI6IjI2MCIsInNzbFMiOiIyMjIiLCJyZXF1UyI6IjI2MCIsInJlc3BTIjoiMTIxMyIsInJlc3BFIjoiMTIyNCIsImRvbUxvYWQiOiIxMjE3IiwiZG9tSW50ZXIiOiIzNDEzIiwiZG9tTG9hZFMiOiIzNDUzIiwiZG9tTG9hZEUiOiIzNDY0In0sImtleXdvcmRzIjpbInByaXNvbnMiLCJub3J0aCBjYXJvbGluYSIsIkRQUyIsIndoaXRlIHN1cHJlbWFjeSIsInJlbmFtaW5nIGJ1aWxkaW5ncyJdfQ
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.31.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-31-176.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 01:28:03 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
lt.min.js
tags.crwdcntrl.net/lt/c/7447/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/7447/lt.min.js
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/netdale.59f36f7b97eb5f90f838.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-37.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ec930cc4c9a31087b58f4e8c9099b85198a14da06c95a5c87bc463f1d8fe3a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 30 Sep 2021 06:32:44 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 19:13:24 GMT
server
AmazonS3
age
68120
etag
W/"ea25a6519122baa79173b5ead1b9ef49"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/javascript
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
fGQU_vMoiUJiDedZsuQ_Y89F4wy5CgGb00RpzgYSp90ukjUip6kUEA==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.5.0/ 		325 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
AvbD4VHYe4H/QnyU6j8v5w==
age
6679876
vary
Accept-Encoding
content-length
69711
x-ms-lease-status
unlocked
last-modified
Thu, 27 Aug 2020 03:43:22 GMT
server
cloudflare
etag
0x8D84A3B58DE8819
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ab62d005-b01e-0066-32a2-796abc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6971e97b8bb22c3a-FRA
expires
Sat, 09 Oct 2021 01:28:03 GMT
en.json
cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/0e95dc32-54e6-46f1-96fa-56201f4a1ac5/ 		84 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/89ec5922-1183-4866-8824-09f66181e549/0e95dc32-54e6-46f1-96fa-56201f4a1ac5/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61ca98b7cf1605903efe0b6d46e33e2a30fad4df3a99b637134a92f78fd986c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
AAibTtKo+i5nOcHwmlqtnw==
age
4126
vary
Accept-Encoding
content-length
13247
x-ms-lease-status
unlocked
last-modified
Thu, 20 Aug 2020 16:00:20 GMT
server
cloudflare
etag
0x8D8452223A2FF4E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
407ca6f8-f01e-002e-3f15-b65821000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6971e97bd9e86973-FRA
otFlat.json
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 		12 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
NgHQTHCGWwGmNE0ie37G8A==
age
1550319
vary
Accept-Encoding
content-length
3248
x-ms-lease-status
unlocked
last-modified
Thu, 27 Aug 2020 03:43:16 GMT
server
cloudflare
etag
0x8D84A3B556B9C39
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
3037254b-e01e-009b-7249-a855de000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6971e97c0a2e6973-FRA
expires
Sat, 09 Oct 2021 01:28:03 GMT
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 		61 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ebGLXbyX4UjJx8DgFc7F7g==
age
14209288
vary
Accept-Encoding
content-length
14901
x-ms-lease-status
unlocked
last-modified
Thu, 27 Aug 2020 03:43:17 GMT
server
cloudflare
etag
0x8D84A3B55B1B344
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d61d33b1-001e-003b-2728-359ab8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6971e97c0a306973-FRA
expires
Sat, 09 Oct 2021 01:28:03 GMT
/
lasteventf-tm.everesttech.net/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lasteventf-tm.everesttech.net/?_les_imsOrgId=3B6E35F15A82BBB00A495D91@AdobeOrg&_les_sdid=123E8C51FB3790C2-7C164932FE8E3588&_les_last_search_click=&_les_rsid=mccltallmcclatchy&_les_mid=11103360923469537550109329205661628910&_les_url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html
Requested by
Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1633051683.494646,VS0,VE0
x-cache
MISS
content-type
text/plain
access-control-allow-origin
https://www.newsobserver.com
access-control-allow-credentials
true
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-fra19176-FRA
/
geo.privacymanager.io/ 		30 B
619 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-55.dus51.r.cloudfront.net
Software
/
Resource Hash
c0a2e157af72d5455d5b7ac1ea5d3c446d7e4ba3f0025dc060a11e8386e0160a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 10:55:09 GMT
via
1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront), 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
age
52374
x-amzn-requestid
a27aaaeb-5989-4dd3-b0ff-3f717749ef60
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-edge-origin-shield-skipped
0
x-amzn-trace-id
Root=1-6155978d-46d490a3357165f95aa6919d;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, DUS51-C1
x-amz-apigw-id
GeSeHEKpDoEFcVw=
content-length
30
x-amz-cf-id
Q6GX62l6uFTA2cFuP2GfC91LxGe9vOkGWgZDMZmua2XUqG0ckqRKeA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202109301403/ 		177 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202109301403/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef2ca549ad1fc660da14bcb2de820af06a59c78f26d9fdcac3c82c309681e27b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 01:28:04 GMT
Content-Encoding
gzip
Age
411
X-Cache
HIT
Connection
keep-alive
Content-Length
57853
x-amz-id-2
sChkEshMvhXl9urAKGZuKg9vlM6UyKokVhmg6Q95sssvOG/e+NtdUb2f3hSfkcTerqJ6HaxFdu0=
X-Served-By
cache-fra19174-FRA
Last-Modified
Thu, 30 Sep 2021 18:36:07 GMT
Server
AmazonS3
X-Timer
S1633051685.563539,VS0,VE0
ETag
"2b57f6e5f6f5cd631d2f31414cc2ffee"
x-amz-request-id
WZS5887KWP6DYEN4
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
38
newsobserver.com.1035175.es6.js
jsc.mgid.com/n/e/ 		232 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsobserver.com.1035175.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsobserver.com.1035175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fd5ff04867811e69b547747fd982a690bca09b7137933f4a01a595c3c93191a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
br
cf-cache-status
HIT
age
976
last-modified
Wed, 08 Sep 2021 13:10:25 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
1DTAASYZ3S6HKMBA
x-amz-id-2
m2umxWHJo6d5ci2V2gpnjhlaeyNUWtlZLziXVI6Xpj6U0+uxyIQPR7K2KlJ8WRwG7CzXT7tL3JM=
cf-bgj
minify
server
cloudflare
etag
W/"07d4a3324e478d12be9afbd0ab78d285"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6971e97ccaf8c27c-FRA
expires
Fri, 01 Oct 2021 04:28:03 GMT
anchor
www.google.com/recaptcha/api2/ Frame E786 		0
0
id
dpm.demdex.net/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_mid=11103360923469537550109329205661628910&d_coop_safe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=mcid%0111103360923469537550109329205661628910&ts=1633051683375
Requested by
Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/micb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-159-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
203dad0fd53878cbee9874f568968b0c1f97130016c01707cac5084cc7132c8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v018-00f2f395f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
U1mSTGRWSmc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.newsobserver.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1001
Expires
Thu, 01 Jan 1970 00:00:00 UTC
s89474996469138
mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/s89474996469138
Requested by
Host: media2.newsobserver.com
URL: https://media2.newsobserver.com/mistats/products/escenic_s_code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
5487ea0e25ba33c4b6f3cc2c6efccb099fed8660c2e092e19174e51f9fab4334
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-aam-tid
ri2238RtQeI=
date
Fri, 01 Oct 2021 01:28:03 GMT
x-content-type-options
nosniff
x-c
main-1531.I2ae8be.M0-520
p3p
CP="This is not a P3P policy"
content-length
2501
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-1-v018-058e9a459.edge-irl1.demdex.com UNKNOWN
pragma
no-cache
last-modified
Sat, 02 Oct 2021 01:28:03 GMT
server
jag
xserver
anedge-567564d5d5-r5s95
etag
3506951786549084160-4619934049247003827
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Thu, 30 Sep 2021 01:28:03 GMT
ibs:dpid=771&dpuuid=CAESEOUhQp-Mn5ToQgpBQfd9STU&google_cver=1
dpm.demdex.net/ Frame 533A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTEzMjIxMDc2MTg3MjkxODQ0NDAwOTc1ODk1NTE5MDE3NDA2MzM=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOUhQp-Mn5ToQgpBQfd9STU&google_cver=1?gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOUhQp-Mn5ToQgpBQfd9STU&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-159-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v018-0d91241d3.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
cQcsZ8TZScs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOUhQp-Mn5ToQgpBQfd9STU&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.newsobserver.com/_dynamic-cards/v1/subscription_cta/10925/ 		770 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/_dynamic-cards/v1/subscription_cta/10925/
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
a88c484817291f1d30ae3cb3e5581b4656fe74fec46360aa4feb0fcd1db2e713

Request headers

:path
/_dynamic-cards/v1/subscription_cta/10925/
pragma
no-cache
cookie
ak_bmsc=2AD058C9822BCD50BF88AF831D84E655~000000000000000000000000000000~YAAQPZoXAn69uhZ7AQAAzid3OQ1VvTiKgjEE3W0PZTaP2bfdbpmhZZd9bThZTZHMVOyMpAbEiOV3ZK0NNxZr72/2znigcgMT+UGXGBolO3tjlrOmwpuc9Tk68n6L2fRXX5wXLcb41N0I+suTvMOisBCiPEvtbDO+srO6o3qb3h7x7+Uby0Z8R29cxQUPtg6q9rc0IPaAC5ic5wzVdhhXsx8HjpApmD14gIuHxygYLfXfTdk/7q7ae+SwPM7S5M6Y/+EiyQT5i5QzWEenemBUtH9/2mPOtQOIyFjT/iPjDbCYq5jqSZP6431sYOQ1t/KVnweAxBwc6X3hpVIadBWKGPS0UjVAhKQJaHR1Y/lFTeR/xeYqV1x/j7qb8v9EbFjNuvX81meLhgfYPjaG3i17akw9nVyBkHODQw0eSkxw0QpgBfU75f42DeabpH4j34VfMPXSym638Y+MZnYL5uaMtHCztCuNCCMk8kmtbEzusxZETO+dwg==; mi_gps=2
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache
HIT
mi-cache-age
190
content-length
549
last-modified
Fri, 01 Oct 2021 01:24:52 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"302-2ROEZdpF7dZjGIBwUBmlyFSqk/I"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
77097922, 108551128 118030479
access-control-allow-origin
*
cache-control
max-age=180
access-control-allow-credentials
false
set-cookie
bm_sv=8F844A423236C37C34FAFF0C1E2C943D~klJ686A79Xrs1aBSbnUN4Xo8riACWk7g0uSY39PJIBljXEqF7l/iyJULCsiI/97c+GKhQdob7ehZZrBbFGenH3oUQgn/kH1cqbOJkHzRG3OUqDqSGGIP/XcJZKs3ujB7lu1ClvQ2ndYMjDweyuissC3h5PQFc5uqnGOoD+Pl9sc=; Domain=.newsobserver.com; Path=/; Max-Age=7200; HttpOnly
content-type
text/html;charset=utf-8
access-control-allow-headers
*
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/ 		378 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by
Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.236.169.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-236-169-116.compute-1.amazonaws.com
Software
/
Resource Hash
dc0798da592f1a9d033d36765c95b8e573944ccec24a7923d8051a6e06ade5b0

