thecourier.com Open in urlscan Pro
44.209.222.101 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://findlaycourier.mynews360.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Effective URL:
https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Submission: On July 12 via manual (July 12th 2024, 12:46:22 pm UTC) from US — Scanned from US

Summary HTTP 140 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 26 IPs in 2 countries across 18 domains to perform 140 HTTP transactions. The main IP is 44.209.222.101, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is thecourier.com.
TLS certificate: Issued by R11 on June 10th 2024. Valid for: 3 months.

This is the only time thecourier.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 49	44.209.222.101 44.209.222.101	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::61	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c04::5f	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:400d:c0f::8b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
3	18.160.51.31 18.160.51.31	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::5e	15169 (GOOGLE) (GOOGLE)
1	18.160.10.101 18.160.10.101	16509 (AMAZON-02) (AMAZON-02)
14	2607:f8b0:400... 2607:f8b0:4004:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	69.28.157.216 69.28.157.216	22822 (LLNW) (LLNW)
4	2600:9000:208... 2600:9000:208f:b800:3:bb0d:a880:21	16509 (AMAZON-02) (AMAZON-02)
1	18.165.96.154 18.165.96.154	16509 (AMAZON-02) (AMAZON-02)
10	2607:f8b0:400... 2607:f8b0:400d:c09::65	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:220... 2606:2800:220:de:468:2285:c1:4a3	15133 (EDGECAST) (EDGECAST)
1 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	216.157.106.133 216.157.106.133	13768 (COGECO-PEER1) (COGECO-PEER1)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c03::84	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
16	2607:f8b0:400... 2607:f8b0:400d:c04::9b	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4004:c1f::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::6a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
140	26

49 44.209.222.101 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-222-101.compute-1.amazonaws.com

findlaycourier.mynews360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thecourier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.myteamscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c04::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::61 (Washington, United States)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c0f::8b (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.160.51.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-51-31.iad55.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-101.iad12.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.28.157.216 (Ashburn, United States)

ASN22822 (LLNW, US)
PTR: https-69-28-157-216.iad.llnw.net

cdn01.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:208f:b800:3:bb0d:a880:21 (United States)

ASN16509 (AMAZON-02, US)

d3i5p6znmm9yua.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.96.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-96-154.iad55.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:400d:c09::65 (Morganton, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.157.106.133 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c03::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

f7b7d89316cce6dae6dd23c885bf56d8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:400d:c04::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4004:c1f::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::6a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	myteamscoop.com media.myteamscoop.com — Cisco Umbrella Rank: 321979	1 MB
32	googlesyndication.com f7b7d89316cce6dae6dd23c885bf56d8.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 180	500 KB
15	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 234	229 KB
11	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 761 www.google.com — Cisco Umbrella Rank: 5	75 KB
11	thecourier.com 1 redirects thecourier.com	35 KB
7	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 756 www.google-analytics.com — Cisco Umbrella Rank: 67	38 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 360 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 714 aax.amazon-adsystem.com — Cisco Umbrella Rank: 488	81 KB
4	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 723 pixel.sitescout.com — Cisco Umbrella Rank: 5894	1 KB
4	cloudfront.net d3i5p6znmm9yua.cloudfront.net	128 KB
3	gstatic.com fonts.gstatic.com csi.gstatic.com	32 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	269 KB
2	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1315	28 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	89 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116
1	basis.net cdn01.basis.net — Cisco Umbrella Rank: 7187	2 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 318	31 KB
1	mynews360.com 1 redirects findlaycourier.mynews360.com	141 B
140	18

	Domain	Requested by
37	media.myteamscoop.com	thecourier.com media.myteamscoop.com
16	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net thecourier.com pagead2.googlesyndication.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
11	thecourier.com	1 redirects media.myteamscoop.com thecourier.com
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
5	www.google-analytics.com	thecourier.com www.google-analytics.com www.googletagmanager.com
4	d3i5p6znmm9yua.cloudfront.net	thecourier.com
3	c.amazon-adsystem.com	thecourier.com c.amazon-adsystem.com
3	www.googletagmanager.com	thecourier.com www.googletagmanager.com
2	f7b7d89316cce6dae6dd23c885bf56d8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	pixel.sitescout.com	1 redirects thecourier.com
2	pixel-sync.sitescout.com	1 redirects thecourier.com
2	platform.twitter.com	media.myteamscoop.com platform.twitter.com
2	connect.facebook.net	media.myteamscoop.com connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	ssl.google-analytics.com	thecourier.com
2	fonts.googleapis.com	thecourier.com media.myteamscoop.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	www.facebook.com	connect.facebook.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn01.basis.net	www.googletagmanager.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	www.googletagservices.com	thecourier.com
1	findlaycourier.mynews360.com	1 redirects
140	26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
nwohiogethired.com
bestoffindlay.com
obituaries.thecourier.com
placeanobit.ogdennews.com
www.publicnoticesohio.com
findlaycourier.column.us
419discover.com
community.thecourier.com
thecourier.newsbank.com
www.50north.org

Subject Issuer	Validity	Valid
thecourier.com R11	`2024-06-10` - `2024-09-08`	3 months	crt.sh
media.myteamscoop.com R3	`2024-06-06` - `2024-09-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
cdn01.basis.net GeoTrust TLS RSA CA G1	`2024-05-06` - `2025-06-06`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-20` - `2024-07-19`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-08` - `2025-07-07`	a year	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Frame ID: 160B41854D67DCC5FC99A799AB7F092F
Requests: 96 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: 92E62ED2432B3A44A4F72F70E03CCF94
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fthecourier.com
Frame ID: 2D30D4F312489D1E866EE92B546AE43E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 149C507D2DE33E3FA5A1F127E3DA8E7F
Requests: 1 HTTP requests in this frame

Frame: https://f7b7d89316cce6dae6dd23c885bf56d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4E2AB212B07317DA7DEED06A5431AABE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 607276D52561E61A2B6E9A7705BCA36A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2A5A5B3A4606C77666812FDB27A72CA1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6otNNOHIS52ZiqVeLxAf-Gs4QWHc4dvAalBfpZjT4iARp6s5ZL60vpXzN9Wc62DE9eem1hOptYsXB3zm2GaROjxIw10TYoKkYBKbc7QAQ_fcMC8FQW69RhiNE_BcbU5z5sTjDI98mxcaon405wCojHd1E7paJHq91qSTgXguIzlCoZBejiO1CUzD2rAR2J7Og476O91MHhdu7W20arpI-Egw221QPIDEuLm9wU6e7u7xhbKSxnbUTHfJyQ3q_refS-OejgXUPuEIvr94l6KPSJxRJABlaMrb0Ct4CRHsQa9QqoQFt1E8Tj60VxBhTksepU9rpK3NAgTV990WSTgaTWT8&sai=AMfl-YTO38rOp0wUdYxQJ80vQJe68u0dYJGVaAhnBf2rO6C_KGDCZynie_PJehq2qx9KMhHmV8vUMp432HQeSTqrcskE5c159muPKfWyBZvkBTwJMih6k8M96WyilO2BVeQNaoa0HiLfMS5foxIJlVUta0E&sig=Cg0ArKJSzPtjzbKwEsnWEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 86FE8FE56256213E752009999F25585D
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttQz83PdkG2GfGy5pbJXwyZabvZTKdbTID10hLR-Hwm6JMZCpRHzS1GA-cRXETlMSCNEr_-WY7gD8VAT2c4OkkaWCDS-qmSTWSyyTgTb-ifUM6gSc1X9Rt3Dr_mIbisR3tuBIra3UyitYhWASyuiLF9OwJLc2zPH-iKVxARpAELXpTJgggTK_jD3s5YgyRFhEbkIDsSnR5dtzWxC3wSu6ycWacwHn2eaZb_qYP3PmK0k4TGeGjYpIW8uAvpQ4AIoqKmJtaB3gLmNLHxyevG-kxMPDwZKuyQHXqi8O8EKgS3QhEB4_kPSrqzwqVCo9_JSo49Gfcw9krkrsY3qFRIjzfJPXU3esZnCcSVhD7A_zZiCqfx73AiXxd95mSN1RR7k4y&sai=AMfl-YQKqiq8bxpy5Cy53p5EY2Eu58Yigh21AO1h13YIH63dRVw_-4l9GvGYHxMTQV7aesUX5Do1mdnQmKK_xfgGe3u--OzU_WVNLZC1LvfPJDQvl_F-bsSN5oYn-mT-rXZaBb8s6t8fx1273xj4wHgw8wQ&sig=Cg0ArKJSzCjPmu1Dm_KFEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 092C0D244BE37473EED88FE9BA3A50EC
Requests: 7 HTTP requests in this frame

Frame: https://f7b7d89316cce6dae6dd23c885bf56d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B083C61E02C6963A46B2C0BB5523545A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGMXxVpTZvz8gRSU8BsE44F65Tn37FMs-SZZcqpBG8qrt-KwroYkJxVvTnQmsUBLhshi2wOYq0AJMeZwrxAaBK_G7sIHI1ODJ57vkkaEqACzPkhGzqZru9CMfj56wRWLOvRUp9YRuLAJQs45cFupKV20fKPpEkXBNqDoL5RcB23E8p9qVzyiQ1DViqIRM1CbS3KGUF83_Wa_jMls_c2_F0ajw3c5zwT2Rwv8N-_BnJtzwYOVvitUn663lithSeVGXhrfVwPPQF-vQzaBh4xzlCllHi94PWV_rP9ga4yRHeERpTeaSvy8uzLNM4BTRsTop_sGLQLaZDpcfuMCInL_ovEn_SLd4K3haWJu5jrXrmMeEtKrwebwM-G3lskSSPQg&sai=AMfl-YQqOa8VnTqyAJg5zoy-AUNd3q7BgIfWNaxSEaeQJMysk4E-Mc-QckxVphIXVOC1ICmOu7gnbuXFDfEmNqVqgOBGYCkpW51rmb1iC5BSjygWAUvoKzKq9c1Hl69XdDGrhhoWwktk0c1nI2gIKbVbJIY&sig=Cg0ArKJSzPVDU3fsHrXtEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: BD8BE3F010750B6EF3F68B3953C9B440
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMN860SYU8UWf4orMahPJI9-dUrmeuerG3p4RucLiob7loCeoK7D8X4Fb_fVgfam7Nk2rWzbSmq5qkpOWwTcNwWnvJnG_OaRD5cEFGoFpWmfAjIwu06BS0Aw5X7USDJXUa5s8gzy9CVxBP032T57SaZPCU7aSwv7HVgYarJi3qnMEZF0Ite5bFpTgPAWmfRPn2QKrGIRxXC1bu4D4ePoZbIckXv11u4VdMlv2oO0MQ0aCo8cQUCxsxlZHV6Ks-gMHkj2gOx2m5SCs_Ataoo18YBybYqOimifZjvZeC3dZpx0cd21prEGKu-QaB7OTH_A0EeE3zwJ6_sSN-CwayPmxJkQUJM0o5M6t2PgzbGs0VTqNlKF6mjQuI2jt31gX5&sai=AMfl-YRNDL_SPFm6qxjy2JoD82IwgoEQAafw7tv2A46nyLi-hdzFZxX1DxeloQCqhyeQDPmhRm_VvMNJZI2dn3wc8x-0QoBFJix0XrKBAUUXSl7fr3QqycrG-i8oMCT1MvnOH5lkOISXwerkAWJLBUzUgvs&sig=Cg0ArKJSzEvncOK8XnI8EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 26A54512E7FB2195E0A3C7C6770237A6
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaV61i9zNbBQS5TNQjtb-lZAKEFiiXInjzK_2RNUYtdtJ8m3M2w0J_OMN5co5uKc8zvWElUtmLy_SQlSMeu0jA8NEiWupqRb0w3IuwrXFxMARQfAR4Sr1hhLD5ECnOGtRNAFU-qtYSZlr5oorh8b9IEuiTOQUQt71tAVRdvMd8c7LfP71wd8FRva4oG977Xp4by-_NR_7QciSVkM8T9fJpzKsxGQySnyl4IP6IfG9sSqaTmaWJxQTiQ6CTDwCW7IaIpPz5rLTVnLrWmTWcbKQjJfQFHF6Dw3YTzQ2NC08cN38uhtsJPMARyXCp7Ew2vvbSV-IFch02TE5hsFbo4kq1FTRo8pDPqJ9IDV4KqGuZAWqJ8XzVoEbzxIfgyLpsLOmRPLo&sai=AMfl-YQm2YQJBJLxgLb4ksEfGa8q2n_koJadPpkaZzZDU3egWU6ORklklTGOVsYo4D_L2WMpFheBKHfLKSnPTlkvnpknVU-t_rDqe1ZF4Zj9DCmwVCBTUe6KY2lYoro7LArYB5qgN9X1V9Ox05ja6Ih8ZJU&sig=Cg0ArKJSzAc8G471KbbuEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 502AC7BE690B101B5981DE488EC54F68
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstd8YoXWuJ3K3LbLXmQ7CbySt09fvyehcuAHfOdpcXSuCNDJyCB8pNr_pWbS-t4iCidPrOvWfWGeGifDkfpM64gwOWjlgwwZt9aB-piscAiD4xNjuoS0VEXDFx8tg-QD3NcUzuqMDcyXBzcoXjYiV4NndnpQQBFOogrNnfpSG2phdIB9bh6auTbo7ZQLjAQmXZGrVS9gaizeoqTCsH8GlbVwRV7ZYi0fgnkOYhzJdean5fG66u4qBiJWyBkj_cSbgnZ3QBxazJjP1qu_JwMyQUwAkgOrj3jXjzfPEBPI4eZfngTjsygn6xzKBm1Ebwc37N8BCk7JMN9rvCH8Yf1_jEo3FGXBFgwaDexCnA2Vexj0jZiEHTatgqCy5BzJ5MtHSnLqWoc&sai=AMfl-YS4RTDIlDKmCeZ27jtPIkXKazRy1ulq5xslLnM8m9iSf92P30yavsP3PibrYcAC1UaXacs2CD2TODEWwmL_863-pX7BeYj8nfrBmc3NiUDA1Ep7wHabgRbhZ2XioAeRPfo7oqH7AusTMi1WN9BW2iM&sig=Cg0ArKJSzLHZsnde8A0hEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 356C7B1455C29C19246CBCE93B594963
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Findlay car dealership accused of fraud | The Courier Plaintiff in civil suit has disability, can't read

Page URL History Show full URLs

https://findlaycourier.mynews360.com/news/530195/Findlay_car_dealership_accused_of_fraud/ HTTP 301
https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/ Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

140
Requests

97 %
HTTPS

72 %
IPv6

18
Domains

26
Subdomains

26
IPs

2
Countries

2853 kB
Transfer

7508 kB
Size

34
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/findlaycourier

Search URL Search Domain Scan URL

URL: https://twitter.com/FindlayCourier

Search URL Search Domain Scan URL

URL: https://nwohiogethired.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://bestoffindlay.com/
Title: Best of Findlay