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 01 Oct 2021 01:28:03 GMT
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId
9c2b3a87-d46c-5eb8-b9d4-6357b20fb8d4
Content-Length
378
Content-Type
text/xml
collect
www.google-analytics.com/j/ 		4 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1078267170&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&dh=newsobserver.com&ul=en-us&de=UTF-8&dt=Story%3A254651822%7C5%20NC%20prison%20facilities%20with%20names%20tied%20to%20racism%2C%20white%20supremacy%20will%20soon%20be%20renamed&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YFDAAAABCAAAAC~&jid=776669590&gjid=1375445375&cid=1987566784.1633051683&tid=UA-48279682-1&_gid=657916239.1633051683&_r=1&_slc=1&cd1=NAO&cd2=News%20and%20Observer&cd3=Story&cd4=News%7CState%7C%7C%7C&cd5=Unregistered&cd6=North%20Carolina&cd8=Laura%20Brache&cd9=2021%2F09%2F30&cd10=2021%2F09%2F30%20H17&cg1=News%20and%20Observer&cg2=North%20Carolina&z=1873309812
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1078267170&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&dh=newsobserver.com&ul=en-us&de=UTF-8&dt=Story%3A254651822%7C5%20NC%20prison%20facilities%20with%20names%20tied%20to%20racism%2C%20white%20supremacy%20will%20soon%20be%20renamed&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YFDAAAABCAAAAC~&jid=1589734615&gjid=1177141455&cid=1987566784.1633051683&tid=UA-48280268-1&_gid=657916239.1633051683&_r=1&_slc=1&cd1=NAO&cd2=News%20and%20Observer&cd3=Story&cd4=News%7CState%7C%7C%7C&cd5=Unregistered&cd6=North%20Carolina&cd8=Laura%20Brache&cd9=2021%2F09%2F30&cd10=2021%2F09%2F30%20H17&cg1=News%20and%20Observer&cg2=North%20Carolina&z=419253430
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
jadserve.postrelease.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&ntv_0=8&ntv_1=4&ntv_2=0&ntv_3=6&ntv_4=6&ntv_5=9&ntv_6=,&ntv_7=7&ntv_8=7&ntv_9=5&ntv_10=5&ntv_11=6&ntv_12=3&ntv_13=,&ntv_14=8&ntv_15=4&ntv_16=4&ntv_17=3&ntv_18=5&ntv_19=2&ntv_utf8Encode=function(){return%20unescape(encodeURIComponent(this))}&ntv_utf8Decode=function(){try{return%20decodeURIComponent(escape(this))}catch(e){return%20this}}&ntv_mvi&us_privacy=1---
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
41f44dbf85a768814f785faceda808772550bd57f26af58f1da38039df02f7d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
1294
expires
Mon, 1 Jan 1990 12:00:00 GMT
check
connect.scroll.com/embed/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.scroll.com/embed/check
Requested by
Host: static.scroll.com
URL: https://static.scroll.com/js/scroll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.100.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.100.201.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; child-src blob:;frame-ancestors https: http:; object-src 'none'; img-src 'self' https://*.scroll.com https://logo-scroll.imgix.net https://u-scroll.imgix.net https://pub-scroll.imgix.net https://scroll-static.imgix.net https://scroll.imgix.net https://logo-scratch-scroll.imgix.net https://www.google-analytics.com https://www.googletagmanager.com https://*.stripe.com data: https://static.scroll.com https://assets.scroll.com https://scroll.com; connect-src 'self' https://api.stripe.com https://checkout.stripe.com https://sentry.io https://o74190.ingest.sentry.io https://www.google-analytics.com https://fonts.googleapis.com https://*.scroll.com https://static.scroll.com https://api.scroll.com/v1/; frame-src 'self' https://js.stripe.com https://hooks.stripe.com https://checkout.stripe.com https://accounts.google.com https://static.scroll.com https://assets.scroll.com https://scroll.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com/ https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; script-src 'self' 'unsafe-inline' https://js.stripe.com/v3/ https://checkout.stripe.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://browser.sentry-cdn.com https://static.scroll.com https://assets.scroll.com 'nonce-null' 'strict-dynamic';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
via
1.1 google
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.newsobserver.com
access-control-allow-credentials
true
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; child-src blob:;frame-ancestors https: http:; object-src 'none'; img-src 'self' https://*.scroll.com https://logo-scroll.imgix.net https://u-scroll.imgix.net https://pub-scroll.imgix.net https://scroll-static.imgix.net https://scroll.imgix.net https://logo-scratch-scroll.imgix.net https://www.google-analytics.com https://www.googletagmanager.com https://*.stripe.com data: https://static.scroll.com https://assets.scroll.com https://scroll.com; connect-src 'self' https://api.stripe.com https://checkout.stripe.com https://sentry.io https://o74190.ingest.sentry.io https://www.google-analytics.com https://fonts.googleapis.com https://*.scroll.com https://static.scroll.com https://api.scroll.com/v1/; frame-src 'self' https://js.stripe.com https://hooks.stripe.com https://checkout.stripe.com https://accounts.google.com https://static.scroll.com https://assets.scroll.com https://scroll.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com/ https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; script-src 'self' 'unsafe-inline' https://js.stripe.com/v3/ https://checkout.stripe.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://browser.sentry-cdn.com https://static.scroll.com https://assets.scroll.com 'nonce-null' 'strict-dynamic';
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 533A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVZaa0l3QUZuZGF1UWdBUg==&_test=YVZkIwAFndauQgAR
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVZaa0l3QUZuZGF1UWdBUg==&_test=YVZkIwAFndauQgAR
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1633051684.776334,VS0,VE0
x-served-by
cache-fra19176-FRA
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVZaa0l3QUZuZGF1UWdBUg==&_test=YVZkIwAFndauQgAR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
AGSKWxXrIk4B9YwDrerWXUAIQLNg-6wJ0VqQzL_VTzWNKqjInJ6MPXApVdmf19_yx_pqKQ2IFsh2HJg1mMq7cSqO
fundingchoicesmessages.google.com/el/ 		0
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXrIk4B9YwDrerWXUAIQLNg-6wJ0VqQzL_VTzWNKqjInJ6MPXApVdmf19_yx_pqKQ2IFsh2HJg1mMq7cSqO?pvid=28450BC5-699E-4ABC-8941-898122C6B346&anonid=F924FEA8-BDCA-4558-828C-02756AFFF0D5
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.DMTdhWCA66o.es5.O/d=1/rs=AJlcJMzBPnRwYD77Sn7yc6QeY2rcnJHIOw/m=loader_js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hhIB13jH9x+4XDAgLB6nNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-hhIB13jH9x+4XDAgLB6nNw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-hhIB13jH9x+4XDAgLB6nNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-hhIB13jH9x+4XDAgLB6nNw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXrIk4B9YwDrerWXUAIQLNg-6wJ0VqQzL_VTzWNKqjInJ6MPXApVdmf19_yx_pqKQ2IFsh2HJg1mMq7cSqO
fundingchoicesmessages.google.com/el/ 		0
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXrIk4B9YwDrerWXUAIQLNg-6wJ0VqQzL_VTzWNKqjInJ6MPXApVdmf19_yx_pqKQ2IFsh2HJg1mMq7cSqO?pvid=28450BC5-699E-4ABC-8941-898122C6B346&anonid=F924FEA8-BDCA-4558-828C-02756AFFF0D5
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.DMTdhWCA66o.es5.O/d=1/rs=AJlcJMzBPnRwYD77Sn7yc6QeY2rcnJHIOw/m=loader_js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ohfliTK9DUqSZgI6yELNPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-ohfliTK9DUqSZgI6yELNPQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-ohfliTK9DUqSZgI6yELNPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-ohfliTK9DUqSZgI6yELNPQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXrIk4B9YwDrerWXUAIQLNg-6wJ0VqQzL_VTzWNKqjInJ6MPXApVdmf19_yx_pqKQ2IFsh2HJg1mMq7cSqO
fundingchoicesmessages.google.com/el/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXrIk4B9YwDrerWXUAIQLNg-6wJ0VqQzL_VTzWNKqjInJ6MPXApVdmf19_yx_pqKQ2IFsh2HJg1mMq7cSqO?pvid=28450BC5-699E-4ABC-8941-898122C6B346&anonid=F924FEA8-BDCA-4558-828C-02756AFFF0D5
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.DMTdhWCA66o.es5.O/d=1/rs=AJlcJMzBPnRwYD77Sn7yc6QeY2rcnJHIOw/m=loader_js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SnkrzyUzLQh+g79ikDDApQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SnkrzyUzLQh+g79ikDDApQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-SnkrzyUzLQh+g79ikDDApQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SnkrzyUzLQh+g79ikDDApQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUsgrDB8K7jjdfv_4n2cnKucPk9Tz-2jguiilCNKXezOU1HlZFDe_ZSs5eOe8NnsMYYzzyZZVOVmOWb7xwd
fundingchoicesmessages.google.com/f/ 		82 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUsgrDB8K7jjdfv_4n2cnKucPk9Tz-2jguiilCNKXezOU1HlZFDe_ZSs5eOe8NnsMYYzzyZZVOVmOWb7xwd?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzMDUxNjgzLDUxNjAwMDAwMF0sIjI4NDUwQkM1LTY5OUUtNEFCQy04OTQxLTg5ODEyMkM2QjM0NiIsIkY5MjRGRUE4LUJEQ0EtNDU1OC04MjhDLTAyNzU2QUZGRjBENSIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5uZXdzb2JzZXJ2ZXIuY29tL25ld3Mvc3RhdGUvbm9ydGgtY2Fyb2xpbmEvYXJ0aWNsZTI1NDY1MTgyMi5odG1sIl0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.DMTdhWCA66o.es5.O/d=1/rs=AJlcJMzBPnRwYD77Sn7yc6QeY2rcnJHIOw/m=loader_js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b1e79f7fdca741cc7639c82c5e9b7ab22a1ed9fe3fceef0e5059195f55aa2e7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kYfCYCz/L9iPFO3oOmREDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-kYfCYCz/L9iPFO3oOmREDg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-kYfCYCz/L9iPFO3oOmREDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-kYfCYCz/L9iPFO3oOmREDg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-48279682-1&cid=1987566784.1633051683&jid=776669590&gjid=1375445375&_gid=657916239.1633051683&_u=YFDAAAAACAAAAC~&z=1244077419
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c01::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 01 Oct 2021 01:28:03 GMT
content-type
text/plain
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel_66e93909
www.newsobserver.com/akam/11/ 		0
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newsobserver.com/akam/11/pixel_66e93909
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/akam/11/66e93909
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode
cors
origin
https://www.newsobserver.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
ak_bmsc=2AD058C9822BCD50BF88AF831D84E655~000000000000000000000000000000~YAAQPZoXAn69uhZ7AQAAzid3OQ1VvTiKgjEE3W0PZTaP2bfdbpmhZZd9bThZTZHMVOyMpAbEiOV3ZK0NNxZr72/2znigcgMT+UGXGBolO3tjlrOmwpuc9Tk68n6L2fRXX5wXLcb41N0I+suTvMOisBCiPEvtbDO+srO6o3qb3h7x7+Uby0Z8R29cxQUPtg6q9rc0IPaAC5ic5wzVdhhXsx8HjpApmD14gIuHxygYLfXfTdk/7q7ae+SwPM7S5M6Y/+EiyQT5i5QzWEenemBUtH9/2mPOtQOIyFjT/iPjDbCYq5jqSZP6431sYOQ1t/KVnweAxBwc6X3hpVIadBWKGPS0UjVAhKQJaHR1Y/lFTeR/xeYqV1x/j7qb8v9EbFjNuvX81meLhgfYPjaG3i17akw9nVyBkHODQw0eSkxw0QpgBfU75f42DeabpH4j34VfMPXSym638Y+MZnYL5uaMtHCztCuNCCMk8kmtbEzusxZETO+dwg==; mi_gps=2
content-length
4719
:path
/akam/11/pixel_66e93909
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded
accept
*/*
cache-control
no-cache
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:03 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=0, no-cache
access-control-allow-credentials
false
set-cookie
ak_bmsc=2AD058C9822BCD50BF88AF831D84E655~000000000000000000000000000000~YAAQPZoXAoK9uhZ7AQAAEit3OQ2v2WArKSNGFzLD0nRphiJ0+sHeq8xPt2NGGyo8kFMw0vVtRAHCEkGLL4N1avUk78MOesQmYAk2dDS64kbYb9hWbfDs6i95ElbpgBUPH1Zf9Jg7SgojdZ4vGq7pvzUVikMb+bmeZ0RonRFQ1B/J/dtwQtmWZlFtUiwgte2QWTlwv+4yufigvMMyD6HxwNBX81WOLWvmYk8Yuj+PcqMc81L3fD7EIaXArG3Wu4vd2QH5WE5N1s6eZJP4NUh1F4LBVffXOy88eX8aGVAtmO2n6pWDKZIOlpaiN5BRqxDtS96kuphrSaooe4kUITKqCDDfh1AvHRiFZANUEbtTjZdnCQCjckqXUGpW9eFH4797PwaK/41+ioMOgP0rLIqsrNbxgTV/DgxIVVUos9ui4vk2UVwT3ipiRyxWflFhOX60WysRL0JMOEwC1my1ysHPaeCYzwxsDtX1LZ4tREyTkEhlp+OSCWelVTdag1WvRSef5Q==; Domain=.newsobserver.com; Path=/; Expires=Fri, 01 Oct 2021 03:28:02 GMT; Max-Age=7199; HttpOnly
access-control-allow-headers
*
content-length
0
expires
Fri, 01 Oct 2021 01:28:03 GMT
tap.php
pixel.rubiconproject.com/ Frame 533A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YVZkIwAAAKuVGgQf&expires=90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YVZkIwAAAKuVGgQf&expires=90
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1633051684.636963,VS0,VE0
x-served-by
cache-fra19176-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YVZkIwAAAKuVGgQf&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
6174901764001
edge.api.brightcove.com/playback/v1/accounts/5615998032001/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/5615998032001/videos/6174901764001
Protocol
H2
Server
151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
accept
Origin
https://www.newsobserver.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Varnish
retry-after
0
access-control-max-age
86400
accept-ranges
bytes
date
Fri, 01 Oct 2021 01:28:03 GMT
via
1.1 varnish
x-served-by
cache-fra19143-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1633051684.789408,VS0,VE0
bcov-debug-cache-stats
unknown
bcov-instance
unknown
x-amz-cf-id
unknown
access-control-allow-origin
*
access-control-expose-headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-allow-headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods
HEAD,GET,OPTIONS
cache-control
max-age=0, no-cache, no-store
content-length
0
6174901764001
edge.api.brightcove.com/playback/v1/accounts/5615998032001/videos/ 		8 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/5615998032001/videos/6174901764001
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-ebf6fae87170ecd55ce3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
595661dfd681a8dfc10851014c1544cbe75e53a26ebd37c96b5095c781cae28b

Request headers

Accept
application/json;pk=BCpkADawqM1MVxA1-tGklBA1NgWT2aHsSPiZwJG0-AxfCC2qnu5FzNLwaFnK6fcPpVIDFvUR579JZdn53dLOVZkwTrwUMR_sLD1-to4VanKcUlh2lb_iDBwJG1-okOPt6lLW6xxe6d5D2eAi
Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

bc-override-client-ip
136.243.198.80
date
Fri, 01 Oct 2021 01:28:03 GMT
powered-from
eu-central-1a
bcov-request-id
4cfa23f6-0767-4775-8246-eaeefa69f2d8
age
0
policy-key-accountid
5615998032001
x-cache
MISS
access-control-allow-origin
*
powered-by
BC
content-length
7819
x-served-by
cache-fra19143-FRA
bcov-instance
unknown
policy-key-raw
BCpkADawqM1MVxA1-tGklBA1NgWT2aHsSPiZwJG0-AxfCC2qnu5FzNLwaFnK6fcPpVIDFvUR579JZdn53dLOVZkwTrwUMR_sLD1-to4VanKcUlh2lb_iDBwJG1-okOPt6lLW6xxe6d5D2eAi
x-timer
S1633051684.797577,VS0,VE111
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
application/json; charset=UTF-8
via
1.1 varnish
access-control-expose-headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control
max-age=0, no-cache, no-store
account-status
APPROVED
bcov-debug-cache-stats
unknown
accept-ranges
bytes
access-control-allow-headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-amz-cf-id
unknown
x-cache-hits
0
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-48279682-1&cid=1987566784.1633051683&jid=776669590&_u=YFDAAAAACAAAAC~&z=2131349705
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-48279682-1&cid=1987566784.1633051683&jid=776669590&_u=YFDAAAAACAAAAC~&z=2131349705
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/ Frame F4C1
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1633051683627&ns_c=UTF-8&ns_if=1&cv=3.5&c8=5%20NC%20prisons%20renamed%20due%20to%20racist%2C%20white%20supremacy%20ties%20%7C%20Raleigh%20Ne...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1633051683627&ns_c=UTF-8&ns_if=1&cv=3.5&c8=5%20NC%20prisons%20renamed%20due%20to%20racist%2C%20white%20supremacy%20ties%20%7C%20Raleigh%20N...
64 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1633051683627&ns_c=UTF-8&ns_if=1&cv=3.5&c8=5%20NC%20prisons%20renamed%20due%20to%20racist%2C%20white%20supremacy%20ties%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&c9=
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-6.dus51.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
l3BfbVOl6HqoCQVhAdVf1CrllGZPGb9pImlbNGugEeEIE8WGCp4Gvw==

Redirect headers

date
Fri, 01 Oct 2021 01:28:03 GMT
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1633051683627&ns_c=UTF-8&ns_if=1&cv=3.5&c8=5%20NC%20prisons%20renamed%20due%20to%20racist%2C%20white%20supremacy%20ties%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&c9=
content-length
337
x-amz-cf-id
974YDqWM-V0ghPuAjXmOBk-ZE0u9IF1SB21IrpkGypn5ACOj6ISh1A==
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1633051683652&plid=51945156&idsite=newsobserver.com&url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22subscriber%22%3Afalse%7D&sid=1&surl=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&sref=&sts=1633051683650&slts=0&title=5+NC+prisons+renamed+due+to+racist%2C+white+supremacy+ties+%7C+Raleigh+News+%26+Observer&date=Fri+Oct+01+2021+01%3A28%3A03+GMT%2B0000+(GMT)&action=pageview&pvid=92798713&u=pid%3D7ac903b94790b7b697bc87cdfb5c6709
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 01:28:04 GMT
Cache-Control
no-cache
Last-Modified
Friday, 01-Oct-2021 01:28:04 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
collect
depart.trinitymedia.ai/api/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://depart.trinitymedia.ai/api/collect?t=audio
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210930_af2cf4e105a0153246615c7a9bfc4e9908273ae2/trinity-injector-script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.99.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-99-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Oct 2021 01:28:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
css2
fonts.googleapis.com/ Frame 0294 		5 KB
806 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210930_af2cf4e105a0153246615c7a9bfc4e9908273ae2/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bbe8bd333c75c3e97aac49b24c1aa31372d35a7a05e91dc623875773d89db069
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 00:01:00 GMT
server
ESF
date
Fri, 01 Oct 2021 01:28:03 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 01 Oct 2021 01:28:03 GMT
audio.php
trinitymedia.ai/player/ Frame A874 		23 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trinitymedia.ai/player/audio.php?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&sCampaignID=2900000552&FAB=false&backgroundColor=rgb%28255%2C+255%2C+255%29&playerId=e397f742d5b66155ee92b6dad7058353&isLegacyBrowser=false&version=20210930_af2cf4e105a0153246615c7a9bfc4e9908273ae2&useCFCDN=0&ts=1633051682830&tsServer=1633051681233&FABOnly=0&unitId=2900000552&cf=&themeId=188&themeData=eyJmb250cyI6W3sibGluayI6Imh0dHBzOi8vZm9udHMuZ29vZ2xlYXBpcy5jb20vY3NzMj9mYW1pbHk9Tm90bytTYW5zOndnaHRANDAwOzcwMCZkaXNwbGF5PXN3YXAifV0sImNvbG9yTWFpbiI6IiMzMzMzIiwibG9hZGluZ0ljb24iOnsiY29sb3IiOiIjMmQ0MWE1In0sImxvYWRpbmdUaXRsZSI6eyJDU1MiOnsiZm9udEZhbWlseSI6Ik5vdG8gU2FucyIsImNvbG9yIjoiIzIyMjIyMiJ9fSwicGxheWVyVGl0bGUiOnsiQ1NTIjp7ImZvbnRGYW1pbHkiOiJOb3RvIFNhbnMiLCJjb2xvciI6IiMyMjIyMjIiLCJtYXhIZWlnaHQiOiIxNnB0IiwibWFyZ2luQm90dG9tIjoiM3B4In19LCJwbGF5ZXJDbG9jayI6eyJDU1MiOnsiZm9udEZhbWlseSI6Ik5vdG8gU2FucyIsImNvbG9yIjoiIzcwNzA3MCJ9fSwibWFpbkJ1dHRvbiI6eyJpZCI6Im1jY2xhdGNoeSJ9LCJwcm9ncmVzc2JhciI6eyJjb2xvciI6IiMyMjIyMjIifSwicG93ZXJlZEJ5Ijp7IkNTUyI6eyJmb250RmFtaWx5IjoiTm90byBTYW5zIn19LCJpMThuIjp7ImVuIjp7ImluaXRpYWxUaXRsZSI6Ik9ubHkgaGF2ZSBhIG1pbnV0ZT8gTGlzdGVuIGluc3RlYWQifX0sInRyaW5pdHlIb21lIjp7IkNTUyI6eyJmb250RmFtaWx5IjoiTm90byBTYW5zIiwiY29sb3IiOiIjMzE0MDlGIn19LCJsYXlvdXQiOiJvcGVuLW1vZGUifQ%3D%3D
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.194.242.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-242-201.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9df3761e8c6f873bd6e2cf1ef4f11064d7bc38642d42732f08c8a1ad4d79ec0b

Request headers

:method
POST
:authority
trinitymedia.ai
:scheme
https
:path
/player/audio.php?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&sCampaignID=2900000552&FAB=false&backgroundColor=rgb%28255%2C+255%2C+255%29&playerId=e397f742d5b66155ee92b6dad7058353&isLegacyBrowser=false&version=20210930_af2cf4e105a0153246615c7a9bfc4e9908273ae2&useCFCDN=0&ts=1633051682830&tsServer=1633051681233&FABOnly=0&unitId=2900000552&cf=&themeId=188&themeData=eyJmb250cyI6W3sibGluayI6Imh0dHBzOi8vZm9udHMuZ29vZ2xlYXBpcy5jb20vY3NzMj9mYW1pbHk9Tm90bytTYW5zOndnaHRANDAwOzcwMCZkaXNwbGF5PXN3YXAifV0sImNvbG9yTWFpbiI6IiMzMzMzIiwibG9hZGluZ0ljb24iOnsiY29sb3IiOiIjMmQ0MWE1In0sImxvYWRpbmdUaXRsZSI6eyJDU1MiOnsiZm9udEZhbWlseSI6Ik5vdG8gU2FucyIsImNvbG9yIjoiIzIyMjIyMiJ9fSwicGxheWVyVGl0bGUiOnsiQ1NTIjp7ImZvbnRGYW1pbHkiOiJOb3RvIFNhbnMiLCJjb2xvciI6IiMyMjIyMjIiLCJtYXhIZWlnaHQiOiIxNnB0IiwibWFyZ2luQm90dG9tIjoiM3B4In19LCJwbGF5ZXJDbG9jayI6eyJDU1MiOnsiZm9udEZhbWlseSI6Ik5vdG8gU2FucyIsImNvbG9yIjoiIzcwNzA3MCJ9fSwibWFpbkJ1dHRvbiI6eyJpZCI6Im1jY2xhdGNoeSJ9LCJwcm9ncmVzc2JhciI6eyJjb2xvciI6IiMyMjIyMjIifSwicG93ZXJlZEJ5Ijp7IkNTUyI6eyJmb250RmFtaWx5IjoiTm90byBTYW5zIn19LCJpMThuIjp7ImVuIjp7ImluaXRpYWxUaXRsZSI6Ik9ubHkgaGF2ZSBhIG1pbnV0ZT8gTGlzdGVuIGluc3RlYWQifX0sInRyaW5pdHlIb21lIjp7IkNTUyI6eyJmb250RmFtaWx5IjoiTm90byBTYW5zIiwiY29sb3IiOiIjMzE0MDlGIn19LCJsYXlvdXQiOiJvcGVuLW1vZGUifQ%3D%3D
content-length
5292
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.newsobserver.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newsobserver.com/
accept-encoding
gzip, deflate, br
cookie
AWSALBCORS=R3KoA4zdcEZ1fdyqjU0fGzPOqqcTQGVC+9B7kVxQDtxvmiTNoKe+vEHQ8W5q7CXk5iTvrxOyd5EJheD2fJaINEnOWBOiOvy3vuCfZMOwg/Hu2f4FBN4fMEK9kJhw
Upgrade-Insecure-Requests
1
Origin
https://www.newsobserver.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-type
text/html; charset=UTF-8
content-length
10227
set-cookie
AWSALB=ilTMMe0m3kb6/tPXOB0H7NEQ1nIQ/MRwgGnkStxXGElH595h3CQPy8xtwZFpfVvKl6IAcd6nDgerNzDJouxWDHMnyQ/5b/WALBIl3if8NcX1rPZQ2iHRFwbYZv01; Expires=Fri, 08 Oct 2021 01:28:03 GMT; Path=/ AWSALBCORS=ilTMMe0m3kb6/tPXOB0H7NEQ1nIQ/MRwgGnkStxXGElH595h3CQPy8xtwZFpfVvKl6IAcd6nDgerNzDJouxWDHMnyQ/5b/WALBIl3if8NcX1rPZQ2iHRFwbYZv01; Expires=Fri, 08 Oct 2021 01:28:03 GMT; Path=/; SameSite=None; Secure AUID=a4d22e81-c6b2-438c-9536-908f99c50272; expires=Sat, 01-Oct-2022 01:28:03 GMT; Max-Age=31536000; path=/; domain=trinitymedia.ai; secure; SameSite=None
server
Apache
vary
Accept-Encoding
content-encoding
gzip
access-control-allow-origin
*
rum
dsum-sec.casalemedia.com/ Frame 533A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YVZkIwAAAKuVGgQf
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YVZkIwAAAKuVGgQf&C=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YVZkIwAAAKuVGgQf&C=1
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 01:28:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 01:28:03 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 01:28:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YVZkIwAAAKuVGgQf&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Fri, 01 Oct 2021 01:28:03 GMT
connatix.playspace.css
cds.connatix.com/p/130993/ 		96 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/130993/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f51d2d4e9741eeb36c2de4bcb9ed4ce04513e0102ee78275d95d1dba67c932b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
br
last-modified
Wed, 29 Sep 2021 08:45:12 GMT
age
135023
etag
"61f7a01b349617b43215a5ff2b2fc0e6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
13341
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v21/ Frame 0294 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v21/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsobserver.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 17:44:02 GMT
x-content-type-options
nosniff
age
200641
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16180
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:43:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Sep 2022 17:44:02 GMT
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 00:10:36 GMT
server
ESF
date
Fri, 01 Oct 2021 01:28:03 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 01 Oct 2021 01:28:03 GMT
css
fonts.googleapis.com/ 		3 KB
696 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 01:13:32 GMT
server
ESF
date
Fri, 01 Oct 2021 01:28:03 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 01 Oct 2021 01:28:03 GMT
story
capi.connatix.com/core/ Frame 1C90 		128 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=130993
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.186.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-186-246.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
9bf2ce0b1bfd7442abed134d5741cb9babbacd0d1fa3c73e040fa1e91e61e279