Search URL Search Domain Scan URL

URL: https://obituaries.thecourier.com/
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://placeanobit.ogdennews.com/obits/findlay/index.html
Title: Place Obituary

Search URL Search Domain Scan URL

URL: https://www.publicnoticesohio.com/
Title: Browse Notices

Search URL Search Domain Scan URL

URL: http://findlaycourier.column.us/place
Title: Place A Notice

Search URL Search Domain Scan URL

URL: https://419discover.com/
Title: Discover 419

Search URL Search Domain Scan URL

URL: http://community.thecourier.com/garage-sales/
Title: Garage Sale Map

Search URL Search Domain Scan URL

URL: http://community.thecourier.com/open-houses/
Title: Open House Map

Search URL Search Domain Scan URL

URL: https://thecourier.newsbank.com/
Title: News Archive

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=http%3a%2f%2fthecourier.com%2fgo%2f5138062ff5602&text=Findlay+car+dealership+accused+of+fraud&tw_p=tweetbutton&url=http%3a%2f%2fthecourier.com%2fgo%2f5138062ff5602

Search URL Search Domain Scan URL

URL: https://www.50north.org/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/findlaycourier/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://findlaycourier.mynews360.com/news/530195/Findlay_car_dealership_accused_of_fraud/ HTTP 301
https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/undefined HTTP 301
https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/undefined/

Request Chain 75

https://pixel-sync.sitescout.com/dmp/asyncPixelSync HTTP 302
https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1

Request Chain 76

https://pixel.sitescout.com/up/00a3e434f2a9db61?cntr_url=https%3A%2F%2Fthecourier.com%2Fnews%2F530195%2FFindlay_car_dealership_accused_of_fraud%2F HTTP 302
https://pixel.sitescout.com/up/00a3e434f2a9db61?cookieQ=1&cntr_url=https%3A%2F%2Fthecourier.com%2Fnews%2F530195%2FFindlay_car_dealership_accused_of_fraud%2F

140 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Redirect Chain

https://findlaycourier.mynews360.com/news/530195/Findlay_car_dealership_accused_of_fraud/
https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/

52 KB
16 KB

280ms
81ms

Document
text/html

44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9bb77cfa02e895268f80f4147653b175fe0cc4a16456a30e6ff5f0b008cc69aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=60
content-encoding: gzip
content-length: 16351
content-type: text/html; charset=utf-8
date: Fri, 12 Jul 2024 12:46:13 GMT
expires: Fri, 12 Jul 2024 12:47:13 GMT
last-modified: Fri, 12 Jul 2024 12:46:13 GMT
server: Microsoft-IIS/10.0
vary: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

Redirect headers

content-length: 0
date: Fri, 12 Jul 2024 12:46:13 GMT
location: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 smartBanner.css
media.myteamscoop.com/css/ 3 KB
1 KB 202ms
40ms Stylesheet
text/css 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/css/smartBanner.css?v=1.14.5.35821
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dbdf98ad147b5f8d5be7c73bf067eccabc831c1a812460e83cfa2fe68173f0c1

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
content-encoding: gzip
last-modified: Wed, 10 Jul 2024 07:31:43 GMT
server: Microsoft-IIS/10.0
etag: "809915369bd2da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 1060

GET
H2 200 common.css
media.myteamscoop.com/css/ 53 KB
10 KB 224ms
62ms Stylesheet
text/css 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/css/common.css?v=1.14.5.35821
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 09ac178a258f539d0edf3776ebca3d9cd59549fe940be2038f69162b80df08e9

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
content-encoding: gzip
last-modified: Wed, 10 Jul 2024 07:31:42 GMT
server: Microsoft-IIS/10.0
etag: "037d359bd2da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 9831

GET
H2 200 fontawesome.min.css
media.myteamscoop.com/css/fontawesome/ 170 KB
33 KB 217ms
56ms Stylesheet
text/css 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/css/fontawesome/fontawesome.min.css?v=1.14.5.35821
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 67eea2657d4e8676fa28a9a8420e31a325892da71acfdb7f77049652680c89f9

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
content-encoding: gzip
last-modified: Wed, 10 Jul 2024 07:31:42 GMT
server: Microsoft-IIS/10.0
etag: "037d359bd2da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 33477

GET
H2 200 brands.min.css
media.myteamscoop.com/css/fontawesome/ 19 KB
5 KB 221ms
60ms Stylesheet
text/css 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/css/fontawesome/brands.min.css?v=1.14.5.35821
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e88517586ea2b8e20a693eb444336161825a8ab996399a133b7acd0d9d12df38

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
content-encoding: gzip
last-modified: Wed, 10 Jul 2024 07:31:42 GMT
server: Microsoft-IIS/10.0
etag: "037d359bd2da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 4869

GET
H2 200 jquery.js Show response
media.myteamscoop.com/js/ 85 KB
30 KB 209ms
48ms Script
application/javascript 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
content-encoding: gzip
last-modified: Wed, 10 Jul 2024 07:31:45 GMT
server: Microsoft-IIS/10.0
etag: "80c646379bd2da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 30230

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
90 KB 204ms
84ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZJ4C47N33G

Requested by

Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aee71f63a396db90257f7d8f4e084ad6031c8f24add0c218e0f138578538b0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92129
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jul 2024 12:46:14 GMT

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 206ms
47ms Stylesheet
text/css 2607:f8b0:400d:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&display=swap

Requested by

Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db4c54caa0a2c4fc3b7dea6c390abb1910d45c8bbedea27aef0c66d7a897ae23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jul 2024 12:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 12:34:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jul 2024 12:46:13 GMT

GET
H2 200 /
media.myteamscoop.com/css/ 621 B
451 B 223ms
62ms Stylesheet
text/css 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/css/?custom=true&pid=101
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 47d9927c3813e8addcb0401b869915e663e59a28e080070949719aacdfe3be1a

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
content-encoding: gzip
last-modified: Fri, 12 Jul 2024 12:43:21 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: *
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=427
content-length: 299
expires: Fri, 12 Jul 2024 12:53:21 GMT

GET
H2 200 oneColumn.css
media.myteamscoop.com/css/ 14 KB
3 KB 202ms
41ms Stylesheet
text/css 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/css/oneColumn.css?v=1.14.5.35821
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5855541129bccda895f2161044f0d683411d9a4c383fee27df4bc9c2668a46aa

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
content-encoding: gzip
last-modified: Wed, 10 Jul 2024 07:31:42 GMT
server: Microsoft-IIS/10.0
etag: "037d359bd2da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 3044

GET
H2 200 /
media.myteamscoop.com/css/ 0
117 B 223ms
63ms Stylesheet
text/css 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/css/?v=1.14.5.35821&pid=101
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
last-modified: Fri, 12 Jul 2024 12:43:16 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: *
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=422
content-length: 0
expires: Fri, 12 Jul 2024 12:53:16 GMT

GET
H2 200 busySpinner.gif
media.myteamscoop.com/images/ 34 KB
34 KB 60ms
58ms Image
image/gif 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.myteamscoop.com/images/busySpinner.gif
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9f61dd59fa621dcd8a2105c38024ca73e871aed0a7b6f63faec2cc1c6a9c2fc1

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
last-modified: Wed, 10 Jul 2024 07:31:44 GMT
server: Microsoft-IIS/10.0
etag: "8d5b9369bd2da1:0"
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 34609

GET
H2 200 whiteLeftArrow.png
media.myteamscoop.com/images/ 2 KB
2 KB 58ms
57ms Image
image/png 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.myteamscoop.com/images/whiteLeftArrow.png
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cdaad4ca29e0e8c3213940f5f91af007f6bac4f0e4af348faae6ef652166daf5

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
last-modified: Wed, 10 Jul 2024 07:31:45 GMT
server: Microsoft-IIS/10.0
etag: "b55e4b379bd2da1:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 2042

GET
H2 200 whiteRightArrow.png
media.myteamscoop.com/images/ 2 KB
2 KB 29ms
28ms Image
image/png 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.myteamscoop.com/images/whiteRightArrow.png
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9648886125fbff759fc988526f7eea7067ac5e135cd6c60c026e14ce212fc107

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
last-modified: Wed, 10 Jul 2024 07:31:45 GMT
server: Microsoft-IIS/10.0
etag: "b55e4b379bd2da1:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 2069

GET
H2 200 loading.gif
media.myteamscoop.com/images/ 1 KB
1 KB 37ms
37ms Image
image/gif 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.myteamscoop.com/images/loading.gif
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4ffd81618fe4afbdf33906894cf99175506b413dd642d9ae53f2f81cfec5d5cf

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
last-modified: Wed, 10 Jul 2024 07:31:44 GMT
server: Microsoft-IIS/10.0
etag: "83319379bd2da1:0"
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 1279

GET
H2 200 ajax-loader.gif
media.myteamscoop.com/images/ 55 KB
55 KB 31ms
31ms Image
image/gif 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.myteamscoop.com/images/ajax-loader.gif
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5710d02969932614b8eb5b4093d1dfd588fd1a188dc6a981723b72dfd2d67a16

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
last-modified: Wed, 10 Jul 2024 07:31:44 GMT
server: Microsoft-IIS/10.0
etag: "f3fb5369bd2da1:0"
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 56580

GET
H2 200 logo.png
media.myteamscoop.com/images/custom/101/ 6 KB
6 KB 30ms
29ms Image
image/png 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.myteamscoop.com/images/custom/101/logo.png
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 57cc1415b4eab8938a8203ceff0a19a9d928e96c5dd01d7a6e6c321c16cc83ca

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
last-modified: Wed, 10 Jul 2024 07:31:44 GMT
server: Microsoft-IIS/10.0
etag: "19c1c5369bd2da1:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 5966

GET
H2 200 main.js Show response
media.myteamscoop.com/js/widgets/ 61 KB
12 KB 30ms
30ms Script
application/javascript 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/js/widgets/main.js?v=1.14.5.35821&weburi=https://thecourier.com/&portalid=101&mediauri=https://media.myteamscoop.com/
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a93cc1ffc3efdc38370ff784b896c592fe7eb8ad3dd9f7284ca96c7078228be0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
content-encoding: gzip
last-modified: Wed, 10 Jul 2024 07:31:45 GMT
server: Microsoft-IIS/10.0
etag: "80c646379bd2da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 12516

GET
H2 200 css
fonts.googleapis.com/ 13 KB
995 B 51ms
50ms Stylesheet
text/css 2607:f8b0:400d:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i,900,900i

Requested by

Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/css/common.css?v=1.14.5.35821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5ee3e9f616bbd9b7628d7fc4bd7990927d4f15aa660bf27830fcfd4b80f850b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://media.myteamscoop.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jul 2024 12:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 12:04:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jul 2024 12:46:13 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 207ms
63ms Script
text/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jul 2024 12:04:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2492
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Fri, 12 Jul 2024 14:04:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 240ms
77ms Script
text/javascript 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jul 2024 10:58:40 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6454
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 12 Jul 2024 12:58:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
79 KB 308ms
212ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5LWS7N2

Requested by

Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7f0f65b6febc7c080ce3871b74e27808464b726ec80e6191efe21e60c73cac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80440
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Jul 2024 12:46:14 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 100 KB
31 KB 273ms
130ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd1b0996e1a774cd7164b35ffc2b864dd76ce8080f27613bad089826d76159f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31690
x-xss-protection: 0
server: cafe
etag: 682 / 19916 / m202407080101 / config-hash: 2043355462000640510
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jul 2024 12:46:14 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 310 KB
77 KB 160ms
41ms Script
application/javascript 18.160.51.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.51.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-51-31.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e03f31f070cdf96deb44c8a8760578f65f041cdfc2f69a1b449da43ee298c326

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 11:52:54 GMT
content-encoding: gzip
via: 1.1 b471d3775e81a9be536b52b99f39452a.cloudfront.net (CloudFront), 1.1 9a7c700290cf80b3334e7dcd07bfe44a.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 23:08:14 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, IAD55-P2
age: 3201
x-amz-server-side-encryption: AES256
etag: W/"ba6b386e5d42265c831a1ba06f75f187"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: lBY5CwsmYtRp6Q-h7bee0zv3Jw4f_1r3m8oNcUZACr_cXS03wUxO-Q==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 280ms
107ms Font
font/woff2 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thecourier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 17:08:53 GMT
x-content-type-options: nosniff
age: 157041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jul 2025 17:08:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 234ms
61ms Font
font/woff2 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thecourier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 20:01:16 GMT
x-content-type-options: nosniff
age: 233098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 20:01:16 GMT

GET
H2 404 fa-brands-400.woff2
media.myteamscoop.com/typefaces/Font%20Awesome%205%20Pro%20Brands/ 0
0 221ms
131ms Font
text/html 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/typefaces/Font%20Awesome%205%20Pro%20Brands/fa-brands-400.woff2
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/css/fontawesome/fontawesome.min.css?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://media.myteamscoop.com/css/fontawesome/fontawesome.min.css?v=1.14.5.35821
Origin: https://thecourier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 12 Jul 2024 12:46:13 GMT
cache-control: private, max-age=1209600
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 1245
content-type: text/html

GET
H2 200 ping.aspx Show response
thecourier.com/apps/common/ 26 B
230 B 43ms
42ms XHR
text/html 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://thecourier.com/apps/common/ping.aspx
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 047ddcf7f418811433e494b1fbb28e87eba265853e54cdd80a4572f4a474b1e4

Request headers

Accept: */*
Referer: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 146

GET
H2 200 /
media.myteamscoop.com/css/ 58 KB
13 KB 32ms
31ms Stylesheet
text/css 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/css/?v=1.14.5.35821&portalId=101&list=Y3NzL3BvcnRhbFNlYXJjaC5jc3MsY3NzL3Bob3RvVXBsb2FkLmNzcyxjc3MvalF1ZXJ5RXh0ZW5zaW9ucy9pbWdhcmVhc2VsZWN0LWRlZmF1bHQuY3Nz
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e5f01d676f4afca430ebaf9b0a8124269159c094e8c908ebaa479c61b9935388

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
content-encoding: gzip
last-modified: Fri, 12 Jul 2024 12:40:49 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: *
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=275
content-length: 13251
expires: Fri, 12 Jul 2024 12:50:49 GMT

POST
H2 200 getWidget.aspx Show response
thecourier.com/api/widget/ 10 KB
3 KB 123ms
121ms XHR
text/html 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://thecourier.com/api/widget/getWidget.aspx?loggedIn=false&callback=MTS_widgetCallback
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e54f5b43fb0ee8e50f5d15d1a4d9fbe57823621ff593582963b8688dd7e55644

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
content-encoding: gzip
last-modified: Fri, 12 Jul 2024 12:46:03 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: *
content-type: text/html; charset=utf-8
cache-control: public, max-age=49
content-length: 3398
expires: Fri, 12 Jul 2024 12:47:03 GMT

GET
H2 200 729ce0ef-27ae-4112-a6f1-52cb2c548a08 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
829 B 220ms
72ms Script
application/javascript 18.160.10.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/729ce0ef-27ae-4112-a6f1-52cb2c548a08
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-101.iad12.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3c766a0f141701edd393f089dbcd602bd9f8a1b89410885c45b3b5e9f6b5935a