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Fri, 01 Oct 2021 01:28:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.newsobserver.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
155
pdp.gif
www.newsobserver.com/static/yozons-lib/ 		42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsobserver.com/static/yozons-lib/pdp.gif?z=eyJpZCI6Im1pX2FzX25hb183MTEyOTM1MDZfMV80XzE2MzMwNTE2ODI4NjMiLCJ6b25lIjoxMDIsImNvbnRlbnQiOiJzdWJzY3JpcHRpb25fY3RhIiwic3RhdHVzIjoiTGFkb24gdGVtcGxhdGUgXCJzdWJzY3JpcHRpb25fY3RhXCIgbG9hZGVkIn0=
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.2.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-2-176.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path
/static/yozons-lib/pdp.gif?z=eyJpZCI6Im1pX2FzX25hb183MTEyOTM1MDZfMV80XzE2MzMwNTE2ODI4NjMiLCJ6b25lIjoxMDIsImNvbnRlbnQiOiJzdWJzY3JpcHRpb25fY3RhIiwic3RhdHVzIjoiTGFkb24gdGVtcGxhdGUgXCJzdWJzY3JpcHRpb25fY3RhXCIgbG9hZGVkIn0=
pragma
no-cache
cookie
mi_gps=2; ak_bmsc=2AD058C9822BCD50BF88AF831D84E655~000000000000000000000000000000~YAAQPZoXAoK9uhZ7AQAAEit3OQ2v2WArKSNGFzLD0nRphiJ0+sHeq8xPt2NGGyo8kFMw0vVtRAHCEkGLL4N1avUk78MOesQmYAk2dDS64kbYb9hWbfDs6i95ElbpgBUPH1Zf9Jg7SgojdZ4vGq7pvzUVikMb+bmeZ0RonRFQ1B/J/dtwQtmWZlFtUiwgte2QWTlwv+4yufigvMMyD6HxwNBX81WOLWvmYk8Yuj+PcqMc81L3fD7EIaXArG3Wu4vd2QH5WE5N1s6eZJP4NUh1F4LBVffXOy88eX8aGVAtmO2n6pWDKZIOlpaiN5BRqxDtS96kuphrSaooe4kUITKqCDDfh1AvHRiFZANUEbtTjZdnCQCjckqXUGpW9eFH4797PwaK/41+ioMOgP0rLIqsrNbxgTV/DgxIVVUos9ui4vk2UVwT3ipiRyxWflFhOX60WysRL0JMOEwC1my1ysHPaeCYzwxsDtX1LZ4tREyTkEhlp+OSCWelVTdag1WvRSef5Q==; bm_sv=8F844A423236C37C34FAFF0C1E2C943D~klJ686A79Xrs1aBSbnUN4Xo8riACWk7g0uSY39PJIBljXEqF7l/iyJULCsiI/97c+GKhQdob7ehZZrBbFGenH3oUQgn/kH1cqbOJkHzRG3OUqDqSGGIP/XcJZKs3ujB7lu1ClvQ2ndYMjDweyuissC3h5PQFc5uqnGOoD+Pl9sc=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.newsobserver.com
referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/news/state/north-carolina/article254651822.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
495345
content-length
42
last-modified
Thu, 23 Sep 2021 16:32:18 GMT
server
MI
etag
"2a-5ccac2c95a880"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
22858772, 194869511 82403307
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/gif
access-control-allow-headers
*
bounce
ib.adnxs.com/ Frame 533A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YVZkIwAFndauQgAR
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYVZkIwAFndauQgAR
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYVZkIwAFndauQgAR
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 01:28:04 GMT
X-Proxy-Origin
136.243.198.80; 136.243.198.80; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
cf9fbc38-396a-4c3a-90bc-be871071b0ed
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 01:28:04 GMT
X-Proxy-Origin
136.243.198.80; 136.243.198.80; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b6f4e5e2-b690-4a5b-8a18-e11e1b3f447b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYVZkIwAFndauQgAR
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.mgid.com/pv/ 		0
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1633051683835576003434&uniqId=12d12&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&lu=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&sessionId=61566424-0b264&pageView=1&pvid=17c39772bfb891162f5&site=631443&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsobserver.com.1035175.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6971e9801c3cc27c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
mcclatchy-ca0c61a40caecbbc0b016482426e8077.js
vd.trinitymedia.ai/trinity-player/buttons/ Frame A874 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vd.trinitymedia.ai/trinity-player/buttons/mcclatchy-ca0c61a40caecbbc0b016482426e8077.js
Requested by
Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/audio.php?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&sCampaignID=2900000552&FAB=false&backgroundColor=rgb%28255%2C+255%2C+255%29&playerId=e397f742d5b66155ee92b6dad7058353&isLegacyBrowser=false&version=20210930_af2cf4e105a0153246615c7a9bfc4e9908273ae2&useCFCDN=0&ts=1633051682830&tsServer=1633051681233&FABOnly=0&unitId=2900000552&cf=&themeId=188&themeData=eyJmb250cyI6W3sibGluayI6Imh0dHBzOi8vZm9udHMuZ29vZ2xlYXBpcy5jb20vY3NzMj9mYW1pbHk9Tm90bytTYW5zOndnaHRANDAwOzcwMCZkaXNwbGF5PXN3YXAifV0sImNvbG9yTWFpbiI6IiMzMzMzIiwibG9hZGluZ0ljb24iOnsiY29sb3IiOiIjMmQ0MWE1In0sImxvYWRpbmdUaXRsZSI6eyJDU1MiOnsiZm9udEZhbWlseSI6Ik5vdG8gU2FucyIsImNvbG9yIjoiIzIyMjIyMiJ9fSwicGxheWVyVGl0bGUiOnsiQ1NTIjp7ImZvbnRGYW1pbHkiOiJOb3RvIFNhbnMiLCJjb2xvciI6IiMyMjIyMjIiLCJtYXhIZWlnaHQiOiIxNnB0IiwibWFyZ2luQm90dG9tIjoiM3B4In19LCJwbGF5ZXJDbG9jayI6eyJDU1MiOnsiZm9udEZhbWlseSI6Ik5vdG8gU2FucyIsImNvbG9yIjoiIzcwNzA3MCJ9fSwibWFpbkJ1dHRvbiI6eyJpZCI6Im1jY2xhdGNoeSJ9LCJwcm9ncmVzc2JhciI6eyJjb2xvciI6IiMyMjIyMjIifSwicG93ZXJlZEJ5Ijp7IkNTUyI6eyJmb250RmFtaWx5IjoiTm90byBTYW5zIn19LCJpMThuIjp7ImVuIjp7ImluaXRpYWxUaXRsZSI6Ik9ubHkgaGF2ZSBhIG1pbnV0ZT8gTGlzdGVuIGluc3RlYWQifX0sInRyaW5pdHlIb21lIjp7IkNTUyI6eyJmb250RmFtaWx5IjoiTm90byBTYW5zIiwiY29sb3IiOiIjMzE0MDlGIn19LCJsYXlvdXQiOiJvcGVuLW1vZGUifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
AmazonS3 /
Resource Hash
a0af14eba792300236e213a2292fffe2d859688edfcef3cd121619f1f94b3d3b

Request headers

Referer
https://trinitymedia.ai/
Origin
https://trinitymedia.ai
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 10:54:15 GMT
server
AmazonS3
x-amz-request-id
E0FNQVYT1ZM9NY3Q
etag
"4766c71a30b9274010c638f565c2d8e9"
x-hw
1633051683.dop242.fr8.t,1633051683.cds227.fr8.hn,1633051683.cds163.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=42193
accept-ranges
bytes
content-length
1132
x-amz-id-2
fEOBIg1nxcCC73g0spTqGZ1wd4/6o4/stUAux1W3GhvvuFFK7cJv5yX2jSVfDbpqAL8JsMyYI9Q=
trinity-player.js
vd.trinitymedia.ai/trinity-player/tts-player/20210930_af2cf4e105a0153246615c7a9bfc4e9908273ae2/ Frame A874 		1 MB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vd.trinitymedia.ai/trinity-player/tts-player/20210930_af2cf4e105a0153246615c7a9bfc4e9908273ae2/trinity-player.js
Requested by
Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/audio.php?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&sCampaignID=2900000552&FAB=false&backgroundColor=rgb%28255%2C+255%2C+255%29&playerId=e397f742d5b66155ee92b6dad7058353&isLegacyBrowser=false&version=20210930_af2cf4e105a0153246615c7a9bfc4e9908273ae2&useCFCDN=0&ts=1633051682830&tsServer=1633051681233&FABOnly=0&unitId=2900000552&cf=&themeId=188&themeData=eyJmb250cyI6W3sibGluayI6Imh0dHBzOi8vZm9udHMuZ29vZ2xlYXBpcy5jb20vY3NzMj9mYW1pbHk9Tm90bytTYW5zOndnaHRANDAwOzcwMCZkaXNwbGF5PXN3YXAifV0sImNvbG9yTWFpbiI6IiMzMzMzIiwibG9hZGluZ0ljb24iOnsiY29sb3IiOiIjMmQ0MWE1In0sImxvYWRpbmdUaXRsZSI6eyJDU1MiOnsiZm9udEZhbWlseSI6Ik5vdG8gU2FucyIsImNvbG9yIjoiIzIyMjIyMiJ9fSwicGxheWVyVGl0bGUiOnsiQ1NTIjp7ImZvbnRGYW1pbHkiOiJOb3RvIFNhbnMiLCJjb2xvciI6IiMyMjIyMjIiLCJtYXhIZWlnaHQiOiIxNnB0IiwibWFyZ2luQm90dG9tIjoiM3B4In19LCJwbGF5ZXJDbG9jayI6eyJDU1MiOnsiZm9udEZhbWlseSI6Ik5vdG8gU2FucyIsImNvbG9yIjoiIzcwNzA3MCJ9fSwibWFpbkJ1dHRvbiI6eyJpZCI6Im1jY2xhdGNoeSJ9LCJwcm9ncmVzc2JhciI6eyJjb2xvciI6IiMyMjIyMjIifSwicG93ZXJlZEJ5Ijp7IkNTUyI6eyJmb250RmFtaWx5IjoiTm90byBTYW5zIn19LCJpMThuIjp7ImVuIjp7ImluaXRpYWxUaXRsZSI6Ik9ubHkgaGF2ZSBhIG1pbnV0ZT8gTGlzdGVuIGluc3RlYWQifX0sInRyaW5pdHlIb21lIjp7IkNTUyI6eyJmb250RmFtaWx5IjoiTm90byBTYW5zIiwiY29sb3IiOiIjMzE0MDlGIn19LCJsYXlvdXQiOiJvcGVuLW1vZGUifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
AmazonS3 /
Resource Hash
55a7c254c0e292b58ede13954f3fd05bf8b605173053e0e42aad9f3b6a79a79a

Request headers

Referer
https://trinitymedia.ai/
Origin
https://trinitymedia.ai
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 14:04:44 GMT
server
AmazonS3
x-amz-request-id
9M19V2VM0PWXV30G
etag
"cd1fb4f83a56454fc511481d36ad0b22"
x-hw
1633051683.dop242.fr8.t,1633051683.cds227.fr8.hn,1633051683.cds287.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
171042
x-amz-id-2
SIDEHJ6pn0D6wTQJ5FJanFfXpZjowYrWup9HXEgZPML8r3f/ebVJ3Pg79JLGUbnc5xxfer9I2Wg=
sd
us-u.openx.net/w/1.0/ Frame 533A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YVZkIwAFndauQgAR
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YVZkIwAFndauQgAR
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YVZkIwAFndauQgAR
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YVZkIwAFndauQgAR
date
Fri, 01 Oct 2021 01:28:04 GMT
via
1.1 google
server
OXGW/16.216.4
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
video_info
context.iris.tv/ 		208 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=5615998032001&platform_id=6174901764001
Requested by
Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-114.dus51.r.cloudfront.net
Software
Zer01ne /
Resource Hash
7cc463ef6e6d6f235c89639e6b7a9ec8f3d32fb6d869af2df99aa435de6af5e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:18:44 GMT
via
1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
server
Zer01ne
age
560
x-edge-origin-shield-skipped
0
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-robots-tag
noindex, follow
x-amz-cf-id
62NNr2OfpNa3vWsr4vlFpg19XyDhzv1OpzrdwqCFBITuu4nxB9u0fA==
Pug
image2.pubmatic.com/AdServer/ Frame 533A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVZkIwAFndauQgAR
1 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVZkIwAFndauQgAR
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:389
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1633051684.030474,VS0,VE0
x-served-by
cache-fra19176-FRA
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVZkIwAFndauQgAR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
1
servicer.mgid.com/1035175/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1035175/1?pv=5&cbuster=1633051684113676615858&uniqId=12d12&niet=4g&nisd=false&jsv=es6&w=0&h=-1&wrongImageSize=1&cols=2&uspString=1---&ref=&cxurl=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&lu=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&sessionId=61566424-0b264&pageView=1&pvid=17c39772bfb891162f5&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsobserver.com.1035175.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d33c0087f64d4045de9a5a0b506b95fad31d482b5f3dc7508c049428684b9916

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6971e9824d34c27c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
partner
sync.search.spotxchange.com/ Frame 533A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YVZkIwAFndauQgAR&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YVZkIwAFndauQgAR&img=1&__user_check__=1&sync_id=d305034d-2256-11ec-90c4-10ffbde80406
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YVZkIwAFndauQgAR&img=1&__user_check__=1&sync_id=d305034d-2256-11ec-90c4-10ffbde80406
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 01:28:04 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
47
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 01 Oct 2021 01:28:04 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YVZkIwAFndauQgAR&img=1&__user_check__=1&sync_id=d305034d-2256-11ec-90c4-10ffbde80406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
12
Connection
keep-alive
Content-Length
0
master.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998032001/ff23079e-198b-4e4f-b41a-48f324e15552/10s/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998032001/ff23079e-198b-4e4f-b41a-48f324e15552/10s/master.m3u8?fastly_token=NjE3YjUyMTVfZWEzZjU0NGNjZGYxYjgzOTFjYjA1OTk4ODY5ZTE2MDA4MzM5ZDg4MWIwM2ZhYzQ5ZmMyYjgzMDNjNzdjMGM0Mg%3D%3D
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-ebf6fae87170ecd55ce3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
048edc8dbabf834a49e6e87a2b680c84424d709b55318d1a7b45577a50a7d920

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
x-bolt-device-group
desktop-chrome
content-length
6586
x-served-by
cache-fra19143-FRA
x-device-group
desktop-chrome
x-timer
S1633051684.256832,VS0,VE55
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
4ae69393-88b3-48d5-ba8e-1e659122dc23
https://www.newsobserver.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.newsobserver.com/4ae69393-88b3-48d5-ba8e-1e659122dc23
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
5415
Content-Type
application/javascript
IrisUpNext.css
ovp.iris.tv/libs/adaptive/styles/v2/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/libs/adaptive/styles/v2/IrisUpNext.css
Requested by
Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3a00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04a74928965ed27c791351d7e70bc0bb40194158a56fd949b19c66f28d4835c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 11 Jul 2021 07:00:27 GMT
via
1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
last-modified
Thu, 10 Dec 2020 21:39:59 GMT
server
AmazonS3
age
7064858
etag
"840c928a4f9a6d6ee5ca76af8031b7ea"
x-cache
Hit from cloudfront
x-amz-version-id
8bGmSv38jufOtvTVvpCK84CQNHI2iGn8
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
text/css
content-length
14368
x-amz-cf-id
n3ofWhlb3-rZkHEzH7Qo73yWya7HTd7ohxrxvV_4ROshMPPjcriIvg==
IrisButtons.css
ovp.iris.tv/libs/adaptive/styles/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/libs/adaptive/styles/IrisButtons.css
Requested by
Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3a00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85fa47de6b71bbce922b3d89b645018063f5d4b1c7ac1383ada0da3729de6702

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 00:03:07 GMT
via
1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
last-modified
Thu, 10 Dec 2020 21:56:44 GMT
server
AmazonS3
age
91498
etag
"e54832afd18f0ed157b8160ac7e4a9d2"
x-edge-origin-shield-skipped
0
x-amz-version-id
CcqFDVhLmj7fMBiS5W3t1iFW3PtkExjg
cache-control
max-age=31536000, must-revalidate
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
text/css
content-length
6053
x-amz-cf-id
l31E2OB3ZhvjMsP5WrmhS-L6UKTo5Dvl0oOTLCfw3EavlJuAqsiJsQ==
bridge3.482.0_en.html
imasdk.googleapis.com/js/core/ Frame E8E9 		576 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.482.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3491fbeef78def538210b2f240f06d2ffc67d92844206622d7069f1003718092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.482.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newsobserver.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193423
date
Tue, 28 Sep 2021 07:35:12 GMT
expires
Wed, 28 Sep 2022 07:35:12 GMT
last-modified
Thu, 23 Sep 2021 13:33:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
237172
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Oct 2021 01:28:04 GMT
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998032001/ff23079e-198b-4e4f-b41a-48f324e15552/71bc226c-8018-46c7-a15d-470550a2ac53/1280x720/match/ 		969 KB
970 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998032001/ff23079e-198b-4e4f-b41a-48f324e15552/71bc226c-8018-46c7-a15d-470550a2ac53/1280x720/match/image.jpg
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.146.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-146-56.dus51.r.cloudfront.net
Software
/ BC
Resource Hash
8c4ec5a4f051808c70f08fb37e1aa4e95bcaf0c033a195874bc1d9d608a5843c

Request headers

Referer
https://www.newsobserver.com/
Origin
https://www.newsobserver.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 23:54:16 GMT
Via
1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
Age
5628
X-Powered-By
BC
Transfer-Encoding
chunked
X-Edge-Origin-Shield-Skipped
0
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Powered-From
gantry
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
wqDK2JnG-mugI44QqmSpKt8dTmBKH3eACI4Kh_UxCMbRQzAony1yVQ==
Expires
Fri, 30 Sep 2022 23:54:16 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.newsobserver.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 01:28:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
css2
fonts.googleapis.com/ Frame A874 		5 KB
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210930_af2cf4e105a0153246615c7a9bfc4e9908273ae2/trinity-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bbe8bd333c75c3e97aac49b24c1aa31372d35a7a05e91dc623875773d89db069
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 30 Sep 2021 23:33:31 GMT
server
ESF
date
Fri, 01 Oct 2021 01:28:04 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 01 Oct 2021 01:28:04 GMT
collect
depart.trinitymedia.ai/api/ Frame A874 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://depart.trinitymedia.ai/api/collect?t=audio
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210930_af2cf4e105a0153246615c7a9bfc4e9908273ae2/trinity-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.99.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-99-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://trinitymedia.ai/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Oct 2021 01:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
collect
depart.trinitymedia.ai/api/ Frame A874 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://depart.trinitymedia.ai/api/collect?t=audio
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210930_af2cf4e105a0153246615c7a9bfc4e9908273ae2/trinity-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.99.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-99-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://trinitymedia.ai/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Oct 2021 01:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
b.php
www.facebook.com/fr/ Frame 533A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YVZkIwAFndauQgAR&t=2592000&o=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YVZkIwAFndauQgAR&t=2592000&o=0
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 18:28:04 PDT
content-encoding
br
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
USW9xQ1DsLZKKoy5n9gaEQpRzb+z/d1HPWK8UvtuK2N/pBljOUlnqDQJYvoll09cBPRNnHklhxpgv0KHLAUhuA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
expires
Thu, 30 Sep 2021 18:28:04 PDT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1633051684.271699,VS0,VE0
x-served-by
cache-fra19176-FRA
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YVZkIwAFndauQgAR&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
newad2
fundingchoicesmessages.google.com/f/AGSKWxWvhzmr8kqNlscGf-tzu89rTWSJP81Fp-Bpcc5DVDXsNTBOd9zUxffCtdVj6PzQSP-So-C18ijqQkZjb4_H3JRzgHuAenvKexL9N5eFKquBWgOS51yyKGDFQwGoSY7u9j0I5UTfg5UbUnsfKpOys7SB-twJX... 		54 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWvhzmr8kqNlscGf-tzu89rTWSJP81Fp-Bpcc5DVDXsNTBOd9zUxffCtdVj6PzQSP-So-C18ijqQkZjb4_H3JRzgHuAenvKexL9N5eFKquBWgOS51yyKGDFQwGoSY7u9j0I5UTfg5UbUnsfKpOys7SB-twJXV99nsretweVWuzNhOybZD--zb9Uk-jYZhixd-BFztGhJYYvUZXQVzzgL33J0NxBUA1UAsn-Ww59uFbFsJE=/_/newad2?/adtracking./adpatch./adstracking./title_ad.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.frYLFpriJJ8.es5.O/d=1/rs=AJlcJMwXzsRwn2ribMW0mi1VRvR3Ci9P-Q/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b14dc09ca74902610111811eec90f764efbe79047d086d528a5501e27e9fbc91
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9YoTfJlBYWdUmDBmn6DIsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9YoTfJlBYWdUmDBmn6DIsw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-9YoTfJlBYWdUmDBmn6DIsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9YoTfJlBYWdUmDBmn6DIsw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.frYLFpriJJ8.es5.O/d=1/rs=AJlcJMwXzsRwn2ribMW0mi1VRvR3Ci9P-Q/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7df5bfa5d5e4983a01f28ead367dc53bb210a3bcc5c429b9500c46735fce1f2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
573
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27493
x-xss-protection
0
server
cafe
etag
10434112897152555274
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 01 Oct 2021 02:18:31 GMT
AGSKWxVemtOVlR7QMQ6i4w2GN0JjFWmD0B34KKGqwY4WHWz31vpcWRwBF12trFOK50CJwGzy8LCTwDQ7yfacbDGJFej-E8PeVq3POG_240yxRpafi2iPUNJlHt69q8FiNwauaPbwz5r1Ky9c-s5-P5UJ6Y-yc_-noeVEO3VK5O3TOPQsty-vLSPLR97Kjg==
fundingchoicesmessages.google.com/el/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVemtOVlR7QMQ6i4w2GN0JjFWmD0B34KKGqwY4WHWz31vpcWRwBF12trFOK50CJwGzy8LCTwDQ7yfacbDGJFej-E8PeVq3POG_240yxRpafi2iPUNJlHt69q8FiNwauaPbwz5r1Ky9c-s5-P5UJ6Y-yc_-noeVEO3VK5O3TOPQsty-vLSPLR97Kjg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.frYLFpriJJ8.es5.O/d=1/rs=AJlcJMwXzsRwn2ribMW0mi1VRvR3Ci9P-Q/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aY7jwxBRv49TmPwEW5ytMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-aY7jwxBRv49TmPwEW5ytMw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-aY7jwxBRv49TmPwEW5ytMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-aY7jwxBRv49TmPwEW5ytMw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMDYvMTAxOTI0LzE5YjgxMGNjNjc1ZWFmN2NlYzU3MDk0Zjc2MDRkYjVhLmpwZWc_dD0xNTA5OTc5NzM4NTg1.webp
s-img.mgid.com/g/8164919/492x277/0x89x598x398/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164919/492x277/0x89x598x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMDYvMTAxOTI0LzE5YjgxMGNjNjc1ZWFmN2NlYzU3MDk0Zjc2MDRkYjVhLmpwZWc_dD0xNTA5OTc5NzM4NTg1.webp?v=1633051684-vJY2vx7Yt6rSPGCgqXrCKoHdywxyIoMMqSCiDstBO50
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db790a90ec5f45d29bb7d99a2833a13bfcc7518ea011a3ab89fdbdb0c99a0c8

Request headers

Referer
https://www.newsobserver.com/
Origin
https://www.newsobserver.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:49:08 GMT
x-mg-request-uuid
82dfc8a7-e0f7-4e1d-8c98-3721c80873ef
age
552103
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6971e983bdd02bc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23110
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp
s-img.mgid.com/g/8164860/492x277/0x0x831x554/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164860/492x277/0x0x831x554/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp?v=1633051684-ey08-Fah6HIi8lQmP6lym_QmA1T0oqAk2qLJHJvRAcc
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e52d206a297bfb6771615091de41acd6d605d26d995ab2902ba052e276dda584

Request headers

Referer
https://www.newsobserver.com/
Origin
https://www.newsobserver.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 11:20:41 GMT
x-mg-request-uuid
10fc172c-557e-4788-8e8b-bda0d81d8364
age
5118093
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6971e983bdd12bc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8088
server
cloudflare
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998032001/ff23079e-198b-4e4f-b41a-48f324e15552/af5930a0-a096-4f04-977a-b90b1a9afb07/10s/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998032001/ff23079e-198b-4e4f-b41a-48f324e15552/af5930a0-a096-4f04-977a-b90b1a9afb07/10s/rendition.m3u8?fastly_token=NjE3YjUyMTZfM2E3NDJhZWJlMDVjNmI1MzM4NTJmNTM1ZjZlMTRkMDVmYWVjZDE3NjQ4Y2VkNTVkMmVmN2Q0NTMxZGE5MWRlNw%3D%3D
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-ebf6fae87170ecd55ce3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
1a8fadd6b479beaf1184b90500d0f83f194fb28beb6b68652a74b7000aa0ee9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
4053
x-served-by
cache-fra19143-FRA
x-device-group
desktop-chrome
x-timer
S1633051684.355939,VS0,VE173
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
AGSKWxVemtOVlR7QMQ6i4w2GN0JjFWmD0B34KKGqwY4WHWz31vpcWRwBF12trFOK50CJwGzy8LCTwDQ7yfacbDGJFej-E8PeVq3POG_240yxRpafi2iPUNJlHt69q8FiNwauaPbwz5r1Ky9c-s5-P5UJ6Y-yc_-noeVEO3VK5O3TOPQsty-vLSPLR97Kjg==
fundingchoicesmessages.google.com/el/ 		0
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVemtOVlR7QMQ6i4w2GN0JjFWmD0B34KKGqwY4WHWz31vpcWRwBF12trFOK50CJwGzy8LCTwDQ7yfacbDGJFej-E8PeVq3POG_240yxRpafi2iPUNJlHt69q8FiNwauaPbwz5r1Ky9c-s5-P5UJ6Y-yc_-noeVEO3VK5O3TOPQsty-vLSPLR97Kjg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.frYLFpriJJ8.es5.O/d=1/rs=AJlcJMwXzsRwn2ribMW0mi1VRvR3Ci9P-Q/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dHrAoOHeaVbJ8azDJnexmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dHrAoOHeaVbJ8azDJnexmg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-dHrAoOHeaVbJ8azDJnexmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dHrAoOHeaVbJ8azDJnexmg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
i.js
cm.mgid.com/ 		1 KB
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1633051684365919555841
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsobserver.com.1035175.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f0673751454cb22d8c2ef7a3267e4a2b08010c8002cf08f901c149b9be1f46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
bfc44174-f8a9-4249-8f83-fe5f07e48488
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6971e983bdd7c27c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v21/ Frame A874 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v21/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trinitymedia.ai
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 17:44:02 GMT
x-content-type-options
nosniff
age
200642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16180
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:43:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Sep 2022 17:44:02 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v21/ Frame A874 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v21/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trinitymedia.ai
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 17:44:02 GMT
x-content-type-options
nosniff
age
200642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16056
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:44:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Sep 2022 17:44:02 GMT
i-noref.js
cm.mgid.com/ Frame 647B 		19 B
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=163305168438634446663
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsobserver.com.1035175.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
128862f6-ba6a-49ec-8ac6-9ac8bf6a6efe
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6971e983bdd6c27c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
collect
depart.trinitymedia.ai/api/ Frame A874 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://depart.trinitymedia.ai/api/collect?t=audio
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210930_af2cf4e105a0153246615c7a9bfc4e9908273ae2/trinity-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.99.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-99-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://trinitymedia.ai/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Oct 2021 01:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsobserver.com.1035175.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-6.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 05:46:45 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
157278
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
YUDCxWsWH_z2pz6dvZgolovvUeWQb6PhUUJZVoxJX9TP6eTra76v0g==
b
sb.scorecardresearch.com/ 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1633051684431&ns_c=UTF-8&cv=3.5&c8=5%20NC%20prisons%20renamed%20due%20to%20racist%2C%20white%20supremacy%20ties%20%7C%20Raleigh%20News%20%26%20Observer&c7=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&c9=
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-6.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
gRtJjcpqwsA-5P3GAs-MSPs1syZIuXrz5NjwvHWIw4iMAckRFYPw5Q==
x-cache
Miss from cloudfront
sync.html
s.adtelligent.com/ Frame F349 		1 KB
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1633051684365919555841
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newsobserver.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/

Response headers

Server
VertaMedia 1.0
Date
Fri, 01 Oct 2021 01:28:04 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://www.newsobserver.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame F113
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1633051684365919555841
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.7.65 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-7-65.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newsobserver.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
ETag
"40333-119-5ccc31c0f3140"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Oct 2021 01:28:04 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Fri, 01 Oct 2021 01:28:04 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=6b860972-13c1-445d-b650-2b86a021dc6f&ttl=1635643684
43 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=6b860972-13c1-445d-b650-2b86a021dc6f&ttl=1635643684
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
c6f27a25-a565-4d41-9c55-cade8df59779
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6971e98618df5cb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=6b860972-13c1-445d-b650-2b86a021dc6f&ttl=1635643684
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
34b9aae5baa016b251b9fc488f4a97cd.gif
sync.e-volution.ai/ 		0
0
/
cm.lentainform.com/setmuidn/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l8u3uYgmR4si
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6971e984dc275b32-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=B2sakq0xHA0VHOtHGAV3&pi=mgid&tc=1
43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=B2sakq0xHA0VHOtHGAV3&pi=mgid&tc=1
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
3547e66e-273d-4d26-a513-f7c27fdd3230
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6971e985d89c5cb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=B2sakq0xHA0VHOtHGAV3&pi=mgid&tc=1
pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT, Fri, 01 Oct 2021 01:28:04 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
cm.idealmedia.io/setmuidn/ 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l8u3uYgmR4si
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6971e9873ef405e9-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l8u3uYgmR4si
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l8u3uYgmR4si
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=68195dd7-6b58-46b7-8018-d28319e4fd39&gdpr=&gdpr_consent=&gdpr_pd=
1 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=68195dd7-6b58-46b7-8018-d28319e4fd39&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:408
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=68195dd7-6b58-46b7-8018-d28319e4fd39&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 01 Oct 2021 01:28:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=c26a34f2-9bea-40f6-bf06-37e775fdfdf4
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=5a9d1837-461a-47fd-8f2d-76594cd50fff&expires=10&ssp=mgid&bsw_param=c26a34f2-9bea-40f6-bf06-37e775fdfdf4
  • https://cm.mgid.com/m?cdsp=433145&c=c26a34f2-9bea-40f6-bf06-37e775fdfdf4&gdpr=&gdpr_consent=&us_privacy=
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=c26a34f2-9bea-40f6-bf06-37e775fdfdf4&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:05 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
3fb6bcde-b112-4ddb-919d-ac2f53ae7405
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6971e9874a375cb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare