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 11:49:43 GMT
via: 1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD12-P3
age: 3391
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: Rb-FD3wPtWGodFIYMn7cskeD6sqwyMByMlO2_n_yHMtjgbBTu3Zs1g==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 71ms
70ms XHR
text/plain 18.160.51.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthecourier.com&pubid=729ce0ef-27ae-4112-a6f1-52cb2c548a08
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.51.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-51-31.iad55.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 08:39:02 GMT
via: 1.1 9a7c700290cf80b3334e7dcd07bfe44a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD55-P2
age: 14831
x-cache: Hit from cloudfront
access-control-allow-origin: https://thecourier.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 2MJDqcBsIsym7xnxlQAiE08Mc9mQafYH_eqbbo5KPeVbeCWuFz7N6g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 185ms
53ms XHR
application/javascript 18.160.51.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.51.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-51-31.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 04:36:35 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 ccb414ab5bdb778a5639e83972f955e6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P2
age: 29380
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 299LRFx3ukhRMmBGubl2m5UleMSHCfbK8M333IzmQkaT-fXXEEke7Q==

GET
H2 200 script.js Show response
media.myteamscoop.com/js/custom/101/ 1 KB
728 B 63ms
63ms Script
application/javascript 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/js/custom/101/script.js?_=1720788374040
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 38916ce03bb015001a9c72ba6fa873666bfb17e1d12722e5add2c651c0202abc

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: gzip
last-modified: Wed, 10 Jul 2024 07:31:45 GMT
server: Microsoft-IIS/10.0
etag: "bb2350379bd2da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 644

GET
H2 200 ajax-loader.gif
media.myteamscoop.com/images/ 55 KB
0 0ms
0ms Image
image/gif 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.myteamscoop.com/images/ajax-loader.gif
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5710d02969932614b8eb5b4093d1dfd588fd1a188dc6a981723b72dfd2d67a16

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
last-modified: Wed, 10 Jul 2024 07:31:44 GMT
server: Microsoft-IIS/10.0
etag: "f3fb5369bd2da1:0"
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 56580

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 67ms
65ms Image
image/gif 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1095918572&utmhn=thecourier.com&utme=8(Portal)9(101)11(2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Findlay%20car%20dealership%20accused%20of%20fraud%20%7C%20The%20Courier%20Plaintiff%20in%20civil%20suit%20has%20disability%2C%20can%27t%20read&utmhid=1176682542&utmr=-&utmp=Findlay%2520car%2520dealership%2520accused%2520of%2520fraud%2520%257C%2520The%2520Courier%2520Plaintiff%2520in%2520civil%2520suit%2520has%2520disability%2C%2520can%27t%2520read%3F%255BportalNewsId%2C%2520530195%255D%2C%2520%255Btitle%2C%2520Findlay_car_dealership_accused_of_fraud%255D&utmht=1720788374328&utmac=UA-32025052-1&utmcc=__utma%3D160303096.853027881.1720788374.1720788374.1720788374.1%3B%2B__utmz%3D160303096.1720788374.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1903591439&utmredir=1&utmu=qQCAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 12:46:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 fa-brands-400.woff
media.myteamscoop.com/typefaces/Font%20Awesome%205%20Pro%20Brands/ 0
0 55ms
55ms Font
text/html 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/typefaces/Font%20Awesome%205%20Pro%20Brands/fa-brands-400.woff
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/css/fontawesome/fontawesome.min.css?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://media.myteamscoop.com/css/fontawesome/fontawesome.min.css?v=1.14.5.35821
Origin: https://thecourier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 12 Jul 2024 12:46:14 GMT
cache-control: private, max-age=1209600
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 1245
content-type: text/html

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 64ms
63ms XHR
text/plain 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1176682542&t=pageview&_s=1&dl=https%3A%2F%2Fthecourier.com%2Fnews%2F530195%2FFindlay_car_dealership_accused_of_fraud%2F&ul=en-us&de=UTF-8&dt=Findlay%20car%20dealership%20accused%20of%20fraud%20%7C%20The%20Courier%20Plaintiff%20in%20civil%20suit%20has%20disability%2C%20can%27t%20read&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=160303096.853027881.1720788374.1720788374.1720788374.1&_utmz=160303096.1720788374.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1720788374338&_u=IQBCAEABAAAAACAAI~&jid=1725606136&gjid=1206464333&cid=853027881.1720788374&tid=UA-1076873-1&_gid=1610360572.1720788374&_r=1&_slc=1&cd1=Findlay%20car%20dealership%20accused%20of%20fraud%20%7C%20The%20Courier%20Plaintiff%20in%20civil%20suit%20has%20disability%2C%20can%5C%27t%20read&cd2=%5BportalNewsId%2C%20530195%5D%2C%20%5Btitle%2C%20Findlay_car_dealership_accused_of_fraud%5D&z=992871491

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 12:46:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thecourier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.css
media.myteamscoop.com/css/custom/101/ 4 KB
1 KB 42ms
42ms Stylesheet
text/css 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/css/custom/101/style.css
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 668a056bbbe6a1e52fabd2e479daea137282e58aa2ac5f60560684a04d9bda05

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: gzip
last-modified: Wed, 10 Jul 2024 07:31:42 GMT
server: Microsoft-IIS/10.0
etag: "037d359bd2da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 1070

GET
H2 200 fa-solid-900.woff2
media.myteamscoop.com/typefaces/Font%20Awesome%205%20Pro/ 138 KB
138 KB 44ms
43ms Font
application/font-woff2 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/typefaces/Font%20Awesome%205%20Pro/fa-solid-900.woff2
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/css/common.css?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2

Request headers

Referer: https://media.myteamscoop.com/css/common.css?v=1.14.5.35821
Origin: https://thecourier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
last-modified: Wed, 10 Jul 2024 07:31:54 GMT
server: Microsoft-IIS/10.0
etag: "f16bd3d9bd2da1:0"
x-powered-by: ASP.NET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 140996

GET
H2 200 fa-brands-400.woff2
media.myteamscoop.com/typefaces/Font%20Awesome%206%20Pro%20Free/ 115 KB
115 KB 116ms
115ms Font
application/font-woff2 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/typefaces/Font%20Awesome%206%20Pro%20Free/fa-brands-400.woff2
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/css/common.css?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490

Request headers

Referer: https://media.myteamscoop.com/css/common.css?v=1.14.5.35821
Origin: https://thecourier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
last-modified: Wed, 10 Jul 2024 07:31:54 GMT
server: Microsoft-IIS/10.0
etag: "f16bd3d9bd2da1:0"
x-powered-by: ASP.NET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 117372

POST
H2 200 getWidget.aspx Show response
thecourier.com/api/widget/ 29 KB
8 KB 99ms
98ms XHR
text/html 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://thecourier.com/api/widget/getWidget.aspx?loggedIn=false&callback=MTS_widgetCallback
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 02fd7e6ec1ca17f651487d7653738bd4710cae64faf6535cfe62321b5253eb25

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: gzip
last-modified: Fri, 12 Jul 2024 12:45:42 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: *
content-type: text/html; charset=utf-8
cache-control: public, max-age=27
content-length: 8115
expires: Fri, 12 Jul 2024 12:46:42 GMT

GET
H2 200 logo.png
media.myteamscoop.com/images/custom/101/ 6 KB
0 1ms
1ms Image
image/png 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.myteamscoop.com/images/custom/101/logo.png
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 57cc1415b4eab8938a8203ceff0a19a9d928e96c5dd01d7a6e6c321c16cc83ca

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
last-modified: Wed, 10 Jul 2024 07:31:44 GMT
server: Microsoft-IIS/10.0
etag: "19c1c5369bd2da1:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 5966

GET
H2 200 fa-brands-400.ttf
media.myteamscoop.com/typefaces/Font%20Awesome%205%20Pro/ 133 KB
133 KB 123ms
123ms Font
application/octet-stream 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/typefaces/Font%20Awesome%205%20Pro/fa-brands-400.ttf
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/css/fontawesome/fontawesome.min.css?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 682e87e3182fa97b686d93fbf298399d992dd316646afeb77faa0853456cff0a

Request headers

Referer: https://media.myteamscoop.com/css/fontawesome/fontawesome.min.css?v=1.14.5.35821
Origin: https://thecourier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
last-modified: Wed, 10 Jul 2024 07:31:54 GMT
server: Microsoft-IIS/10.0
etag: "ba783d9bd2da1:0"
x-powered-by: ASP.NET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 136516

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/ 467 KB
146 KB 278ms
65ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b78de46be1aa7cb9f8c429bde4d202a358c1651ae0cc6217cbfd79097793d894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 11:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5181
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149163
x-xss-protection: 0
server: cafe
etag: 9083756951993760320
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 12 Jul 2025 11:19:53 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 98ms
97ms Fetch
text/plain 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZJ4C47N33G&gtm=45je4790v9126433037za200&_p=1720788374045&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=853027881.1720788374&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720788374&sct=1&seg=0&dl=https%3A%2F%2Fthecourier.com%2Fnews%2F530195%2FFindlay_car_dealership_accused_of_fraud%2F&dt=Findlay%20car%20dealership%20accused%20of%20fraud%20%7C%20The%20Courier%20Plaintiff%20in%20civil%20suit%20has%20disability%2C%20can%27t%20read&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1291&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZJ4C47N33G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 12:46:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thecourier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
100 KB 75ms
74ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2Z8QQQSWZZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWS7N2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09c7a12fd0fec6718fb3c35e5a117ac3ba66bfc2c33b819999aa88099ba28bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102516
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jul 2024 12:46:14 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 60ms
59ms XHR
text/plain 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1176682542&t=pageview&_s=1&dl=https%3A%2F%2Fthecourier.com%2Fnews%2F530195%2FFindlay_car_dealership_accused_of_fraud%2F&ul=en-us&de=UTF-8&dt=Findlay%20car%20dealership%20accused%20of%20fraud%20%7C%20The%20Courier%20Plaintiff%20in%20civil%20suit%20has%20disability%2C%20can%27t%20read&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=160303096.853027881.1720788374.1720788374.1720788374.1&_utmz=160303096.1720788374.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1720788374488&_u=aSDCCEABBAAAACAAI~&jid=1023353059&gjid=1092335991&cid=853027881.1720788374&tid=UA-1076873-1&_gid=1610360572.1720788374&_r=1&gtm=45He4790n815LWS7N2v844689983za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1472671833

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 12:46:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thecourier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up.js Show response
cdn01.basis.net/assets/ 4 KB
2 KB 161ms
55ms Script
application/javascript 69.28.157.216
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.basis.net/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWS7N2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.157.216 Ashburn, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-157-216.iad.llnw.net
Software: AC1.1 /
Resource Hash: 64f79d2b82f30e45a0f64e55d407500f68dd1de845dac688084e88cc4bfff4e4

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: gzip
last-modified: Tue, 02 Apr 2024 15:41:58 GMT
server: AC1.1
age: 23458
vary: accept-encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1714
x-llid: dcae166ccf58af4d2c0c5cdbab5ece1a

GET
H2 200 fancyFlag.css
media.myteamscoop.com/css/ext/ 427 B
403 B 44ms
43ms Stylesheet
text/css 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/css/ext/fancyFlag.css?v=1.14.5.35821
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 23ab3ea89bbc7a1f3b984bb14c57f1c6ff6f997aab0edb711bf342f729e4247d

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: gzip
last-modified: Wed, 10 Jul 2024 07:31:42 GMT
server: Microsoft-IIS/10.0
etag: "c1d9e359bd2da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 321

GET
H2 200 fancyCheer.css
media.myteamscoop.com/css/ext/ 4 KB
1 KB 72ms
70ms Stylesheet
text/css 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/css/ext/fancyCheer.css?v=1.14.5.35821
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 327fce3a54be7383e5edd267034af94826eb06a5f9b8e92ae721476a99c42e33

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: gzip
last-modified: Wed, 10 Jul 2024 07:31:42 GMT
server: Microsoft-IIS/10.0
etag: "037d359bd2da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 1123

GET
H2 200 comments.css
media.myteamscoop.com/css/ 5 KB
1 KB 61ms
60ms Stylesheet
text/css 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/css/comments.css?v=1.14.5.35821
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 082b99c0cbb8bdbb2779cd6441ace46324af1b61cc1fc78512c7fd7da5ccdd21

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: gzip
last-modified: Wed, 10 Jul 2024 07:31:42 GMT
server: Microsoft-IIS/10.0
etag: "037d359bd2da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 1460

GET
H2 200 /
media.myteamscoop.com/css/ 4 KB
1 KB 59ms
58ms Stylesheet
text/css 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/css/?v=1.14.5.35821&portalId=101&list=Y3NzL3dpZGdldC9zZWNOYXYuY3Nz
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3ac246346f02eff826779e6aeb081193fe302182fc9eb7c870f3e954bed1b7a4

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: gzip
last-modified: Fri, 12 Jul 2024 12:40:53 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: *
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=279
content-length: 1274
expires: Fri, 12 Jul 2024 12:50:53 GMT

GET
H2 200 580138_1
d3i5p6znmm9yua.cloudfront.net/360_FindlayCourier_Live/0/0/0/0/580/138/ 27 KB
28 KB 301ms
143ms Image
image/jpeg 2600:9000:208f:b800:3:bb0d:a880:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3i5p6znmm9yua.cloudfront.net/360_FindlayCourier_Live/0/0/0/0/580/138/580138_1
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208f:b800:3:bb0d:a880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c9454c7ed2489caaa4d27e4482945be9efa5e053272fb9d6f811544ffae604b

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 07:48:35 GMT
via: 1.1 fed66e6ba2cb68c8ee66c75c4798daf8.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 14:05:07 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 17860
etag: "155389880d868c5247d4f67b39c79eea"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
content-disposition: attachment; filename="findlay-noms-OnO-320x130.jpg"
accept-ranges: bytes
content-length: 27758
x-amz-cf-id: -5kMhy11OXpoFKRhQtPMK6ByVMROvj2NP2NDk2I3rf6-X-OLD2vw9A==

GET
H2 200 437787_1
d3i5p6znmm9yua.cloudfront.net/360_FindlayCourier_Live/0/0/0/0/437/787/ 9 KB
10 KB 212ms
55ms Image
image/jpeg 2600:9000:208f:b800:3:bb0d:a880:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3i5p6znmm9yua.cloudfront.net/360_FindlayCourier_Live/0/0/0/0/437/787/437787_1
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208f:b800:3:bb0d:a880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc9e9a6d3b7aeea4fc963da3a5f6936babbddbca30ab71d270aaa2871cb7919d

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 03:49:17 GMT
via: 1.1 fed66e6ba2cb68c8ee66c75c4798daf8.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2024 22:21:10 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 32218
etag: "1ebd55c64238113b7f243b5f896f4b18"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
content-disposition: inline; filename="50%20North%20'Courier%20Online%20Ad'%20(72%20dpi)%20REVISED.png"
accept-ranges: bytes
content-length: 9445
x-amz-cf-id: TKy___LpQ3D5_h2eWEWjpEaYrAQguFWW6BbG5_eXfaEkq76B5ZuD4A==