Redirect headers

Location
//cm.mgid.com/m?cdsp=433145&c=c26a34f2-9bea-40f6-bf06-37e775fdfdf4&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 01 Oct 2021 01:28:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDh1M3VZZ21SNHNp&muidn=l8u3uYgmR4si
  • https://cm.mgid.com/google?muidn=l8u3uYgmR4si&google_ula={guid},5&google_gid=CAESEKkZKITozXpeoZcd03VMMEs&google_cver=1
0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l8u3uYgmR4si&google_ula={guid},5&google_gid=CAESEKkZKITozXpeoZcd03VMMEs&google_cver=1
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6971e9847ef65cb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l8u3uYgmR4si&google_ula={guid},5&google_gid=CAESEKkZKITozXpeoZcd03VMMEs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998032001/ff23079e-198b-4e4f-b41a-48f324e15552/a99e28e7-ff3e-4c3f-a590-0b522bfd7c34/10s/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998032001/ff23079e-198b-4e4f-b41a-48f324e15552/a99e28e7-ff3e-4c3f-a590-0b522bfd7c34/10s/rendition.m3u8?fastly_token=NjE3YjUyMTZfMzY3ZTkwZjFiYmE5NDUzNmI1MDM2ZWMwZGFhNGVhNDY5MTg2YTY5Y2YwYjM2NWQyNTYzODY4MWUxNjg3MGZjZA%3D%3D
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-ebf6fae87170ecd55ce3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
0cc2f34a511e11761279eba2c3233ed64ae7540c70d001b70cc9115baaa14954

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
4044
x-served-by
cache-fra19143-FRA
x-device-group
desktop-chrome
x-timer
S1633051685.553391,VS0,VE178
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
usync.js
eus.rubiconproject.com/ Frame F113 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.7.65 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-7-65.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 01:28:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77821
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Fri, 01 Oct 2021 23:05:05 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E8E9 		2 KB
1023 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle254651822.html&correlator=1546471361640508&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FRAL.site_newsobserver%2FNews%2FState&hl=en&cmsid=2475951&description_url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Flocal%2Farticle244478972.html&vid_t=Movement%20to%20rename%20streets%2C%20buildings%20across%20country&vid=6174901764001&cust_params=sect%3DNorth%20Carolina%26sec_sect%3D10925%2C10856%2C7041%2C7043%2C10652%2C10634%26topic%3D%26vpa%3D0%26vpmute%3D0%26iris_id%3Diris_4d37728215b7343e%26iris_context%3Dic_4146983%2Cic_6892597%2Cic_7011887%2Cic_3473636%2Cic_0526083%2Cic_1238997%2Cic_2675877%2Cic_0567832%2Cic_8810691%2Cic_2916099&sdkv=h.3.482.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.8.0&us_privacy=1---&sdki=44d&adk=3927200476&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.newsobserver.com%2Fa37198fd-1665-46eb-a47c-68cbc9917ac0&sid=CDD77297-2ABE-4424-88D2-13DF11E7266F&eid=44746832%2C44750030&dt=1633051684715&cookie_enabled=1&scor=2519172815334817&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.482.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
243c39a02a0439d40581c3303d7dac05d42f30d1be30caabf0507fb4e2385731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
996
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxVemtOVlR7QMQ6i4w2GN0JjFWmD0B34KKGqwY4WHWz31vpcWRwBF12trFOK50CJwGzy8LCTwDQ7yfacbDGJFej-E8PeVq3POG_240yxRpafi2iPUNJlHt69q8FiNwauaPbwz5r1Ky9c-s5-P5UJ6Y-yc_-noeVEO3VK5O3TOPQsty-vLSPLR97Kjg==
fundingchoicesmessages.google.com/el/ 		0
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVemtOVlR7QMQ6i4w2GN0JjFWmD0B34KKGqwY4WHWz31vpcWRwBF12trFOK50CJwGzy8LCTwDQ7yfacbDGJFej-E8PeVq3POG_240yxRpafi2iPUNJlHt69q8FiNwauaPbwz5r1Ky9c-s5-P5UJ6Y-yc_-noeVEO3VK5O3TOPQsty-vLSPLR97Kjg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.frYLFpriJJ8.es5.O/d=1/rs=AJlcJMwXzsRwn2ribMW0mi1VRvR3Ci9P-Q/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hGVMCMxrrbNS8c1MFi4ufw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-hGVMCMxrrbNS8c1MFi4ufw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-hGVMCMxrrbNS8c1MFi4ufw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-hGVMCMxrrbNS8c1MFi4ufw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWbnbifk9NfIUidVfWjuB_JPDhXqV1KMQpBJNLxZkOOenNonOwlsDNd_f1RPSw6DEK4OOF4LFK1k1pdPDpHmxajXLYbgBestJawk-Q2KQuQEnEJhVR59Tsz5r8k15dKxygRDjjmgLOgzWIPkH57Wdf9FMX220cdyQz7mwDX-6lN0s66a6FBN5y-mA==
fundingchoicesmessages.google.com/f/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWbnbifk9NfIUidVfWjuB_JPDhXqV1KMQpBJNLxZkOOenNonOwlsDNd_f1RPSw6DEK4OOF4LFK1k1pdPDpHmxajXLYbgBestJawk-Q2KQuQEnEJhVR59Tsz5r8k15dKxygRDjjmgLOgzWIPkH57Wdf9FMX220cdyQz7mwDX-6lN0s66a6FBN5y-mA==?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzMDUxNjg0LDczNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dLCJodHRwczovL3d3dy5uZXdzb2JzZXJ2ZXIuY29tL25ld3Mvc3RhdGUvbm9ydGgtY2Fyb2xpbmEvYXJ0aWNsZTI1NDY1MTgyMi5odG1sIl0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.frYLFpriJJ8.es5.O/d=1/rs=AJlcJMwXzsRwn2ribMW0mi1VRvR3Ci9P-Q/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2b43f242669b3805bf5f295d608cde017c23a52786e00eb1a281963566ddb8a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0zwU/486Zqvi94bGLEDJYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-0zwU/486Zqvi94bGLEDJYw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-0zwU/486Zqvi94bGLEDJYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-0zwU/486Zqvi94bGLEDJYw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVemtOVlR7QMQ6i4w2GN0JjFWmD0B34KKGqwY4WHWz31vpcWRwBF12trFOK50CJwGzy8LCTwDQ7yfacbDGJFej-E8PeVq3POG_240yxRpafi2iPUNJlHt69q8FiNwauaPbwz5r1Ky9c-s5-P5UJ6Y-yc_-noeVEO3VK5O3TOPQsty-vLSPLR97Kjg==
fundingchoicesmessages.google.com/el/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVemtOVlR7QMQ6i4w2GN0JjFWmD0B34KKGqwY4WHWz31vpcWRwBF12trFOK50CJwGzy8LCTwDQ7yfacbDGJFej-E8PeVq3POG_240yxRpafi2iPUNJlHt69q8FiNwauaPbwz5r1Ky9c-s5-P5UJ6Y-yc_-noeVEO3VK5O3TOPQsty-vLSPLR97Kjg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.frYLFpriJJ8.es5.O/d=1/rs=AJlcJMwXzsRwn2ribMW0mi1VRvR3Ci9P-Q/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OXLWtVnm4LQP3POVz0iD0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-OXLWtVnm4LQP3POVz0iD0Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-OXLWtVnm4LQP3POVz0iD0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-OXLWtVnm4LQP3POVz0iD0Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame F113 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
AGSKWxXelWTTzKsUO4hONjKWbl2UPmVz23XMgegCSAVszUSHdh9PIYIZ6L3AyPY2nej_vghJ2_NzxEaRvUyoDkti65PPqFPp0G38x9Frq4HnYAl7vuKCJ3Jl1cxgOHjjxl-NdzRXL5fdDRvbE2C-Z7vFBPbaKIntki7j38yIGH3Yc9rGGFdPiQi2fAXsyw==
fundingchoicesmessages.google.com/el/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXelWTTzKsUO4hONjKWbl2UPmVz23XMgegCSAVszUSHdh9PIYIZ6L3AyPY2nej_vghJ2_NzxEaRvUyoDkti65PPqFPp0G38x9Frq4HnYAl7vuKCJ3Jl1cxgOHjjxl-NdzRXL5fdDRvbE2C-Z7vFBPbaKIntki7j38yIGH3Yc9rGGFdPiQi2fAXsyw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.QF2aec19gT0.es5.O/d=1/rs=AJlcJMz01KEOk18tsCnqxsl9chD9u_eLqw/m=cookie_refresh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lBd9NDXoVQKH7UGfIAOJyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-lBd9NDXoVQKH7UGfIAOJyg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-lBd9NDXoVQKH7UGfIAOJyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-lBd9NDXoVQKH7UGfIAOJyg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXelWTTzKsUO4hONjKWbl2UPmVz23XMgegCSAVszUSHdh9PIYIZ6L3AyPY2nej_vghJ2_NzxEaRvUyoDkti65PPqFPp0G38x9Frq4HnYAl7vuKCJ3Jl1cxgOHjjxl-NdzRXL5fdDRvbE2C-Z7vFBPbaKIntki7j38yIGH3Yc9rGGFdPiQi2fAXsyw==
fundingchoicesmessages.google.com/el/ 		0
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXelWTTzKsUO4hONjKWbl2UPmVz23XMgegCSAVszUSHdh9PIYIZ6L3AyPY2nej_vghJ2_NzxEaRvUyoDkti65PPqFPp0G38x9Frq4HnYAl7vuKCJ3Jl1cxgOHjjxl-NdzRXL5fdDRvbE2C-Z7vFBPbaKIntki7j38yIGH3Yc9rGGFdPiQi2fAXsyw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.QF2aec19gT0.es5.O/d=1/rs=AJlcJMz01KEOk18tsCnqxsl9chD9u_eLqw/m=cookie_refresh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-n2jDyeHtm8GHxz5zi5oU9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-n2jDyeHtm8GHxz5zi5oU9w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-n2jDyeHtm8GHxz5zi5oU9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-n2jDyeHtm8GHxz5zi5oU9w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXelWTTzKsUO4hONjKWbl2UPmVz23XMgegCSAVszUSHdh9PIYIZ6L3AyPY2nej_vghJ2_NzxEaRvUyoDkti65PPqFPp0G38x9Frq4HnYAl7vuKCJ3Jl1cxgOHjjxl-NdzRXL5fdDRvbE2C-Z7vFBPbaKIntki7j38yIGH3Yc9rGGFdPiQi2fAXsyw==
fundingchoicesmessages.google.com/el/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXelWTTzKsUO4hONjKWbl2UPmVz23XMgegCSAVszUSHdh9PIYIZ6L3AyPY2nej_vghJ2_NzxEaRvUyoDkti65PPqFPp0G38x9Frq4HnYAl7vuKCJ3Jl1cxgOHjjxl-NdzRXL5fdDRvbE2C-Z7vFBPbaKIntki7j38yIGH3Yc9rGGFdPiQi2fAXsyw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.QF2aec19gT0.es5.O/d=1/rs=AJlcJMz01KEOk18tsCnqxsl9chD9u_eLqw/m=cookie_refresh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b+r+R3Y6Cbg1cb3XJjllsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-b+r+R3Y6Cbg1cb3XJjllsQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsobserver.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Oct 2021 01:28:04 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.newsobserver.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-b+r+R3Y6Cbg1cb3XJjllsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-b+r+R3Y6Cbg1cb3XJjllsQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
csync
sync.adtelligent.com/ Frame F349 		0
0
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=1757399&ntv_pl=775563
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:05 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=1e22ac0c-037f-47da-9068-0c274c3bda64&ntv_fl=CF4se3gYGjAPzQcMJoAeWXn779HbK1YqEawpkfv4QBVuhgomPqP-WqLT6H61oWWI7pIxaQnnWljiHq4U-Uu5w8YnuN602tRWiTxvj88NXvBegDWf7s-VvtCs4GBmm-z74g6Xe6kUCV5P7BQyp7FyrzoOg8uIVmUelrJ9rbj58rONIetJHJ-zqPzWhAJvnYwpnfZKiEsJrV9cqjKhlME7oWiaP5MqhApz_rzQXKGKbP3OcUiujfILl11-jTghTn20&ntv_ht=JGRWYQA&ntv_at=303,302&ntv_a=AAAAAAAAAA-8EQA&ord=1633051684995&ntv_it
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:05 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=1e22ac0c-037f-47da-9068-0c274c3bda64&ntv_fl=CF4se3gYGjAPzQcMJoAeWXn779HbK1YqEawpkfv4QBVuhgomPqP-WqLT6H61oWWI7pIxaQnnWljiHq4U-Uu5w8YnuN602tRWiTxvj88NXvBegDWf7s-VvtCs4GBmm-z74g6Xe6kUCV5P7BQyp7FyrzoOg8uIVmUelrJ9rbj58rONIetJHJ-zqPzWhAJvnYwpnfZKiEsJrV9cqjKhlME7oWiaP5MqhApz_rzQXKGKbP3OcUiujfILl11-jTghTn20&ntv_ht=JGRWYQA&ntv_at=808&ntv_a=AAAAAAAAAAi9ULA&ntv_sat=15&ord=1633051684998&ntv_it
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:05 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=775563&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/state/north-carolina/article254651822.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-244-20.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsobserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 01:28:05 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubmV3c29ic2VydmVyLmNvbTo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&badge=inline&cb=vbcn5wiyg0uj
Domain
sync.e-volution.ai
URL
https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l8u3uYgmR4si
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Verdicts & Comments Add Verdict or Comment