GET
H2 200 olArrow.png
media.myteamscoop.com/images/ 669 B
751 B 58ms
58ms Image
image/png 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.myteamscoop.com/images/olArrow.png
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e396172b3734568f03c45b6b60ebd469f2e13972ee2f914c365e2e01b9ad012f

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
last-modified: Wed, 10 Jul 2024 07:31:44 GMT
server: Microsoft-IIS/10.0
etag: "2c5920379bd2da1:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 669

GET
H2 200 546124_1
d3i5p6znmm9yua.cloudfront.net/360_FindlayCourier_Live/0/0/0/0/546/124/ 75 KB
76 KB 226ms
82ms Image
image/jpeg 2600:9000:208f:b800:3:bb0d:a880:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3i5p6znmm9yua.cloudfront.net/360_FindlayCourier_Live/0/0/0/0/546/124/546124_1
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208f:b800:3:bb0d:a880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d81185edd131ba435b0b1db755472b3d24936a37b8f29f0d9aebc24dd4e8dd9

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 22:49:46 GMT
via: 1.1 fed66e6ba2cb68c8ee66c75c4798daf8.cloudfront.net (CloudFront)
last-modified: Sat, 09 Mar 2024 18:26:42 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 50189
etag: "652c0687d2e30d813306681b9494ee11"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
content-disposition: inline; filename="Hancock%20County%20Courthouse%20(1).JPG"
accept-ranges: bytes
content-length: 77050
x-amz-cf-id: AjONlIXJKMiYBRYROQqVIhnZNavhuOvXr8noWRm3vNtGc-9FU2SPfA==

GET
H2 200 newscomments.js Show response
media.myteamscoop.com/js/ 11 KB
3 KB 46ms
45ms Script
application/javascript 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/js/newscomments.js
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/widgets/main.js?v=1.14.5.35821&weburi=https://thecourier.com/&portalid=101&mediauri=https://media.myteamscoop.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5dceeefdfbd931432ae67ac75e6f5cf9a62894d7be7fdd7f91bd8c8a7c8d1d3a

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: gzip
last-modified: Wed, 10 Jul 2024 07:31:45 GMT
server: Microsoft-IIS/10.0
etag: "80c646379bd2da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 2614

POST
H2 200 getWidget.aspx Show response
thecourier.com/api/widget/ 11 KB
2 KB 95ms
94ms XHR
text/html 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://thecourier.com/api/widget/getWidget.aspx?loggedIn=false&callback=MTS_widgetCallback
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c0d6ad18156e63ec83215c2539d98ae86b82b379196bd01e6fdb534ea0badf24

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: gzip
last-modified: Fri, 12 Jul 2024 12:45:32 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: *
content-type: text/html; charset=utf-8
cache-control: public, max-age=18
content-length: 2027
expires: Fri, 12 Jul 2024 12:46:32 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 92ms
92ms Fetch
text/plain 2607:f8b0:400d:c0f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2Z8QQQSWZZ&gtm=45je4790v9104261337z8844689983za200zb844689983&_p=1720788374045&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=853027881.1720788374&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720788374&sct=1&seg=0&dl=https%3A%2F%2Fthecourier.com%2Fnews%2F530195%2FFindlay_car_dealership_accused_of_fraud%2F&dt=Findlay%20car%20dealership%20accused%20of%20fraud%20%7C%20The%20Courier%20Plaintiff%20in%20civil%20suit%20has%20disability%2C%20can%27t%20read&en=page_view&_fv=1&_ss=1&ep.article_author_name=&ep.article_free_count=&ep.subscriber_package=&ep.subscriber_status=Not%20Logged%20In&tfd=1511&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Z8QQQSWZZ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c0f::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 12:46:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thecourier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 getWidget.aspx Show response
thecourier.com/api/widget/ 11 KB
2 KB 38ms
37ms XHR
text/html 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://thecourier.com/api/widget/getWidget.aspx?loggedIn=false&callback=MTS_widgetCallback
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c0d6ad18156e63ec83215c2539d98ae86b82b379196bd01e6fdb534ea0badf24

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: gzip
last-modified: Fri, 12 Jul 2024 12:45:32 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: *
content-type: text/html; charset=utf-8
cache-control: public, max-age=17
content-length: 2027
expires: Fri, 12 Jul 2024 12:46:32 GMT

GET
H2 200 /
media.myteamscoop.com/css/ 175 KB
43 KB 132ms
131ms Stylesheet
text/css 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/css/?v=1.14.5.35821&portalId=101&list=Y3NzL2pRdWVyeUV4dGVuc2lvbnMvanF1ZXJ5LXVpLmNzcyxjc3MvcG9wVXBEaWFsb2cuY3NzLGNzcy9wbHVnaW5zL2Nob3Nlbi9jaG9zZW4ubWluLmNzcyxjc3MvbWNlL3RhZ0xpc3QuY3NzLGNzcy9tY2UvaW1hZ2VTZWwuY3NzLGNzcy9taW5pQ2FsZW5kYXIuY3NzLGNzcy9wbHVnaW5zL2Nob3Nlbi9jaG9zZW4ubWluLmNzcyxjc3MvcG9ydHJhaXQuY3NzLGNzcy93aWRnZXQvY29tbW9uLmNzcyxjc3Mvd2lkZ2V0L3RyZW5kaW5nTWVkaWEuY3NzLGNzcy9zd2lwZXIvc3dpcGVyLWJ1bmRsZS5jc3MsY3NzL3BvcnRhbE5ld3MuY3NzLGNzcy9leHQvZmFuY3lmbGFnLmNzcyxjc3MvZXh0L2ZhbmN5Q2hlZXIuY3NzLGNzcy93aWRnZXQvZmVhdHVyZU5ld3MuY3NzLGNzcy9waG90b0xpZ2h0Ym94LmNzcyxjc3Mvd2lkZ2V0L2l0ZW1MaXN0VmVydGljYWwuY3NzLGNzcy93aWRnZXQvYnJlYWtpbmdOZXdzLmNzcyxjc3MvalF1ZXJ5RXh0ZW5zaW9ucy9qcXVlcnktdWkuY3NzLGNzcy9qUXVlcnlFeHRlbnNpb25zL2ltZ2FyZWFzZWxlY3QtZGVmYXVsdC5jc3M%3D
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f17f8557122f9526135441acada8564b6e8e377b33bdf41d86c4630fd5115f0f

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: gzip
last-modified: Fri, 12 Jul 2024 12:45:28 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: *
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=553
content-length: 44167
expires: Fri, 12 Jul 2024 12:55:28 GMT

GET
H2 200 / Show response
media.myteamscoop.com/js/ 1 MB
305 KB 97ms
97ms Script
text/javascript 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/js/?v=1.14.5.35821&portalId=101&list=anMvc2lnbmluLmpzLGpzL3BvcFVwRGlhbG9nLmpzLGpzL29uZUNvbC5qcyxqcy9jb250ZW50L21vYmlsZVNlbGVjdG9ycy5qcyxqcy90cmFja2luZy5qcyxqcy90cmFja2luZy5qcyxqcy9tY2UvdGFnU2VsLmpzLGpzL2FqYXguanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy9qcXVlcnktdWkuanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy90b3VjaC1wdW5jaC5qcyxqcy9qUXVlcnlFeHRlbnNpb25zL2pxdWVyeS5sYXp5bG9hZC5qcyxqcy9wbHVnaW5zL2Nob3Nlbi9jaG9zZW4uanF1ZXJ5Lm1pbi5qcyxqcy9jb21tb24uanMsanMvc21hcnRCYW5uZXIuanMsanMvcGx1Z2lucy9leGlmL2V4aWYuanMsanMvcGhvdG9VcGxvYWROZXcuanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy9pbWdBcmVhU2VsZWN0LmpzLGpzL21pbmlDYWxlbmRhci5qcyxqcy9lemZpbmQuanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy9qcXVlcnkuZG90ZG90ZG90Lm1pbi5qcyxqcy9wb3J0YWxzZWFyY2guanMsanMvd2lkZ2V0cy9icmVha2luZ05ld3NCYW5uZXIuanMsanMvd2lkZ2V0cy9pdGVtTGlzdFZlcnRpY2FsLmpzLGpzL3Bob3RvTGlnaHRib3guanMsanMvc3dpcGVyL3N3aXBlci1idW5kbGUuanMsanMvd2lkZ2V0cy9waG90b1NsaWRlci5qcyxqcy9wb3J0YWxOZXdzLmpzLGpzL3BsdWdpbnMvYW5jaG9yTWUvYW5jaG9yTWUubWluLmpzLGpzL3dpZGdldHMvbmF2TWVudS5qcyxqcy9pbmxpbmVDaGVlci5qcyxqcy9mYW5jeUZsYWcuanMsanMvaW5saW5lRmxhZy5qcyxqcy93aWRnZXRzL3NlY05hdi5qcw%3D%3D
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/widgets/main.js?v=1.14.5.35821&weburi=https://thecourier.com/&portalid=101&mediauri=https://media.myteamscoop.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f70c59a4763b53da4e890d35686ae11fce8eab3b2e0a9bcbe092f903de9c7c3f

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
content-encoding: gzip
last-modified: Fri, 12 Jul 2024 12:37:09 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: *
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=54
expires: Fri, 12 Jul 2024 12:47:09 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin: https://thecourier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
355 B 243ms
67ms XHR
text/javascript 18.165.96.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthecourier.com%2Fnews%2F530195%2FFindlay_car_dealership_accused_of_fraud%2F&pid=28W74nHyPlqb1&cb=0&ws=1600x1200&v=24.620.1905&t=3000&slots=%5B%7B%22sd%22%3A%22TCFO_Top_728x90%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1032081%2FTCFO_Top_728x90%22%7D%2C%7B%22sd%22%3A%22TCFO_Article_300x250%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1032081%2FTCFO_Article_300x250%22%7D%2C%7B%22sd%22%3A%22TCFO_Middle_728x90%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1032081%2FTCFO_Middle_728x90%22%7D%2C%7B%22sd%22%3A%22TCFO_Left_160x600%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F1032081%2FTCFO_Left_160x600%22%7D%2C%7B%22sd%22%3A%22TCFO_Right_300x600%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1032081%2FTCFO_Right_300x600%22%7D%2C%7B%22sd%22%3A%22TCFO_Bottom_728x90%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1032081%2FTCFO_Bottom_728x90%22%7D%2C%7B%22sd%22%3A%22TCFO_Middle_300x250%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1032081%2FTCFO_Middle_300x250%22%7D%2C%7B%22sd%22%3A%22TCFO_Middle2_300x250%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1032081%2FTCFO_Middle2_300x250%22%7D%2C%7B%22sd%22%3A%22TCFO_1x1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F1032081%2FTCFO_1x1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sm=d76fdda7-8a45-457e-8fb8-43f5a22270fd&pubid=729ce0ef-27ae-4112-a6f1-52cb2c548a08&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.96.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-96-154.iad55.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:15 GMT
via: 1.1 896a4d182a4523c1fe9109d1977e13a6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD55-P4
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://thecourier.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: qzaV4qyVc7C-OegliKfFcJw0GGt--0OmKzeJE6tlsbr0fKYHDm9ovA==

GET
H2 200 1032081 Show response
fundingchoicesmessages.google.com/i/ 199 KB
66 KB 320ms
111ms Script
application/javascript 2607:f8b0:400d:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/1032081?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::65 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5123849bc8cc6d51aaa01642cae40d614911fba7253a40f8413a455460e4323

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iPxVU3gkf84MQq3IhK_zNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-iPxVU3gkf84MQq3IhK_zNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmII0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLhmH76yBY2gQdLZi9hVNJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDew1DMwiS8wAADySTnP"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 207ms
42ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/?v=1.14.5.35821&portalId=101&list=anMvc2lnbmluLmpzLGpzL3BvcFVwRGlhbG9nLmpzLGpzL29uZUNvbC5qcyxqcy9jb250ZW50L21vYmlsZVNlbGVjdG9ycy5qcyxqcy90cmFja2luZy5qcyxqcy90cmFja2luZy5qcyxqcy9tY2UvdGFnU2VsLmpzLGpzL2FqYXguanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy9qcXVlcnktdWkuanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy90b3VjaC1wdW5jaC5qcyxqcy9qUXVlcnlFeHRlbnNpb25zL2pxdWVyeS5sYXp5bG9hZC5qcyxqcy9wbHVnaW5zL2Nob3Nlbi9jaG9zZW4uanF1ZXJ5Lm1pbi5qcyxqcy9jb21tb24uanMsanMvc21hcnRCYW5uZXIuanMsanMvcGx1Z2lucy9leGlmL2V4aWYuanMsanMvcGhvdG9VcGxvYWROZXcuanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy9pbWdBcmVhU2VsZWN0LmpzLGpzL21pbmlDYWxlbmRhci5qcyxqcy9lemZpbmQuanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy9qcXVlcnkuZG90ZG90ZG90Lm1pbi5qcyxqcy9wb3J0YWxzZWFyY2guanMsanMvd2lkZ2V0cy9icmVha2luZ05ld3NCYW5uZXIuanMsanMvd2lkZ2V0cy9pdGVtTGlzdFZlcnRpY2FsLmpzLGpzL3Bob3RvTGlnaHRib3guanMsanMvc3dpcGVyL3N3aXBlci1idW5kbGUuanMsanMvd2lkZ2V0cy9waG90b1NsaWRlci5qcyxqcy9wb3J0YWxOZXdzLmpzLGpzL3BsdWdpbnMvYW5jaG9yTWUvYW5jaG9yTWUubWluLmpzLGpzL3dpZGdldHMvbmF2TWVudS5qcyxqcy9pbmxpbmVDaGVlci5qcyxqcy9mYW5jeUZsYWcuanMsanMvaW5saW5lRmxhZy5qcyxqcy93aWRnZXRzL3NlY05hdi5qcw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

824ab2732f066b4e1e33657251a69137f7bf2cba17f2decb2dc875432d8edc12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jul 2024 12:46:15 GMT
content-md5: yEonu5Rpz3IZhIbhwpnmrQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=12, mss=1392, tbw=2787, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: ymcjmJodcbwOLG8UxviA7P5LPKxq/J2Uij3Tr4WMzsAx++90VWGhPN8IamUEADuToIJ/K7oFi/5nxPRW6HUIlA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4cc7aa62a7ed816c9e68e7f706bb3d99
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "2fc0b97447f0a9146b18dfc5e5bac8b7"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 12 Jul 2024 13:05:03 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 254ms
47ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/?v=1.14.5.35821&portalId=101&list=anMvc2lnbmluLmpzLGpzL3BvcFVwRGlhbG9nLmpzLGpzL29uZUNvbC5qcyxqcy9jb250ZW50L21vYmlsZVNlbGVjdG9ycy5qcyxqcy90cmFja2luZy5qcyxqcy90cmFja2luZy5qcyxqcy9tY2UvdGFnU2VsLmpzLGpzL2FqYXguanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy9qcXVlcnktdWkuanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy90b3VjaC1wdW5jaC5qcyxqcy9qUXVlcnlFeHRlbnNpb25zL2pxdWVyeS5sYXp5bG9hZC5qcyxqcy9wbHVnaW5zL2Nob3Nlbi9jaG9zZW4uanF1ZXJ5Lm1pbi5qcyxqcy9jb21tb24uanMsanMvc21hcnRCYW5uZXIuanMsanMvcGx1Z2lucy9leGlmL2V4aWYuanMsanMvcGhvdG9VcGxvYWROZXcuanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy9pbWdBcmVhU2VsZWN0LmpzLGpzL21pbmlDYWxlbmRhci5qcyxqcy9lemZpbmQuanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy9qcXVlcnkuZG90ZG90ZG90Lm1pbi5qcyxqcy9wb3J0YWxzZWFyY2guanMsanMvd2lkZ2V0cy9icmVha2luZ05ld3NCYW5uZXIuanMsanMvd2lkZ2V0cy9pdGVtTGlzdFZlcnRpY2FsLmpzLGpzL3Bob3RvTGlnaHRib3guanMsanMvc3dpcGVyL3N3aXBlci1idW5kbGUuanMsanMvd2lkZ2V0cy9waG90b1NsaWRlci5qcyxqcy9wb3J0YWxOZXdzLmpzLGpzL3BsdWdpbnMvYW5jaG9yTWUvYW5jaG9yTWUubWluLmpzLGpzL3dpZGdldHMvbmF2TWVudS5qcyxqcy9pbmxpbmVDaGVlci5qcyxqcy9mYW5jeUZsYWcuanMsanMvaW5saW5lRmxhZy5qcyxqcy93aWRnZXRzL3NlY05hdi5qcw%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyd/D146) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 12:46:15 GMT
Content-Encoding: gzip
Age: 95
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (nyd/D146)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 content_mgr_sprite.png
media.myteamscoop.com/images/sprites/ 8 KB
8 KB 30ms
30ms Image
image/png 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.myteamscoop.com/images/sprites/content_mgr_sprite.png
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/css/?v=1.14.5.35821&portalId=101&list=Y3NzL3BvcnRhbFNlYXJjaC5jc3MsY3NzL3Bob3RvVXBsb2FkLmNzcyxjc3MvalF1ZXJ5RXh0ZW5zaW9ucy9pbWdhcmVhc2VsZWN0LWRlZmF1bHQuY3Nz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 726c19c042ced111a61b3a82ffe980908eb15fb6e7fa0b85e95cc65e664c956c

Request headers

Referer: https://media.myteamscoop.com/css/?v=1.14.5.35821&portalId=101&list=Y3NzL3BvcnRhbFNlYXJjaC5jc3MsY3NzL3Bob3RvVXBsb2FkLmNzcyxjc3MvalF1ZXJ5RXh0ZW5zaW9ucy9pbWdhcmVhc2VsZWN0LWRlZmF1bHQuY3Nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
last-modified: Wed, 10 Jul 2024 07:31:44 GMT
server: Microsoft-IIS/10.0
etag: "eff53c379bd2da1:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 7874

GET
H2 200 fa-regular-400.woff2
media.myteamscoop.com/typefaces/Font%20Awesome%205%20Pro/ 170 KB
170 KB 62ms
61ms Font
application/font-woff2 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/typefaces/Font%20Awesome%205%20Pro/fa-regular-400.woff2
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/css/common.css?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583

Request headers

Referer: https://media.myteamscoop.com/css/common.css?v=1.14.5.35821
Origin: https://thecourier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
last-modified: Wed, 10 Jul 2024 07:31:54 GMT
server: Microsoft-IIS/10.0
etag: "f16bd3d9bd2da1:0"
x-powered-by: ASP.NET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 173596

GET
H2 200 fa-duotone-900.woff2
media.myteamscoop.com/typefaces/Font%20Awesome%205%20Pro/ 183 KB
183 KB 30ms
29ms Font
application/font-woff2 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.myteamscoop.com/typefaces/Font%20Awesome%205%20Pro/fa-duotone-900.woff2
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/css/common.css?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 774c3f1eec2330687ff300942799fb467faf4aae6d0f97c9e49004dccd6abd31

Request headers

Referer: https://media.myteamscoop.com/css/common.css?v=1.14.5.35821
Origin: https://thecourier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:14 GMT
last-modified: Wed, 10 Jul 2024 07:31:54 GMT
server: Microsoft-IIS/10.0
etag: "ce8b3d9bd2da1:0"
x-powered-by: ASP.NET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 187520

POST
H2 200 tracking.aspx Show response
thecourier.com/api/ 0
58 B 149ms
147ms XHR
text/html 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://thecourier.com/api/tracking.aspx?1720788375166=r
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/?v=1.14.5.35821&portalId=101&list=anMvc2lnbmluLmpzLGpzL3BvcFVwRGlhbG9nLmpzLGpzL29uZUNvbC5qcyxqcy9jb250ZW50L21vYmlsZVNlbGVjdG9ycy5qcyxqcy90cmFja2luZy5qcyxqcy90cmFja2luZy5qcyxqcy9tY2UvdGFnU2VsLmpzLGpzL2FqYXguanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy9qcXVlcnktdWkuanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy90b3VjaC1wdW5jaC5qcyxqcy9qUXVlcnlFeHRlbnNpb25zL2pxdWVyeS5sYXp5bG9hZC5qcyxqcy9wbHVnaW5zL2Nob3Nlbi9jaG9zZW4uanF1ZXJ5Lm1pbi5qcyxqcy9jb21tb24uanMsanMvc21hcnRCYW5uZXIuanMsanMvcGx1Z2lucy9leGlmL2V4aWYuanMsanMvcGhvdG9VcGxvYWROZXcuanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy9pbWdBcmVhU2VsZWN0LmpzLGpzL21pbmlDYWxlbmRhci5qcyxqcy9lemZpbmQuanMsanMvalF1ZXJ5RXh0ZW5zaW9ucy9qcXVlcnkuZG90ZG90ZG90Lm1pbi5qcyxqcy9wb3J0YWxzZWFyY2guanMsanMvd2lkZ2V0cy9icmVha2luZ05ld3NCYW5uZXIuanMsanMvd2lkZ2V0cy9pdGVtTGlzdFZlcnRpY2FsLmpzLGpzL3Bob3RvTGlnaHRib3guanMsanMvc3dpcGVyL3N3aXBlci1idW5kbGUuanMsanMvd2lkZ2V0cy9waG90b1NsaWRlci5qcyxqcy9wb3J0YWxOZXdzLmpzLGpzL3BsdWdpbnMvYW5jaG9yTWUvYW5jaG9yTWUubWluLmpzLGpzL3dpZGdldHMvbmF2TWVudS5qcyxqcy9pbmxpbmVDaGVlci5qcyxqcy9mYW5jeUZsYWcuanMsanMvaW5saW5lRmxhZy5qcyxqcy93aWRnZXRzL3NlY05hdi5qcw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Jul 2024 12:46:15 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 0
content-type: text/html

POST
H2 200 getWidget.aspx Show response
thecourier.com/api/widget/ 819 B
712 B 587ms
587ms XHR
text/html 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://thecourier.com/api/widget/getWidget.aspx?loggedIn=false&callback=MTS_widgetCallback
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 48b4038b2040709e696c9d9bd3e916baf808ecd725db827d75ec5c51d5ccb3c7

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Jul 2024 12:46:15 GMT
content-encoding: gzip
last-modified: Fri, 12 Jul 2024 12:46:15 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: *
content-type: text/html; charset=utf-8
cache-control: public, max-age=60
content-length: 599
expires: Fri, 12 Jul 2024 12:47:15 GMT

GET
H2 200 busySpinner.gif
media.myteamscoop.com/images/ 34 KB
0 1ms
1ms Image
image/gif 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.myteamscoop.com/images/busySpinner.gif
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9f61dd59fa621dcd8a2105c38024ca73e871aed0a7b6f63faec2cc1c6a9c2fc1

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:13 GMT
last-modified: Wed, 10 Jul 2024 07:31:44 GMT
server: Microsoft-IIS/10.0
etag: "8d5b9369bd2da1:0"
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=1209600
accept-ranges: bytes
content-length: 34609

GET
H2

404

/
thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/undefined/
Redirect Chain

https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/undefined
https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/undefined/

1 KB
1 KB

92ms
92ms

Image
text/html

44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/undefined/
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Referer: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:15 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 1245
content-type: text/html

Redirect headers

location: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/undefined/
date: Fri, 12 Jul 2024 12:46:15 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0

GET
H2 200 15352_0_author
d3i5p6znmm9yua.cloudfront.net/360_FindlayCourier_Live/0/0/0/0/15/352/ 15 KB
15 KB 54ms
54ms Image
image/jpeg 2600:9000:208f:b800:3:bb0d:a880:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3i5p6znmm9yua.cloudfront.net/360_FindlayCourier_Live/0/0/0/0/15/352/15352_0_author
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208f:b800:3:bb0d:a880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9a103447aa1492af72ae82f0aa4696296e1158dedd2d95ad5eb0bc85efbf785

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 07:08:46 GMT
via: 1.1 fed66e6ba2cb68c8ee66c75c4798daf8.cloudfront.net (CloudFront)
last-modified: Thu, 07 Mar 2024 01:07:45 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 20250
etag: "83e2a927b8a9c4ed8226e7976ebb9a4f"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 15355
x-amz-cf-id: IDXbtB-rAW_OUNKDaljgF596uuzOnarETVsNq6FzcP1Sf_jp5tAkbA==

GET
H2

200

asyncPixelSync
pixel-sync.sitescout.com/dmp/ Frame 92E6
Redirect Chain

https://pixel-sync.sitescout.com/dmp/asyncPixelSync
https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1

0
0

45ms
44ms

Document
text/html

34.36.216.150
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.216.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 150.216.36.34.bc.googleusercontent.com
Software: A /
Resource Hash

Request headers

Referer: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0,no-cache,no-store
content-length: 1174
content-type: text/html;charset=UTF-8
date: Fri, 12 Jul 2024 12:46:15 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 12 Jul 2024 12:46:14 GMT
location: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
server: A
via: 1.1 google

GET
H2

200

00a3e434f2a9db61
pixel.sitescout.com/up/
Redirect Chain

https://pixel.sitescout.com/up/00a3e434f2a9db61?cntr_url=https%3A%2F%2Fthecourier.com%2Fnews%2F530195%2FFindlay_car_dealership_accused_of_fraud%2F
https://pixel.sitescout.com/up/00a3e434f2a9db61?cookieQ=1&cntr_url=https%3A%2F%2Fthecourier.com%2Fnews%2F530195%2FFindlay_car_dealership_accused_of_fraud%2F

43 B
408 B

28ms
27ms

Image
image/gif

216.157.106.133
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/00a3e434f2a9db61?cookieQ=1&cntr_url=https%3A%2F%2Fthecourier.com%2Fnews%2F530195%2FFindlay_car_dealership_accused_of_fraud%2F
Requested by: Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
Protocol: H2
Server: 216.157.106.133 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 12:46:14 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/up/00a3e434f2a9db61?cookieQ=1&cntr_url=https%3A%2F%2Fthecourier.com%2Fnews%2F530195%2FFindlay_car_dealership_accused_of_fraud%2F
date: Fri, 12 Jul 2024 12:46:15 GMT
server: AC1.1
content-length: 0

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 103ms
34ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=2ad7c7bd604abc2f729bef96681b9d58

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

29e3b587db2f05281fd0358aa0573387239ab83c5e81c5f519eae6efb2a0eb4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://thecourier.com/
Origin: https://thecourier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jul 2024 12:46:15 GMT
content-md5: 7rAyBV9rtMAgtTx6MSW+FA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87066
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=23, mss=1232, tbw=5568, tp=10, tpl=0, uplat=0, ullat=-1
x-fb-debug: FcOWpu5q8wtjuI5eD0/++qbGLS0TrEFdNidnMXv47BhRNBZLvy+lY0LTOUuU8NxVdjtc7+UKv429gJWck+VFFw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 916caddef9080bad67638833dc1bccad
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "31d2e24c5feb95c5e00cd144c82bb3b5"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 12 Jul 2025 12:17:46 GMT

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 2D30 0
0 171ms
34ms Document
text/html 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fthecourier.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyd/D140) /
Resource Hash

Request headers

Referer: https://thecourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 9437683
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Fri, 12 Jul 2024 12:46:15 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyd/D140)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 AGSKWxU2S5thJ4Jdd7H0Tvqd9VrIFGEz8Ay0lxJm4ci-fi1ta5qFpaQkLkAOFRR4DEk6m9imz3sfiIhDI6vP0EfhYBwfjLRO1dOZDGEb1jcjYFyTBoTRBrrD_ggp1JoJ0WL-9i4IVbYyHg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 65ms
64ms Script
application/javascript 2607:f8b0:400d:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU2S5thJ4Jdd7H0Tvqd9VrIFGEz8Ay0lxJm4ci-fi1ta5qFpaQkLkAOFRR4DEk6m9imz3sfiIhDI6vP0EfhYBwfjLRO1dOZDGEb1jcjYFyTBoTRBrrD_ggp1JoJ0WL-9i4IVbYyHg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwNzg4Mzc1LDQ2NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90aGVjb3VyaWVyLmNvbS9uZXdzLzUzMDE5NS9GaW5kbGF5X2Nhcl9kZWFsZXJzaGlwX2FjY3VzZWRfb2ZfZnJhdWQvIixudWxsLFtbOCwiRWtqYzdReWxJc3ciXSxbOSwiZW4tVVMiXSxbMjIsImZhbHNlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ekjc7QylIsw.es5.O/am=GgY/d=1/rs=AJlcJMxNRbl6_fqpf_x1L8srayRpISmg0g/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::65 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a5ca6ce03e876531389547be627799645db5d08b15d897f4f11b7a306a1e25d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-U-QT3lgY4SGseMObJUcIuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-U-QT3lgY4SGseMObJUcIuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLhmH76yBY2gR9PJnxmVNJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDew1DMwiS8wAAALUTpm"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 149C 0
0 131ms
31ms Document
text/html 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28620
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 12:28:47 GMT
expires: Fri, 12 Jul 2024 13:18:47 GMT
last-modified: Mon, 08 Jul 2024 19:45:39 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 459 KB
83 KB 708ms
708ms Fetch
text/plain 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=643836600091438&correlator=2310057133613598&eid=31084967%2C31085019%2C31085143%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407080101&ptt=17&impl=fifs&gdpr=0&iu_parts=1032081%2CTCFO_Top_728x90%2CTCFO_Article_300x250%2CTCFO_Middle_728x90%2CTCFO_Left_160x600%2CTCFO_Right_300x600%2CTCFO_Bottom_728x90%2CTCFO_Middle_300x250%2CTCFO_Middle2_300x250%2CTCFO_1x1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=728x90%2C300x250%2C728x90%2C160x600%2C300x600%2C728x90%2C300x250%2C300x250%2C1x1&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1720788375480&lmt=1720788373&adxs=436%2C-9%2C-9%2C160%2C1140%2C436%2C1140%2C1140%2C800&adys=184%2C-9%2C-9%2C322%2C1160%2C2502%2C285%2C1150%2C2563&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1%7C0%7C0%7C1%7C0%7C0%7C2&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fthecourier.com%2Fnews%2F530195%2FFindlay_car_dealership_accused_of_fraud%2F&vis=1&psz=1600x204%7C0x-1%7C0x-1%7C160x0%7C300x0%7C1600x2872%7C300x40%7C300x19%7C1600x40&msz=1600x40%7C0x-1%7C0x-1%7C160x0%7C300x0%7C1600x40%7C300x40%7C300x0%7C1600x40&fws=0%2C2%2C2%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720788373686&idt=1277&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&cust_params=SiteID%3DTCFO%26MSection%3Dlocal_news%252Cnews%252Cbreaking_news%26SubSection%3Dlocal_news%252Cnews%252Cbreaking_news%26amznbid%3D0%26amznp%3D0&adks=1253930346%2C3474986250%2C4202900021%2C3540802101%2C690854188%2C1694694968%2C3466206048%2C949041%2C395315242&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ba5df09a99cee16f283a66cbaf22197af11a2cf8d5fce37f79c3488d6b52f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84771
x-xss-protection: 0
google-lineitem-id: 6745899510,5394099337,-1,-1,6746393238,6743557608,6743557608,6750203933,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138480742605,138313814264,-1,-1,138481596313,138480170492,138480724987,138481157138,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thecourier.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f7b7d89316cce6dae6dd23c885bf56d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E2A 0
0 185ms
57ms Document
text/html 2607:f8b0:400d:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7b7d89316cce6dae6dd23c885bf56d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 12:46:15 GMT
expires: Fri, 12 Jul 2024 12:46:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 153ms
69ms Fetch
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=146048384833&input_token&origin=1&redirect_uri=https%3A%2F%2Fthecourier.com%2Fnews%2F530195%2FFindlay_car_dealership_accused_of_fraud%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=2ad7c7bd604abc2f729bef96681b9d58