476 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforexrselect boolean| originAgentCluster object| pageInfo object| webpackJsonp object| regeneratorRuntime object| mi object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| mistats function| Visitor object| s_c_il number| s_c_in object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed function| OptanonWrapper object| jsonp function| geofeed object| Util function| $ function| jQuery function| miAppControler function| getUrlVars function| checkUserSubscribed function| renewSession boolean| getSubscribedFlag boolean| dfpOnPageWrapEnabled object| _prx boolean| untv function| generateGuid function| getGuid function| callbackCaptcha string| bazadebezolkohpepadr string| userIconSignedOut string| userIconSignedIn string| popoutContainer string| label undefined| userName object| currentScript number| __TRINITY_TAG_TIME__ object| TRINITY_PLAYER function| jsonFeed object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| googlefc object| mediaRule object| googletag object| zeusKeyvalues string| zeusAdUnitPath object| FB string| s_account object| s function| s_doPlugins function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq function| DIL number| s_objectID number| s_giq function| AdCloudEvent boolean| mistats_messageHandler object| _matherq string| GoogleAnalyticsObject function| mistats_ga object| WFClientTypeDef object| imageSizes function| processBackUpName function| updateProgress function| disableNewDownload function| downloadFile function| setUpNewDownload function| downloadPagesUrl function| nativoFn object| subnavSection object| masthead object| $articles number| artToShow function| changePage number| relatedSeriesLength object| mia11y boolean| relatedRailGlobal boolean| sideRailGlobal function| initializeIrisPlugin function| setImmediate function| clearImmediate function| IrisContextAPI object| wpJsonpWPS object| vttjs function| WebVTT number| vdata3390 object| scrollMonitor function| videojs object| mediaGallery object| mediaGalleryActions string| urhehlevkedkilrobacf object| Scroll object| oDv object| oVa object| confiant object| EF function| cnxps object| PARSELY string| h function| __475an521in8a__ object| _mather object| tid object| lotame_7447 object| __otccpaooLocation object| otStubData function| addLinkToSelection object| Optanon object| OneTrust boolean| mitagsent string| imsOrgId string| rsid object| adCloudCookieData object| cookieInstance object| core object| ats string| p1179710393 number| p1179710394 function| p1179710395 function| p1179710391 function| p1179710389 function| p1179710401 function| p1179710398 function| p1179710396 function| p1179710372 function| p1179710377 function| p1179710363 function| p1179710362 function| p1179710360 function| p1179710353 function| oEnableNullChecklistener_ function| p1179710380 function| p1179710344 function| oPageUnload function| p1179710273 function| p1179710278 function| p1179710397 number| p1179710263 string| p1179710264 object| p1179710265 object| p1179710266 boolean| p1179710267 number| p1179710269 number| p1179710270 object| p1179710291 string| p1179710333 number| p1179710274 object| p1179710341 string| p1179710309 string| p1179710310 object| p1179710347 number| p1179710348 boolean| p1179710352 number| p1179710354 boolean| p1179710356 boolean| p1179710382 boolean| p1179710381 boolean| oAudienceListenerEnabled_ object| p1179710358 string| oDevice string| oParentHostname_ string| oParentPathname_ boolean| p1179710359 boolean| p1179710361 number| p1179710376 boolean| p1179710378 number| p1179710379 object| p1179710368 object| oAdSlots_ object| otkjs boolean| p1179710399 boolean| p1179710400 string| p1179710318 function| p1179710271 string| p1179710272 boolean| p1179710340 boolean| p1179710320 object| p1179710319 string| p1179710338 number| p1179710322 object| opbjs object| oaudLibjs object| ovpjs number| p1179710321 object| recaptcha object| closure_lm_601219 object| s_i_mccltallmcclatchy object| _mgIntExchangeNews object| MarketGidInfC1035175 function| MarketGidCContextBlock1035175 function| MarketGidCMainBlock1035175 function| MarketGidCInternalExchangeBlock1035175 function| MarketGidCColorBlock1035175 function| MarketGidCRejectBlock1035175 function| MarketGidCCriteoBlock1035175 function| MarketGidCInternalExchangeLoggerBlock1035175 function| MarketGidCObserverBlock1035175 function| MarketGidCSendDimensionsBlock1035175 function| MarketGidCAntifraudStatisticsBlock1035175 function| MarketGidCRtbBlock1035175 function| MarketGidCContentPreviewBlock1035175 function| MarketGidCGradientBlock1035175 function| MarketGidCResponsiveBlock1035175 boolean| mg_loaded_631443_1035175 number| p1179710275 string| oUrl_ object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| $jscomp function| $jscomp$lookupPolyfilledValue function| e object| __ql string| path string| host object| scriptTags object| default_ContributorServingLoaderClientJs function| __Y9uNstf385Zx__ object| __fcInternalApiManager string| N2RmNzZhMTZhYmZjYWIxOGxvYWRlcl9qcw== string| N2RmNzZhMTZhYmZjYWIxOGNhY2hlZF9qcw== string| __fcInvoked string| __fcexpdef boolean| __fcInternalApiPostMessageReady number| oIndex4_ number| p1179710290 object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| pbjs function| lotameIsCompatible function| lt7447_ba function| lt7447_b undefined| lt7447_c undefined| lt7447_ca undefined| lt7447_d function| lt7447_e function| lt7447_da function| lt7447_ea object| lt7447_fa object| lt7447_ object| lt7447_4 function| lt7447_aa function| lt7447_a function| lt7447_f function| lt7447_g function| lt7447_h function| lt7447_i function| lt7447_j function| lt7447_l function| lt7447_ga function| lt7447_k function| lt7447_m function| lt7447_n function| lt7447_o function| lt7447_p function| lt7447_q function| lt7447_r function| lt7447_s function| lt7447_t function| lt7447_u function| lt7447_ha function| lt7447_ia function| lt7447_w function| lt7447_ja function| lt7447_x function| lt7447_y function| lt7447_v function| lt7447_z function| lt7447_A function| lt7447_B function| lt7447_C function| lt7447_D function| lt7447_E function| lt7447_F function| lt7447_G function| lt7447_H function| lt7447_I function| lt7447_J function| lt7447_L function| lt7447_M function| lt7447_N function| lt7447_K function| lt7447_ka function| lt7447_la function| lt7447_P function| lt7447_O function| lt7447_Q function| lt7447_R function| lt7447_S function| lt7447_T function| lt7447_ma function| lt7447_na function| lt7447_oa function| lt7447_pa function| lt7447_U function| lt7447_V function| lt7447_W function| lt7447_qa function| lt7447_sa function| lt7447_ra function| lt7447_X function| lt7447_ta function| lt7447_ua function| lt7447_Y function| lt7447_Z function| lt7447__ function| lt7447_va function| lt7447_wa function| lt7447_xa function| lt7447_ya function| lt7447_0 function| lt7447_za function| lt7447_Aa function| lt7447_Ba function| lt7447_1 function| lt7447_Da function| lt7447_Ca function| lt7447_Ea function| lt7447_Fa function| lt7447_Ga function| lt7447_Ha function| lt7447_2 function| lt7447_3 function| lt7447_Ia function| lt7447_Ja function| lt7447_Ka function| lt7447_La function| lt7447_Ma function| lt7447_Na function| lt7447_Oa function| lt7447_Pa function| lt7447_Qa function| lt7447_5 function| lt7447_6 function| lt7447_Ta function| lt7447_Ua function| lt7447_Sa function| lt7447_Ra function| lt7447_Wa function| lt7447_Va function| lt7447_Ya function| lt7447_Xa function| lt7447_7 function| lt7447_Za function| lt7447__a function| lt7447_0a function| lt7447_1a function| lt7447_2a function| lt7447_4a function| lt7447_7a function| lt7447_6a function| lt7447_3a function| lt7447_9a function| lt7447_5a function| lt7447_8a function| lt7447_ab function| lt7447_$a function| lt7447_bb function| lt7447_8 function| lt7447_cb function| lt7447_db function| lt7447_eb function| lt7447_fb function| lt7447_gb function| lt7447_hb function| lt7447_ib function| lt7447_kb function| lt7447_$ function| lt7447_jb function| lt7447_lb function| lt7447_9 object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ function| _typeof object| cnx_usr_storage object| onClickExcludes function| initSubscriptionCta function| mgReject1035175 function| mgLoadAds1035175_12d12 function| MarketGidCReject1035175 function| MarketGidLoadGoods1035175_12d12 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint631443 string| _mgPvid object| IrisContextGlobal boolean| _mgPageView631443 object| irisInstances object| irisPlayer object| GlobalIrisPlayers object| closure_lm_64069 function| processGoogleToken object| googleToken object| googleIMState function| LoadCriteoAllPlaces1035175_12d12 boolean| df0eb065-9b5a-4532-8c4b-717c404eaf46 boolean| i.js.loaded boolean| i-noref.js.loaded object| _comscore function| udm_ object| ns_p object| COMSCORE object| closure_lm_862218 object| ggeac function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ boolean| mistats_hypeTracker

40 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=jiyEjCZWDEyXjTX4eVJTTWrWgfs2suY8sWceAos_6K2BUFQoBdKiAtsLkmutqU-K-FcSaZqE111cQJGMZCIn0LOdCTtaiVASHOp6lfDyt5VLEWNHbiXzkVZTlWrsniLKzOIu5GM5PiqgvDjh1GpKYKFrFuCXk_2vs_35kN8C9aA
.demdex.net/ Name: demdex
Value: 11322107618729184440097589551901740633
.newsobserver.com/ Name: mi_gps
Value: 2
.mgid.com/ Name: __cf_bm
Value: wyNtpMR1i1o025GAqmt8qtEjJa9OE7qSC5k_2p5zc9k-1633051683-0-ASpjH+r2Uu81zgEcexTGRys9fHHubowIsoEGg4Hk0bs5WC8sp5iYoaRblWofmDPvWqeHtHp9bXzh7zUX6V+Qhto=
.newsobserver.com/ Name: ak_bmsc
Value: 2AD058C9822BCD50BF88AF831D84E655~000000000000000000000000000000~YAAQPZoXAoK9uhZ7AQAAEit3OQ2v2WArKSNGFzLD0nRphiJ0+sHeq8xPt2NGGyo8kFMw0vVtRAHCEkGLL4N1avUk78MOesQmYAk2dDS64kbYb9hWbfDs6i95ElbpgBUPH1Zf9Jg7SgojdZ4vGq7pvzUVikMb+bmeZ0RonRFQ1B/J/dtwQtmWZlFtUiwgte2QWTlwv+4yufigvMMyD6HxwNBX81WOLWvmYk8Yuj+PcqMc81L3fD7EIaXArG3Wu4vd2QH5WE5N1s6eZJP4NUh1F4LBVffXOy88eX8aGVAtmO2n6pWDKZIOlpaiN5BRqxDtS96kuphrSaooe4kUITKqCDDfh1AvHRiFZANUEbtTjZdnCQCjckqXUGpW9eFH4797PwaK/41+ioMOgP0rLIqsrNbxgTV/DgxIVVUos9ui4vk2UVwT3ipiRyxWflFhOX60WysRL0JMOEwC1my1ysHPaeCYzwxsDtX1LZ4tREyTkEhlp+OSCWelVTdag1WvRSef5Q==
.dpm.demdex.net/ Name: dpm
Value: 11322107618729184440097589551901740633
.scorecardresearch.com/ Name: UID
Value: 1974YDQWMV0GHPUAJXMOBKg1633051684
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YVZkIwAFndauQgAR
.newsobserver.com/ Name: bm_sv
Value: 8F844A423236C37C34FAFF0C1E2C943D~klJ686A79Xrs1aBSbnUN4Xo8riACWk7g0uSY39PJIBljXEqF7l/iyJULCsiI/97c+GKhQdob7ehZZrBbFGenH3oUQgn/kH1cqbOJkHzRG3OUqDqSGGIP/XcJZKs3ujB7lu1ClvQ2ndYMjDweyuissC3h5PQFc5uqnGOoD+Pl9sc=
trinitymedia.ai/ Name: AWSALBCORS
Value: ilTMMe0m3kb6/tPXOB0H7NEQ1nIQ/MRwgGnkStxXGElH595h3CQPy8xtwZFpfVvKl6IAcd6nDgerNzDJouxWDHMnyQ/5b/WALBIl3if8NcX1rPZQ2iHRFwbYZv01
.trinitymedia.ai/ Name: AUID
Value: a4d22e81-c6b2-438c-9536-908f99c50272
.casalemedia.com/ Name: CMID
Value: YVZkI6G88BPztVcs6gXHRwAA
.casalemedia.com/ Name: CMPS
Value: 5232
.doubleclick.net/ Name: IDE
Value: AHWqTUnimNMzlL9DuYWQEjciPCPG-zbbvdCP6Iz0TZjxZ8wCzVH4-tXgEX4oIj1DrFA
.casalemedia.com/ Name: CMPRO
Value: 1158
.casalemedia.com/ Name: CMRUM3
Value: 58615664232760YVZkIwAAAKuVGgQf
.casalemedia.com/ Name: CMST
Value: YVZkI2FWZCMA
.mgid.com/ Name: muidn
Value: l8u3uYgmR4si
.demdex.net/ Name: dextp
Value: 771-1-1633051683391|144230-1-1633051683492|144231-1-1633051683601|144232-1-1633051683703|144233-1-1633051683805|144234-1-1633051683924|144235-1-1633051684027|144236-1-1633051684128|144237-1-1633051684267
servicer.mgid.com/ Name: __mglb
Value: fc02a5af8306bee686576562f78e8f80
.adnxs.com/ Name: uuid2
Value: 7210629328205955506
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2E>2d[Ml`!]tbPl1MwL(!R7qUY$*e@79KQYOd'xDZO8bE!#Om)3!TY/X%W#.wL5oa9/sZwfzrVv9=M[YdK(.(lOfM!x%^7*_ygz
.spotxchange.com/ Name: audience
Value: d30502f4-2256-11ec-90c4-10ffbde80406
.openx.net/ Name: i
Value: 19ffe17d-cb9a-4485-9ddc-500ca8656c8e|1633051684
.bidswitch.net/ Name: c
Value: 1633051684
.bidswitch.net/ Name: tuuid_lu
Value: 1633051684
.lentainform.com/ Name: muidn
Value: l8u3uYgmR4si
.creativecdn.com/ Name: u
Value: B2sakq0xHA0VHOtHGAV3
.creativecdn.com/ Name: ts
Value: 1633051684
.bidswitch.net/ Name: tuuid
Value: c26a34f2-9bea-40f6-bf06-37e775fdfdf4
.adsrvr.org/ Name: TDID
Value: 6b860972-13c1-445d-b650-2b86a021dc6f
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YVZkIwAFndauQgAR&KRTB&23194-YVZkIwAFndauQgAR&KRTB&23209-YVZkIwAFndauQgAR&KRTB&23244-YVZkIwAFndauQgAR
.pubmatic.com/ Name: PUBMDCID
Value: 3
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiu84WorqGCOhAFOAE.
.smadex.com/ Name: smxtrack
Value: 5a9d1837-461a-47fd-8f2d-76594cd50fff
.postrelease.com/ Name: opt_out
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-68195dd7-6b58-46b7-8018-d28319e4fd39
.pubmatic.com/ Name: PugT
Value: 1633051684
cm.mgid.com/ Name: mg_sync
Value: {"265689":1633051684,"341189":1633051684,"363887":1633051684,"371158":1633051684,"433145":1633051685,"433146":1633051684,"516418":1633051684}
.idealmedia.io/ Name: muidn
Value: l8u3uYgmR4si