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Fri, 12 Jul 2024 12:46:15 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7390729794324404783", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1392, tbw=2779, tp=-1, tpl=-1, uplat=24, ullat=0
pragma: no-cache
x-fb-debug: w0BqJKqQCUKvUGgkDBIi7gi4dFxtHRgcN8LRmITt6MTDaiX4bgZljNZX/RQVUrULXoif/zX4GeJhbX1FEhMY9w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7390729794324404783"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thecourier.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 AGSKWxWxdwi4JEodCfzX1KGSpGSnl-RJXK6-B1hOb-07AuszGA-dbRUSkfGiIzOG8bOr6g1Savjwd9hqG8LN8WQ6MkeptxqoICNinG5Lw-cvq5OvRd4kvM3rocbKAs-we2LhE3FS6vCdBA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 93ms
93ms Script
application/javascript 2607:f8b0:400d:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWxdwi4JEodCfzX1KGSpGSnl-RJXK6-B1hOb-07AuszGA-dbRUSkfGiIzOG8bOr6g1Savjwd9hqG8LN8WQ6MkeptxqoICNinG5Lw-cvq5OvRd4kvM3rocbKAs-we2LhE3FS6vCdBA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwNzg4Mzc1LDU0MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuLUdCIl0sImh0dHBzOi8vdGhlY291cmllci5jb20vbmV3cy81MzAxOTUvRmluZGxheV9jYXJfZGVhbGVyc2hpcF9hY2N1c2VkX29mX2ZyYXVkLyIsbnVsbCxbWzgsIkVramM3UXlsSXN3Il0sWzksImVuLVVTIl0sWzIyLCJmYWxzZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::65 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

900790b359a6c1de7fd875fa2d603c84983f8424089edd6910d9acaba6b8664f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pzTVhatD46TRK7fDg3dP8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pzTVhatD46TRK7fDg3dP8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmII1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLhmH76yBY2gRVb385lUtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDew1DMwiS8wAAD49Dn1"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 233ms
108ms XHR
application/json 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407080101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57c1e35b41cf69219684c28bdd817cb683bab22ec0a470dc1ecec157a3af9f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13124
x-xss-protection: 0

GET favicon.ico
media.myteamscoop.com/images/custom/101/ 0
0

POST
H2 200 getWidget.aspx Show response
thecourier.com/api/widget/ 352 B
464 B 104ms
102ms XHR
text/html 44.209.222.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://thecourier.com/api/widget/getWidget.aspx?loggedIn=false&callback=MTS_widgetCallback
Requested by: Host: media.myteamscoop.com
URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 44.209.222.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-222-101.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0b031c767315fdf813de937616e7cec830d2aff725d8bdc86b08bad76e8bf9fd

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Jul 2024 12:46:15 GMT
content-encoding: gzip
last-modified: Fri, 12 Jul 2024 12:45:17 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: *
content-type: text/html; charset=utf-8
cache-control: public, max-age=2
content-length: 337
expires: Fri, 12 Jul 2024 12:46:17 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 209ms
102ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 12:46:16 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6072 0
0 174ms
64ms Document
text/html 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 408341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jul 2024 19:20:35 GMT
expires: Mon, 07 Jul 2025 19:20:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 2A5A 0
0 232ms
79ms Document
text/html 2607:f8b0:4004:c09::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JmMntd_ZDp_mFVwVERfwXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thecourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-JmMntd_ZDp_mFVwVERfwXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 12:46:16 GMT
expires: Fri, 12 Jul 2024 12:46:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 86FE 0
0 114ms
112ms Fetch
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6otNNOHIS52ZiqVeLxAf-Gs4QWHc4dvAalBfpZjT4iARp6s5ZL60vpXzN9Wc62DE9eem1hOptYsXB3zm2GaROjxIw10TYoKkYBKbc7QAQ_fcMC8FQW69RhiNE_BcbU5z5sTjDI98mxcaon405wCojHd1E7paJHq91qSTgXguIzlCoZBejiO1CUzD2rAR2J7Og476O91MHhdu7W20arpI-Egw221QPIDEuLm9wU6e7u7xhbKSxnbUTHfJyQ3q_refS-OejgXUPuEIvr94l6KPSJxRJABlaMrb0Ct4CRHsQa9QqoQFt1E8Tj60VxBhTksepU9rpK3NAgTV990WSTgaTWT8&sai=AMfl-YTO38rOp0wUdYxQJ80vQJe68u0dYJGVaAhnBf2rO6C_KGDCZynie_PJehq2qx9KMhHmV8vUMp432HQeSTqrcskE5c159muPKfWyBZvkBTwJMih6k8M96WyilO2BVeQNaoa0HiLfMS5foxIJlVUta0E&sig=Cg0ArKJSzPtjzbKwEsnWEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jul 2024 12:46:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/ Frame 86FE 3 KB
1 KB 60ms
58ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 14:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 14:52:38 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 86FE 204 KB
63 KB 328ms
78ms Script
text/javascript 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64533
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jul 2024 13:33:33 GMT

GET
H2 200 3826577671669493134
tpc.googlesyndication.com/simgad/ Frame 86FE 60 KB
60 KB 59ms
59ms Image
image/jpeg 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3826577671669493134

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12419754b6b694a88031b7ad2b60e243ef4067e7d34b9e59214c35cd03dca591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Fri, 11 Jul 2025 05:03:32 GMT
date: Thu, 11 Jul 2024 05:03:32 GMT
x-content-type-options: nosniff
age: 114164
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61186
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 19:09:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 092C 0
0 146ms
145ms Fetch
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttQz83PdkG2GfGy5pbJXwyZabvZTKdbTID10hLR-Hwm6JMZCpRHzS1GA-cRXETlMSCNEr_-WY7gD8VAT2c4OkkaWCDS-qmSTWSyyTgTb-ifUM6gSc1X9Rt3Dr_mIbisR3tuBIra3UyitYhWASyuiLF9OwJLc2zPH-iKVxARpAELXpTJgggTK_jD3s5YgyRFhEbkIDsSnR5dtzWxC3wSu6ycWacwHn2eaZb_qYP3PmK0k4TGeGjYpIW8uAvpQ4AIoqKmJtaB3gLmNLHxyevG-kxMPDwZKuyQHXqi8O8EKgS3QhEB4_kPSrqzwqVCo9_JSo49Gfcw9krkrsY3qFRIjzfJPXU3esZnCcSVhD7A_zZiCqfx73AiXxd95mSN1RR7k4y&sai=AMfl-YQKqiq8bxpy5Cy53p5EY2Eu58Yigh21AO1h13YIH63dRVw_-4l9GvGYHxMTQV7aesUX5Do1mdnQmKK_xfgGe3u--OzU_WVNLZC1LvfPJDQvl_F-bsSN5oYn-mT-rXZaBb8s6t8fx1273xj4wHgw8wQ&sig=Cg0ArKJSzCjPmu1Dm_KFEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jul 2024 12:46:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/ Frame 092C 3 KB
0 27ms
27ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 14:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 14:52:38 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 092C 204 KB
0 296ms
296ms Script
text/javascript 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64533
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jul 2024 13:33:33 GMT

GET
H2 200 12582853091164100625
tpc.googlesyndication.com/simgad/ Frame 092C 8 KB
8 KB 81ms
81ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12582853091164100625

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25e7ff7147661562fcd9ec30c792a6fe1138e452d0b87f907c659f445d3486de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Fri, 11 Jul 2025 15:41:23 GMT
date: Thu, 11 Jul 2024 15:41:23 GMT
x-content-type-options: nosniff
age: 75893
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8246
x-xss-protection: 0
last-modified: Wed, 10 Jun 2020 14:30:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 container.html
f7b7d89316cce6dae6dd23c885bf56d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B083 0
0 0ms
0ms Document
text/html 2607:f8b0:400d:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7b7d89316cce6dae6dd23c885bf56d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 12:46:15 GMT
expires: Fri, 12 Jul 2024 12:46:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BD8B 0
0 208ms
208ms Fetch
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGMXxVpTZvz8gRSU8BsE44F65Tn37FMs-SZZcqpBG8qrt-KwroYkJxVvTnQmsUBLhshi2wOYq0AJMeZwrxAaBK_G7sIHI1ODJ57vkkaEqACzPkhGzqZru9CMfj56wRWLOvRUp9YRuLAJQs45cFupKV20fKPpEkXBNqDoL5RcB23E8p9qVzyiQ1DViqIRM1CbS3KGUF83_Wa_jMls_c2_F0ajw3c5zwT2Rwv8N-_BnJtzwYOVvitUn663lithSeVGXhrfVwPPQF-vQzaBh4xzlCllHi94PWV_rP9ga4yRHeERpTeaSvy8uzLNM4BTRsTop_sGLQLaZDpcfuMCInL_ovEn_SLd4K3haWJu5jrXrmMeEtKrwebwM-G3lskSSPQg&sai=AMfl-YQqOa8VnTqyAJg5zoy-AUNd3q7BgIfWNaxSEaeQJMysk4E-Mc-QckxVphIXVOC1ICmOu7gnbuXFDfEmNqVqgOBGYCkpW51rmb1iC5BSjygWAUvoKzKq9c1Hl69XdDGrhhoWwktk0c1nI2gIKbVbJIY&sig=Cg0ArKJSzPVDU3fsHrXtEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jul 2024 12:46:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/ Frame BD8B 3 KB
0 9ms
9ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 14:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 14:52:38 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BD8B 204 KB
0 278ms
278ms Script
text/javascript 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64533
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jul 2024 13:33:33 GMT

GET
H2 200 1788885616660317317
tpc.googlesyndication.com/simgad/ Frame BD8B 24 KB
24 KB 78ms
78ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1788885616660317317

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7ca69ac12be48a31c54a92353d2864dbe621fc18c6aec93ea3758357e292275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Mon, 07 Jul 2025 15:43:14 GMT
date: Sun, 07 Jul 2024 15:43:14 GMT
x-content-type-options: nosniff
age: 421382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24443
x-xss-protection: 0
last-modified: Sun, 30 Jun 2024 18:57:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 26A5 0
0 205ms
204ms Fetch
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMN860SYU8UWf4orMahPJI9-dUrmeuerG3p4RucLiob7loCeoK7D8X4Fb_fVgfam7Nk2rWzbSmq5qkpOWwTcNwWnvJnG_OaRD5cEFGoFpWmfAjIwu06BS0Aw5X7USDJXUa5s8gzy9CVxBP032T57SaZPCU7aSwv7HVgYarJi3qnMEZF0Ite5bFpTgPAWmfRPn2QKrGIRxXC1bu4D4ePoZbIckXv11u4VdMlv2oO0MQ0aCo8cQUCxsxlZHV6Ks-gMHkj2gOx2m5SCs_Ataoo18YBybYqOimifZjvZeC3dZpx0cd21prEGKu-QaB7OTH_A0EeE3zwJ6_sSN-CwayPmxJkQUJM0o5M6t2PgzbGs0VTqNlKF6mjQuI2jt31gX5&sai=AMfl-YRNDL_SPFm6qxjy2JoD82IwgoEQAafw7tv2A46nyLi-hdzFZxX1DxeloQCqhyeQDPmhRm_VvMNJZI2dn3wc8x-0QoBFJix0XrKBAUUXSl7fr3QqycrG-i8oMCT1MvnOH5lkOISXwerkAWJLBUzUgvs&sig=Cg0ArKJSzEvncOK8XnI8EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jul 2024 12:46:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/ Frame 26A5 3 KB
0 1ms
1ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 14:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 14:52:38 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 26A5 204 KB
0 269ms
269ms Script
text/javascript 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64533
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jul 2024 13:33:33 GMT

GET
H2 200 11313822593186686998
tpc.googlesyndication.com/simgad/ Frame 26A5 83 KB
83 KB 179ms
177ms Image
image/png 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11313822593186686998

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5f7521b478d7e6630e6548cddd675a096d5aaae629e34c54d838c00560d6aa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Sat, 12 Jul 2025 12:46:16 GMT
date: Fri, 12 Jul 2024 12:46:16 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85344
x-xss-protection: 0
last-modified: Mon, 24 Jun 2024 15:23:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 502A 0
0 199ms
198ms Fetch
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaV61i9zNbBQS5TNQjtb-lZAKEFiiXInjzK_2RNUYtdtJ8m3M2w0J_OMN5co5uKc8zvWElUtmLy_SQlSMeu0jA8NEiWupqRb0w3IuwrXFxMARQfAR4Sr1hhLD5ECnOGtRNAFU-qtYSZlr5oorh8b9IEuiTOQUQt71tAVRdvMd8c7LfP71wd8FRva4oG977Xp4by-_NR_7QciSVkM8T9fJpzKsxGQySnyl4IP6IfG9sSqaTmaWJxQTiQ6CTDwCW7IaIpPz5rLTVnLrWmTWcbKQjJfQFHF6Dw3YTzQ2NC08cN38uhtsJPMARyXCp7Ew2vvbSV-IFch02TE5hsFbo4kq1FTRo8pDPqJ9IDV4KqGuZAWqJ8XzVoEbzxIfgyLpsLOmRPLo&sai=AMfl-YQm2YQJBJLxgLb4ksEfGa8q2n_koJadPpkaZzZDU3egWU6ORklklTGOVsYo4D_L2WMpFheBKHfLKSnPTlkvnpknVU-t_rDqe1ZF4Zj9DCmwVCBTUe6KY2lYoro7LArYB5qgN9X1V9Ox05ja6Ih8ZJU&sig=Cg0ArKJSzAc8G471KbbuEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jul 2024 12:46:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/ Frame 502A 3 KB
0 1ms
1ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 14:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 14:52:38 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 502A 204 KB
0 261ms
261ms Script
text/javascript 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64533
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jul 2024 13:33:33 GMT

GET
H2 200 14731349777348120207
tpc.googlesyndication.com/simgad/ Frame 502A 93 KB
93 KB 69ms
68ms Image
image/png 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14731349777348120207

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e276158ae2e3ccddef955010aba2bec59fdeb3c2a6c950e28b6e13927aa7f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Fri, 11 Jul 2025 13:45:03 GMT
date: Thu, 11 Jul 2024 13:45:03 GMT
x-content-type-options: nosniff
age: 82873
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95108
x-xss-protection: 0
last-modified: Mon, 24 Jun 2024 15:23:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 356C 0
0 192ms
191ms Fetch
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstd8YoXWuJ3K3LbLXmQ7CbySt09fvyehcuAHfOdpcXSuCNDJyCB8pNr_pWbS-t4iCidPrOvWfWGeGifDkfpM64gwOWjlgwwZt9aB-piscAiD4xNjuoS0VEXDFx8tg-QD3NcUzuqMDcyXBzcoXjYiV4NndnpQQBFOogrNnfpSG2phdIB9bh6auTbo7ZQLjAQmXZGrVS9gaizeoqTCsH8GlbVwRV7ZYi0fgnkOYhzJdean5fG66u4qBiJWyBkj_cSbgnZ3QBxazJjP1qu_JwMyQUwAkgOrj3jXjzfPEBPI4eZfngTjsygn6xzKBm1Ebwc37N8BCk7JMN9rvCH8Yf1_jEo3FGXBFgwaDexCnA2Vexj0jZiEHTatgqCy5BzJ5MtHSnLqWoc&sai=AMfl-YS4RTDIlDKmCeZ27jtPIkXKazRy1ulq5xslLnM8m9iSf92P30yavsP3PibrYcAC1UaXacs2CD2TODEWwmL_863-pX7BeYj8nfrBmc3NiUDA1Ep7wHabgRbhZ2XioAeRPfo7oqH7AusTMi1WN9BW2iM&sig=Cg0ArKJSzLHZsnde8A0hEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: thecourier.com
URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jul 2024 12:46:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/ Frame 356C 3 KB
0 1ms
1ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 14:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 14:52:38 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 356C 204 KB
0 253ms
253ms Script
text/javascript 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64533
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jul 2024 13:33:33 GMT

GET
H2 200 6921540337305101162
tpc.googlesyndication.com/simgad/ Frame 356C 121 KB
121 KB 110ms
109ms Image
image/png 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6921540337305101162

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e4772e1fd63c89e332d0668a738ffcfcc36ce276078a89421d12139d26aa6fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Fri, 11 Jul 2025 11:18:59 GMT
date: Thu, 11 Jul 2024 11:18:59 GMT
x-content-type-options: nosniff
age: 91637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124185
x-xss-protection: 0
last-modified: Mon, 01 Jul 2024 20:18:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 86FE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5501ff9a3d71ad324813ab101dfd8a5643ee43385b908e812a0c36a17783dd44

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 092C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aebd3c606078c5fdf3e37e5c97b6f9a30a83f98464c159b2d177e1564a2b330b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BD8B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58f0fe02befa451d3ac97e57109b8bfb9960d4977c66c7bec0bb16bc7f129643

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 26A5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab645a3b6b2e9ad3125b96865b86d4caf0e7842ed4ab37a9d3b921f7e0e116e5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 502A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cad3871304d851263df74d11d15a97cb1e237c44072eab7a4b514d2691f52fab

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 356C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20a43046cebf276b96a8efffa395a69fd9bbbd487ef2d96a5190fbb144c46089

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ad-lil. Show response
fundingchoicesmessages.google.com/f/AGSKWxUIHjYLRjlaDT0qsFX7jfpRhYjGaTFMLXt3lz7qw8JOBnjU403Mcyhri1kkH2AM8xE2vFDcacEv4CPiFnRcn52MKDFAGcmvq2bpfKLgmUbIDthgo55DleKvYb5i4PzBW4wLt0qZhCxy-roOim6EyOWnM29rR... 54 B
109 B 144ms
144ms Script
application/javascript 2607:f8b0:400d:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUIHjYLRjlaDT0qsFX7jfpRhYjGaTFMLXt3lz7qw8JOBnjU403Mcyhri1kkH2AM8xE2vFDcacEv4CPiFnRcn52MKDFAGcmvq2bpfKLgmUbIDthgo55DleKvYb5i4PzBW4wLt0qZhCxy-roOim6EyOWnM29rRn34muZNuKaJo1Bz5vhOJfNRjwocfaed/_/staticadslot._adwriter./click/ads_/adstakeover./ad-lil.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ekjc7QylIsw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzsTPzK3mzy1c8pHkseD8gxCiravA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::65 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0408c3373d549357fc57716957bf4bd2ca405d8d7939a19f39e721c7bc0df9d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YqlY5RBqF5RTNflYDy5X2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-YqlY5RBqF5RTNflYDy5X2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLhmHH6yBY2gQWr1p5jVNJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDew1DMwiS8wAADp9DnC"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 68 KB
25 KB 366ms
225ms Script
text/javascript 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7de63c3b33604acd0c2913704327b8dc035d5c8408b2b10f6fb7309e3a606e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 11:55:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25841
x-xss-protection: 0
server: cafe
etag: 15863698010961805799
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Jul 2024 12:55:37 GMT

POST
H3 204 AGSKWxUbYxUTYBFGCC0ReOZLHQv10Ai_LvOu6eB7Gwm6hfpmxzfvEhLI_CP4zUWnWjHfchyP8SFDYuzUeAyJhrWLL8-q6h_zEMUgIUfd6Dl9B3WcjNsn_jLW_7nnziQrPw_Mfw7tSoYSCQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 377ms
147ms XHR
text/html 2607:f8b0:400d:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUbYxUTYBFGCC0ReOZLHQv10Ai_LvOu6eB7Gwm6hfpmxzfvEhLI_CP4zUWnWjHfchyP8SFDYuzUeAyJhrWLL8-q6h_zEMUgIUfd6Dl9B3WcjNsn_jLW_7nnziQrPw_Mfw7tSoYSCQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::65 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-V95GpIZV2MhtWyTzXQnMEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-V95GpIZV2MhtWyTzXQnMEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEwzHj9JEtbAIvjvzfwaTkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDQ30DMzjCwwAftssYQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thecourier.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUbYxUTYBFGCC0ReOZLHQv10Ai_LvOu6eB7Gwm6hfpmxzfvEhLI_CP4zUWnWjHfchyP8SFDYuzUeAyJhrWLL8-q6h_zEMUgIUfd6Dl9B3WcjNsn_jLW_7nnziQrPw_Mfw7tSoYSCQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 230ms
146ms XHR
text/html 2607:f8b0:400d:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUbYxUTYBFGCC0ReOZLHQv10Ai_LvOu6eB7Gwm6hfpmxzfvEhLI_CP4zUWnWjHfchyP8SFDYuzUeAyJhrWLL8-q6h_zEMUgIUfd6Dl9B3WcjNsn_jLW_7nnziQrPw_Mfw7tSoYSCQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::65 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-O7lti1pkTViCRBxxjhmv9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-O7lti1pkTViCRBxxjhmv9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEwzHj9JEtbAI3Nh_cwaTkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDQ30DMzjCwwAYWMr_Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thecourier.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 092C 0
0 264ms
159ms Fetch
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssggadWzJY5LY4gUK0X6HZKf9QwbEARMkMK2PUzRkgAFOw6OSd0HElL4vuUV6tyPnt44F36-n-cquVguaZvaWv7J7AIi2WogQCJx1T-CYsbIgHp7aWhYtLuwC9nUJ1ZL-Q1o0GCTfz_S7k8IzBOHPdiSswJwzLC-fcQVAZszri-s2Exf2cAnDPKvnthAL2H23Le3A7hVkY8-nMn-jexJ0N38gVhk5f-Iqt8jo2e7gH6rTZLODpkUjgfBFnGrqJImFdeszO2JKpB-1I-QGXFZ9BukvjcmP4zoEMf2VRz1IrRk4LmaZBTq9HIoeA8JlE72oBMSqvvSlQYfZwscn_AXwHADAFgOsCHWcUKtVc8PFscTuYZnUTxJX2x5TJ2Yj32pf-UK1Q&sai=AMfl-YStCE16kvcMuWZ7l3N1HLyqwP4iIUXkYHLfK2CwqukmzdQ87cEmaEaHU9iTK61dQhXOBVVHE-AXPiOQM822WKw0-qqPVig9Tw8NhSlav-rivrGnybgPe60zArGC7hsa0YJ3ity4I4NsrbbNGdh-RVc&sig=Cg0ArKJSzMFF72z4kZKiEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jul 2024 12:46:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 86FE 0
0 243ms
161ms Fetch
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmR63RX07kahGAKqjbwaz8gLWO5_yg2rtzfAu_iFkmcDC4dP09TofrwKYr8D_z4_hL9WE-ZXfGk5M0KPwOfcMr5fkgndyY9a3hAZCnvoj2JfDkYfSwhQXaHu8dKYm8xlQa4IswHOQ88zkpubKS77-WiLoeJFw0-cKesnS_V-Yrb3jNfjGyjtoKPcNpHoaRS7OlrXdSWV0foSFa0HjH0HBFLnL7HDeZ8zMYXEhPvRfKOhrwSteDDq9CUelgyUaBeh6yrePGw4iIndtKizKO6j3tlOHt8xnh6JmaFQpX0Pd1zMBP8cdxyx63h53BAMjlyKxeBCDzgnD-9cja3YH6pw7lg1xu2w&sai=AMfl-YSrTf5QvnAucYCJ0Gzqx3syU__hl5ZGIjCW6RTz_z6Aam1szA10f_CeDHCdI0HSnm_uiVrkdhTSQ5hrYgInCiFrn1inNwBIUIvbFNX2cdP2Jeuobzf5wGAHQQBOJYDSWsvlZdyZ2zyRi4MIYgMXYRM&sig=Cg0ArKJSzMkFbUGmtYQ3EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jul 2024 12:46:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BD8B 0
0 217ms
159ms Fetch
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujRF6UxrQSnnXJFdAVkS9qdaUuH0qSNifQ7HUBUain_yrXzsFUjUR4wFntQgYk0JmweLABASw_xH6TfpCfCodZ13BSnSQolYRJ4BF7k0L6hUSgLN9tP02EHXSt3c1TtqDK355JWtQRXloZ3x_rfROoh59xBNIPdS21aSGP8vfz3iREczFZn83TBO8RhvxoECj4mcySg4NLIezhBtPAdVsSX4vjnLOzQwjfMY6RVIX-Ob58w_zvRwyNqgfL1wL0soqsdSfhrtUkLOO4wHarDntGpUDUOhIgu1WcHmvIdgOFGtcFmbAUlWjO1JQvPoKxU_Cvu4h4yyJd2gmQUmA-S3uUffLmxqqJPqPRG2Qu7ER8thVzMGP3L03OuWyO8L_S-zMv&sai=AMfl-YRVxh7JrG5BTejut0OKZQmJ6WHkJ0wDaQR8pLcbq530SXbSSM9zABknBnPL8iI5FgzIpAo8LqH3xoov6Fsxl5aZjHq5zAPKHSSEAOtJ-kpRq4QA22uoly3FbY4EC9sTkt7quXoQNG0KnYU-_xf7A3o&sig=Cg0ArKJSzOpn--fG_jA7EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jul 2024 12:46:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 356C 0
0 195ms
157ms Fetch
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss989Ptc4MPL4W-4kxqO2j-EOkEJ0mQJsO8pxuf4RXVG1JCaco1F6E2ebnNdNSrEOLwocY-lOnm7Ztxkiw4l9RZyum0XWSoxDCR5-vXouQmmoKPVZzoOZR_ZNOvog4ZG0vb17WdaqIfZwYN6y4LhL8dy54oR_64C9FH3PROvMcd2IvK3cs3BN-cHI9eI0_QrIzOirsds2Xqa7rQMgcdCf5bfot3M99qM5wmVaaFHJ0DOx5XhUrMWh9GDixFYy1vxVS4R9nls8CDgiAk7__3q_xzQ3HPdM0rlAgcWcv4ODSe-XSLgw0r0LwKir9LdXJNSK42ccxRypyr74F5Yokao--0PsaezDsJY7X_h4ex8FHr2VUt9NKLQwjDmaYyhAd6Fw-yLpAacnc&sai=AMfl-YSOhvtRy99ky72DOipO9ZmTJQd6UhGTc4ALjHnUe92VhrwRPFmoVmlL4fOnfuhnPaGdDV2B_PiusnmWGOgxyy4KqL8qTvOzDQoIn0wZfJ3RzqX24_JGcWGKR8xMAB5mpP94qwLDDdzUNaJ0F9zmT8o&sig=Cg0ArKJSzF_2SPaqB4JEEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jul 2024 12:46:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 26A5 0
0 168ms
157ms Fetch
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmz1GpXjNNO2OJw1REW5LLlR0npHheokjEX1aPJyo6EER4CDyXcvrspbuPryXk05BChiKwKaNSBu5piirYS6IiMkoX18ygysBV90Z7GaNKSIeuLcc5lgwtHJFlGyKfCzLTsVp1GW_UO_hRLsFdBmAjZ5gq2uAsanC8LpVK2OmjSBmXHg5dMM10XFm9wmO_PJzf5bsPuB-s02h2wIdxcmXjN5cMsR06vKp8xC6lMVWhf83m4RYvS5XRtr-SseJ9hY1wF52CNbrF6fh1GYG-SaZMgJHHIjLH9GkNTvWLrwzPnmqYbwBstb2YbEU4nXsrsutZoeDIxzfH0KhR7qrfz7zN6yWiJxjENU1fBJe2jlNWt37Z0Cx0Cg7D8J7b9t93h-U&sai=AMfl-YTOhikvn23Y7QFXhJJRwWV3gFhdoQlFiDDVP5gSDHulixjJ4rf4AlzWuQ25mNJsxv2haXphpPWt8ZTOeP89kZi7cZ99ir_DqvimScYkw3OBdlp1HJMV8t2P5oi8SHVeDWDzikl7UTio4cDuU3D609k&sig=Cg0ArKJSzJ9GqrdWst1KEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jul 2024 12:46:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 502A 0
0 450ms
450ms Fetch
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoSJExyrB4YW3v7fV1HPupldXZHV05DRLL6I1_KaiGZ53BODrhFpxaVDbzY5TXrzCdo1alQKPbfQEXziIN3XgDSxO5hXNwtd5PehmwzyWAvzymdMnvfJKVOYvahzsPy1RKnJY2MmMt5cRAmDY03T0Mr7MPjPEbaYI2fc16jXYuoZHeClczFy2wOM_6derczZtFk9-SZY0d8k5qgkhf9mT4HFU3slY8ApKPJPw6-v8j8qLPyZumyx2e0WY0pv8k1oUGwibFXncV0CgVJFYltXvXvVOPcFVjYvN_tyKtz0kVRZmeLAn6I_9jzQGWX3EP0p4_MiafsS9WuykdgW63bXP6jF8oYXTsu0a0mvahTdIF_YHHEgngphZWgf_6jCwcUDHfUXrJKg&sai=AMfl-YSge1oKouAmx2JcglNpObOhwzQBcKQOsCfJ2q1QYCg4aZPIrAxcv-8OQtgA0EvfsGTBEvde-oZLlKHbvIjWd02LqVM17rw-_A9wIWUZp8tSAtumYIAdg2dMA367KNdu8jGVeimYfuWgjeuarp1CC8I&sig=Cg0ArKJSzLO3mAMnJzAZEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jul 2024 12:46:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 092C 0
0 103ms
103ms Fetch
image/gif 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 12:46:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 86FE 0
0 201ms
103ms Fetch
image/gif 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 12:46:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD8B 0
0 310ms
112ms Fetch
image/gif 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 12:46:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 356C 0
0 408ms
100ms Fetch
image/gif 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 12:46:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26A5 0
0 503ms
98ms Fetch
image/gif 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 12:46:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 502A 0
0 598ms
97ms Fetch
image/gif 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 12:46:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUbYxUTYBFGCC0ReOZLHQv10Ai_LvOu6eB7Gwm6hfpmxzfvEhLI_CP4zUWnWjHfchyP8SFDYuzUeAyJhrWLL8-q6h_zEMUgIUfd6Dl9B3WcjNsn_jLW_7nnziQrPw_Mfw7tSoYSCQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 92ms
91ms XHR
text/html 2607:f8b0:400d:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUbYxUTYBFGCC0ReOZLHQv10Ai_LvOu6eB7Gwm6hfpmxzfvEhLI_CP4zUWnWjHfchyP8SFDYuzUeAyJhrWLL8-q6h_zEMUgIUfd6Dl9B3WcjNsn_jLW_7nnziQrPw_Mfw7tSoYSCQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::65 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RZ2qeZqdFxFWhig6CLUAHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RZ2qeZqdFxFWhig6CLUAHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEwzHj9JEtbAIvvvddZVZyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgbmhgZ6BubxBQYAdu8sQw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thecourier.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUbYxUTYBFGCC0ReOZLHQv10Ai_LvOu6eB7Gwm6hfpmxzfvEhLI_CP4zUWnWjHfchyP8SFDYuzUeAyJhrWLL8-q6h_zEMUgIUfd6Dl9B3WcjNsn_jLW_7nnziQrPw_Mfw7tSoYSCQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 93ms
92ms XHR
text/html 2607:f8b0:400d:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUbYxUTYBFGCC0ReOZLHQv10Ai_LvOu6eB7Gwm6hfpmxzfvEhLI_CP4zUWnWjHfchyP8SFDYuzUeAyJhrWLL8-q6h_zEMUgIUfd6Dl9B3WcjNsn_jLW_7nnziQrPw_Mfw7tSoYSCQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::65 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sjk_db5_d0417mcUqNDrtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sjk_db5_d0417mcUqNDrtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEwzHj9JEtbAIrWk9eZVZyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgbmhgZ6BubxBQYAVO4rzg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thecourier.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXY5K5gmeWZGagJuGfv5ZUBxIJQk3p6FqrZKYV0PQzAQrVkfhIAb3EynNru4qyrSH9YBe0BBKDN8a8u0Syl704n-Car2gDdL1bTxbnketXyU_gRRc9vNt4b5NWFgOq1HYLLglutPw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 71ms
71ms Script
application/javascript 2607:f8b0:400d:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXY5K5gmeWZGagJuGfv5ZUBxIJQk3p6FqrZKYV0PQzAQrVkfhIAb3EynNru4qyrSH9YBe0BBKDN8a8u0Syl704n-Car2gDdL1bTxbnketXyU_gRRc9vNt4b5NWFgOq1HYLLglutPw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwNzg4Mzc2LDkyNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4tR0IiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90aGVjb3VyaWVyLmNvbS9uZXdzLzUzMDE5NS9GaW5kbGF5X2Nhcl9kZWFsZXJzaGlwX2FjY3VzZWRfb2ZfZnJhdWQvIixudWxsLFtbOCwiRWtqYzdReWxJc3ciXSxbOSwiZW4tVVMiXSxbMjIsImZhbHNlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::65 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f5b09673bfb083eb60dde21e9099896d7d4b00d2ea2d434f18fe7830814de2b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Pos3NVmghVZx6FVhY16xQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:46:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Pos3NVmghVZx6FVhY16xQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLhmHH6yBY2gQeXzpxjVtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDew1DMwiS8wAAAEzDpP"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
234 B 429ms
121ms Ping
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lyioyxcq&ctx=0&met.9=1.z5~2.1ej
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 12:46:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVGD3i6DRGnImoY6E1pQq2vgMqB5Bl-wWAB5ZvLIqei9Av3k-4ax73OFsKvtp4nDRnvYnPSrvqNVnKZ8TIP2ZxftD3IUOw17v36QwTCt2-3UqjQKcYorQRDtsY-Q0Ay4-IeAbvXNQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 56ms
55ms XHR
text/html 2607:f8b0:400d:c09::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVGD3i6DRGnImoY6E1pQq2vgMqB5Bl-wWAB5ZvLIqei9Av3k-4ax73OFsKvtp4nDRnvYnPSrvqNVnKZ8TIP2ZxftD3IUOw17v36QwTCt2-3UqjQKcYorQRDtsY-Q0Ay4-IeAbvXNQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::65 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BdBAoNyO5VTps66vfJSKNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jul 2024 12:46:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-BdBAoNyO5VTps66vfJSKNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEzTHz9JEtbAIP5j0SUHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBuaGBnoG5vEFBgApjitx"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thecourier.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 86FE 42 B
65 B 121ms
121ms Fetch
image/gif 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulPy7dsx_6F5cflGAPhdyupKyUHkYeWcgOpIOT0MuxUvTSr4wDmDuo6YQiFdowQgZzV315gc1tPFmaiZyPBoapOpIBYVv3wQBXNU-kweo48v0Q5czasteR_WgbrSnNVb-LQxeMSxatnP-heYDlGVQV7mQ8Jhco0X4&sig=Cg0ArKJSzC57jyx_6DHYEAE&id=lidar2&mcvt=1002&p=184,436,274,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240710&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1253930346&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1672117600&rst=1720788376242&rpt=557&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 12:46:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 502A 42 B
65 B 419ms
418ms Fetch
image/gif 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1r3OyQ9eqykfqMQE5AobvLD2ccPT1iK3gDoPmH3xYZMOs694L1qhjAs6uPg_rRZ2BcDdZ-GL1Kj8AIlzuNBxlQTsCKV_yvMi09c-X7gHRcZRocjAJ_RRS9L90jXJ51QR_1YI3q8ywc6q1ZJNFy669pRu7PY-E3es&sig=Cg0ArKJSzEe-8I1aTBPmEAE&id=lidar2&mcvt=1007&p=375,1140,625,1440&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20240710&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3466206048&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1672117600&rst=1720788376317&rpt=572&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thecourier.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 12:46:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: media.myteamscoop.com
URL: https://media.myteamscoop.com/images/custom/101/favicon.ico