2 Console Messages

Source Level URL
Text
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 78)
Message:
Origin trial controlled feature not enabled: 'trust-token-redemption'.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 78)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.crwdcntrl.net
adservice.google.com
ats.rlcdn.com
c.mgid.com
capi.connatix.com
cd.connatix.com
cdn.cookielaw.org
cdn.parsely.com
cds.connatix.com
cf-images.us-east-1.prod.boltdns.net
cm.everesttech.net
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cm.smadex.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
connect.scroll.com
context.iris.tv
contributor.google.com
creativecdn.com
d15kdpgjg3unno.cloudfront.net
depart.trinitymedia.ai
dpm.demdex.net
dsum-sec.casalemedia.com
dyv1bugovvq1g.cloudfront.net
edge.api.brightcove.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.privacymanager.io
geolocation.onetrust.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
jadserve.postrelease.com
js.matheranalytics.com
jsc.mgid.com
lasteventf-tm.everesttech.net
manifest.prod.boltdns.net
match.adsrvr.org
mboxedge37.tt.omtrdc.net
mcclatchy-newsobserver.cdn.zephr.com
mcclatchy-newsobserver.zeustechnology.com
mcclatchy.demdex.net
mcclatchy.sc.omtrdc.net
mcclatchy.tt.omtrdc.net
media2.newsobserver.com
ovp.iris.tv
p1.parsely.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pubads.g.doubleclick.net
s-img.mgid.com
s.adtelligent.com
s.ntv.io
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
servicer.mgid.com
simage2.pubmatic.com
sqs.us-east-1.amazonaws.com
static.scroll.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adtelligent.com
sync.e-volution.ai
sync.search.spotxchange.com
tags.crwdcntrl.net
token.rubiconproject.com
trinitymedia.ai
us-u.openx.net
vd.trinitymedia.ai
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
www.i.matheranalytics.com
www.newsobserver.com
www.sunherald.com
x.bidswitch.net
sync.adtelligent.com
sync.e-volution.ai
www.google.com
104.108.145.8
104.108.145.83
104.16.199.73
104.19.133.78
104.19.136.78
104.19.216.61
107.178.250.234
13.226.145.113
13.226.145.114
13.226.145.37
13.226.145.55
13.226.145.6
13.226.145.69
13.226.145.81
13.226.146.56
13.226.147.71
13.36.218.177
142.250.184.194
142.250.185.98
151.101.1.194
151.101.194.27
151.101.194.49
151.101.2.137
185.184.8.65
185.64.189.110
185.64.190.80
185.94.180.125
199.232.194.217
205.185.216.42
23.54.109.149
2600:9000:2182:3a00:15:d134:4e40:93a1
2600:9000:2182:bc00:11:b309:9100:21
2600:9000:2182:e000:5:82fd:2500:21
2606:4700:10::6814:b844
2606:4700::6810:9540
2a00:1450:4001:801::2003
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::200a
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c01::9b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a0c:5c81:5139::2
3.120.56.129
3.141.186.246
3.221.31.176
3.236.169.116
34.194.242.201
34.248.191.66
34.98.64.218
35.201.100.179
37.252.172.249
52.18.150.20
52.18.85.49
52.29.99.170
54.144.144.142
54.194.226.253
63.32.159.255
69.173.144.138
75.101.244.20
76.223.111.131
88.221.7.65
92.123.12.11
92.123.2.176
003ee5a6d6c34ac5b8d8a5a30d3005d851d1ed86097e6833f3d1139e3927267a
01522e70e4807e89bf3303d4f2e01fb141b4ce91dba4023d23794e255028ed9e
048edc8dbabf834a49e6e87a2b680c84424d709b55318d1a7b45577a50a7d920
04a74928965ed27c791351d7e70bc0bb40194158a56fd949b19c66f28d4835c1
06e1c113a84dda6981de86a5ce1fd6e9f393df53cf16c40e8dac233bd3418b36
0827a540ffd8faac9bc0bcdcb724fdb6e0a4fb3d073d46ff9a93ea105e1613ba
088bf99363c367a9df19e55730893261c22ca3021ee95d9e06429fff2391535f
094076988d05ef99f2cfc12c9cd5a5f5f63aa2f822c6652821bcd3497b62a915
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3c40ea1b0f7ff5e49b5f9b7ea4e912b5eded849571b6bb388f692c55b3fa12
0cc2f34a511e11761279eba2c3233ed64ae7540c70d001b70cc9115baaa14954
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
1160382ab6bbb58bd71197c21270ec71e9ed6bd63641becae0230e54998aa621
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
17bbef635a6628656aca5c8bde5fee06af64ac392879542660f43e5fb5b57719
1863cc30c8beff53ac1167e4a9b4f62387fb541dd1817e2240528bc6e23478a6
18a7a29489626785e9f96d890e366909787b80ad977baeec8149de3c1f7e85dd
18f9e6b96e326a7aa705c687fc8893c6b2df53acce477aefe2d0239d7b82fcb5
191fcdb96d66efc52ce505747408b26e44e40a85854f5e3d83f0b02fc1600576
1a8fadd6b479beaf1184b90500d0f83f194fb28beb6b68652a74b7000aa0ee9c
1cc5573434bc9b7f1f814fa8ec4014b19334c45b6711b67fd55ea00ebb1427ac
1d7195383d21453849079cf2e8f0bfba518244acf5308996d468885df5209053
203dad0fd53878cbee9874f568968b0c1f97130016c01707cac5084cc7132c8d
207286d63ecaf896c93c15d7d5c64b666ef7bf40ae7ee7ffe62640eb743b0c85
2142dc28cc995dfa5be78dd72ca375c7014f63b7d402e5d7bf0cd719d959e1d9
243c39a02a0439d40581c3303d7dac05d42f30d1be30caabf0507fb4e2385731
26466a9aa0fc7d58397175917d2f1a0aa6eb133f5015cf22fe0bbcf879e0e04d
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e
2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5
2973541ff7462fc85337162712d37c627b51fef84927981f4c86dc37960c8a25
2c8e9c17c51ac13646a59b8c82f28ddbc7567ae6c99a102904383d8fb3408c13
2f5410bd9e775a91f266a0dbb03b5c9b0fce7fead8fd21c589b4f0aa2980be01
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
3081cd5942a29f59f16b662f9487cdb95dc4473722804097a0d697bd72fb1693
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3491fbeef78def538210b2f240f06d2ffc67d92844206622d7069f1003718092
3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb
3db790a90ec5f45d29bb7d99a2833a13bfcc7518ea011a3ab89fdbdb0c99a0c8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40f0673751454cb22d8c2ef7a3267e4a2b08010c8002cf08f901c149b9be1f46
415c2848aa4a274a1e80af7986607cd96b1a43c198978a97a639e258f0b195b5
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a
41f44dbf85a768814f785faceda808772550bd57f26af58f1da38039df02f7d7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49a637e7b55893e5f5af55286b87b6bd28509dae240ec93f9b96b50fe965a192
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4ac092a75b7f716a2652a6e0c63164b802fdbe07212e229251cb1f86a4640952
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba03e99e92b712b7e9859d68b9d101dfded6a64b596a63e6a8e6224bd3600d6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec930cc4c9a31087b58f4e8c9099b85198a14da06c95a5c87bc463f1d8fe3a7
4f7069fffad934e4dbfdbb72531a453a9f18bc32fb9f5fe18a37350718e582cf
4fb7737cef7a8c81648da3edd93b090fb1706c09b0e0b3e2926c88ff1014b0d7
506f3f3858010805e574f60e3062695603947c2a7c8a11b257d967566ac5daef
5487ea0e25ba33c4b6f3cc2c6efccb099fed8660c2e092e19174e51f9fab4334
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a7c254c0e292b58ede13954f3fd05bf8b605173053e0e42aad9f3b6a79a79a
55c3cb915a25afd5b4f397c1da96bd50486b4d1f5eca6493cfedec1091a4193a
57a1adec57b006d2f412c1d40a6e2b1c1baf65bb50cbf5735265a6b7fe216524
595661dfd681a8dfc10851014c1544cbe75e53a26ebd37c96b5095c781cae28b
5a36bfb7995c90e80bc907138d7f0dd0193ea597c39e0e2a03825456b108c5d9
5b63a17e3de0488258d9d7c4742605bee614cbc97bbf64f836998ff623ed3dbc
5fd5ff04867811e69b547747fd982a690bca09b7137933f4a01a595c3c93191a
5fd8bc8f1abe2eca0f650c16cd0f04bea980adbc2f228e4bc7bb6357923a9c36
61ca98b7cf1605903efe0b6d46e33e2a30fad4df3a99b637134a92f78fd986c6
66292d1f2876ac355465cd5ca1562a9b1dc18c2cf0c498c7d5862ab0f22e5d6b
69d4fb72039697c4b3705136bc68085d13d36d282e4ede1a46d4be8d92a4f05f
709b4ea36a5700f7b2b311a34a7809250ac6201d8cd4a86a84311628aff5e2d3
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cc463ef6e6d6f235c89639e6b7a9ec8f3d32fb6d869af2df99aa435de6af5e7
7df5bfa5d5e4983a01f28ead367dc53bb210a3bcc5c429b9500c46735fce1f2d
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82b3fca1f4be0b30252100c67b01766d2fdbc760fd29524d1f202cd0af5a72df
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850792a09c52850e671bc81e6899fcbd50593475d46afe5f38b362490c5767c2
85fa47de6b71bbce922b3d89b645018063f5d4b1c7ac1383ada0da3729de6702
88c349655965378a1ae1ddab992925241eb9fcc60d9aa44f7ba5c6737862ab2a
8b1e79f7fdca741cc7639c82c5e9b7ab22a1ed9fe3fceef0e5059195f55aa2e7
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8c4ec5a4f051808c70f08fb37e1aa4e95bcaf0c033a195874bc1d9d608a5843c
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
8e06553a97c89a1d3321b8e9e7b621612e20368d3dbb2dd6a9341ba6291f3555
8e26c82b3a05d2306015e1d1414cffced4a6ab6e012e8aadfcb0db6798314a79
935ded3593371c60969197855487396f39746d5e3cd71cf0aebf161a7e9b95f8
93d058f2a331f04fbe74786d01c50adde19e56db580b140c8e8ca023c19552d7
952bfd1ab5122dabf8f0c65d1b2181f44ae607b5057f65de723068c046a618a6
962633a9b2b7df607d091396cbe096cef615f8bd36ea627151254a5743c4e0c7
96f39052443ccc11b0424e8915bb0e0a159adc8cfa753a252538d32299b445aa
9757cf510647d1fac7099cd18744fae6fb3326118daa87c8fbd02b8fe5370581
9b9661d9e08e91d45ab439abc3e516d809cedcac6cf4254716d40c8fae3a74c3
9bf2ce0b1bfd7442abed134d5741cb9babbacd0d1fa3c73e040fa1e91e61e279
9df3761e8c6f873bd6e2cf1ef4f11064d7bc38642d42732f08c8a1ad4d79ec0b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0af14eba792300236e213a2292fffe2d859688edfcef3cd121619f1f94b3d3b
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a74d852658985eb87374624c6402abf16819dd6004fb0a3f21dd5597d045a361
a7b2e960f7628e2b6d292e1e5e51cedf3243dab1c9d7cafb9897ba05c8185ce4
a88c484817291f1d30ae3cb3e5581b4656fe74fec46360aa4feb0fcd1db2e713
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14dc09ca74902610111811eec90f764efbe79047d086d528a5501e27e9fbc91
b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd
b53a8679f64261d270c8e531fe1e2b8e463f3592155dcf4c2dbc5deeab2f3b63
b91d0633ab726f6fba5bfac7b37bfb0a7b736f9470898612c7d328a60316a9b6
bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50
bbe8bd333c75c3e97aac49b24c1aa31372d35a7a05e91dc623875773d89db069
c0a2e157af72d5455d5b7ac1ea5d3c446d7e4ba3f0025dc060a11e8386e0160a
ca7a28a6309a39f28f9dabb6f1c938e2ab39dbfbbb679fd03921c45802b2fc39
cdb0480ae109e29bf90b17ec301704d2bad5bb4cde2ad74a6c6ec91ae2c83133
cec2c1b07ec561c19dbb290120711abfcfffc93359080ab3760af6119a364bad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d2b43f242669b3805bf5f295d608cde017c23a52786e00eb1a281963566ddb8a
d33c0087f64d4045de9a5a0b506b95fad31d482b5f3dc7508c049428684b9916
d5c29b0eb934f0783eb1fca4abacf2187f5bcffb2af5cb91e9365c2fe19d8d75
d5f404b3d0e264e954218f87aaa6612bdf6b2753eaafae1b7b2c7eb99cc8acdb
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d6ff18ffd87027f5dd27f34be6c640fe2d1914b2c97d12613f4cba12dcafeca9
d9dce58dcd36485ed3d934f1164eeb26e41d5e5de3ab5504f9dc2f7f73af320f
dc0798da592f1a9d033d36765c95b8e573944ccec24a7923d8051a6e06ade5b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52d206a297bfb6771615091de41acd6d605d26d995ab2902ba052e276dda584
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ec2cc99b7d1be6fb64d9ce3622e5584e39002529d87a71ffad76435b800de309
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2ca549ad1fc660da14bcb2de820af06a59c78f26d9fdcac3c82c309681e27b
f51d2d4e9741eeb36c2de4bcb9ed4ce04513e0102ee78275d95d1dba67c932b8
f6af14b9709e48f965fb10a329f09df18b558acc3ef35b870d0740d0f1082694
f94f28e7998a2f1af1c2a6c9eb199d84101f1e92dbdd9e32e327fb5736826e7b
fa8fdeeb20b5bb10837273d2c016237e64efbfaa82fe6990683113fb51c96224
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62