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407080101&jk=643836600091438&bg=!NTalNnnNAAZjPzuvQz87ADQBe5WfOMBrbZkkTVX7CHlDl9uzxhp_arJGU6qkIGWHbQC4Bn1O_6ZfWS8j6tBuoo61Hu56AgAAAI5SAAAABGgBB34ANk1nOSsvrOk-ku6Vb0429xvHeiLt_D891a04x4t-r2XeFTJhgVCnrW-3gbhpZjvhX4qrhjfKgZkCsqnFaWtO1zdwCgYiwbAcTTbUFsShUCMuUTJMU74VPBksFrhGB-6pMfTRTX5HN3t_JHBUCbEalWfQyy1gswPGHjhxPtFx71VR2HTQ3sA3FOYslrlK77aInyzoZBOgMkpca-y898JQbbtjds_wgQODu4HNXZ98RMH-1ZlaelyCckOf4AY6iyJpz4Zh2WDszK_QkcsmdcGAnNyggOcg8y-On9IhTFjD_HrBqBOZGcDJs-dn-FJY9hn7l6QsfHyQ2ZtFE_lzi4gRhKHiKKvSwty9CTn4Ydbpb_CY_CEQhO0VLvOzTS3-ytpQS7yqkVxVB9mnqHM-CA5CgnMkhy1czI3RJnTXlvEclgyj8djTm1YkAHoGoR1bjKFVXvErRrLkY45pnUTdEIvRwp7yK6mTKcBUe5wHE7BCdS2shkHn_KQZHbwR2v-y9grJPtvMxGjIrsjtKMZG5oX5GQ3VsYcN5eGAIvGJaY7ISgz2WNfBIBU4A0OFxk1TJlyzFmCUerwFK0T5lJJgXJtv75pBwWBJDP6N0rQSYd34OOdoMF_YGkJnYiDbozA3o_ZMgXWK6dgZjsk22bLdtX9Ysa1pJyfhYNirBIchAmtA-7bPVzf1lNXVk_mcpDfkdo3OvbYzFC1jmfU3Vvxub9XEzwQV-LqMGP7lVnciWepTxjqb1PvFq5hZ8opFbKQSWmepoWrayq7n2cgS2sN9sfbxRZCyGwTmAEt9Be2NW5aKB7msEP71JFvAuwuLgC659t5jtpVLuSKdxsL7SlF6E631jLCk20ZvFzfitcJR2odDJO5vj0XCVFn2IgjccSZ_ecw6sMujKhaOe0Ky-QuWudxkaOUFoyxfnK_q1whzxXJ9_Iyhaf2K9Ma2I76dM7K0iLD0jO9f0MVCAOgpWa7-fojsSLPx35-TshnNZIinCw

Verdicts & Comments Add Verdict or Comment

550 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
thecourier.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: znjrwvkh3f04sgizacpsucfh
.thecourier.com/	1970-01-21 07:35:48	Name: __utma Value: 160303096.853027881.1720788374.1720788374.1720788374.1
.thecourier.com/	1969-12-31 23:59:59	Name: __utmc Value: 160303096
.thecourier.com/	1970-01-21 02:22:36	Name: __utmz Value: 160303096.1720788374.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.thecourier.com/	1970-01-20 21:59:48	Name: __utmt Value: 1
.thecourier.com/	1970-01-20 21:59:50	Name: __utmb Value: 160303096.1.10.1720788374
.thecourier.com/	1970-01-20 22:01:14	Name: _gid Value: GA1.2.1610360572.1720788374
.thecourier.com/	1970-01-20 21:59:48	Name: _gat Value: 1
.thecourier.com/	1970-01-21 07:35:48	Name: _ga_ZJ4C47N33G Value: GS1.1.1720788374.1.0.1720788374.0.0.0
.thecourier.com/	1970-01-20 21:59:48	Name: _gat_UA-1076873-1 Value: 1
.thecourier.com/	1970-01-21 07:35:48	Name: _ga_2Z8QQQSWZZ Value: GS1.1.1720788374.1.0.1720788374.0.0.0
.thecourier.com/	1970-01-21 07:35:48	Name: _ga Value: GA1.1.853027881.1720788374
.sitescout.com/	1970-01-21 06:45:24	Name: ssi Value: b99e6861-1bba-4909-9ad5-12fa595f69ae#1720788375387
.sitescout.com/	1970-01-20 22:43:00	Name: _ssuma Value: eyIyIjoxNzIwNzg4Mzc1NDc4LCI0IjoxNzIwNzg4Mzc1NDc4LCIzOSI6MTcyMDc4ODM3NTQ3OCwiNyI6MTcyMDc4ODM3NTQ3OCwiOCI6MTcyMDc4ODM3NTQ3OH0
.rlcdn.com/	1970-01-21 06:45:24	Name: rlas3 Value: iLOyf9eAGNrXldhqSydNs08Fw1tluA9z6RiOaVqJzXU=
.demdex.net/	1970-01-21 02:19:00	Name: demdex Value: 56780477898517574734184144340754085399
.tapad.com/	1970-01-20 23:26:12	Name: TapAd_TS Value: 1720788375657
.tapad.com/	1970-01-20 23:26:12	Name: TapAd_DID Value: 22f72660-ad16-4818-af7a-0742bc055a4a
.exelator.com/	1970-01-21 00:52:36	Name: EE Value: "f41ab45d8057c8b86adabd7db01f936f"
.rlcdn.com/	1970-01-20 23:26:12	Name: pxrc Value: CJfLxLQGEgUI6AcQAA==
.dpm.demdex.net/	1970-01-21 02:19:00	Name: dpm Value: 56780477898517574734184144340754085399
.tapad.com/	1970-01-20 23:26:12	Name: TapAd_3WAY_SYNCS Value:
.crwdcntrl.net/	1970-01-21 04:28:33	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 04:28:33	Name: _cc_id Value: 9af4f30ed718f4cc4d0c8016244fab68
.crwdcntrl.net/	1970-01-21 04:28:36	Name: _cc_cc Value: "ACZ4nGNQsExMM0kzNkhNMTe0SDNJTjZJMUi2MDA0MzIxSUtMMrNgAIK0iarTGRAAAF7ACsU%3D"
.crwdcntrl.net/	1970-01-21 04:28:36	Name: _cc_aud Value: "ABR4nGNgYGBIm6g6nQEOABU8AbQ%3D"
.exelator.com/	1970-01-21 00:52:36	Name: ud Value: "eJxrXxzq6XKLQSHNxDAxycQ0xcLA1DzZIsnCLDElMSnFPCXJwDDN0tgsbXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIbEl%252BUWb6otDgxUUpaQyLSopPBZ8IrgUA06Aq3w%253D%253D"
.thecourier.com/	1970-01-21 07:21:24	Name: __gads Value: ID=17f33261468e786e:T=1720788375:RT=1720788375:S=ALNI_MaVmaQoYq-3F6aiV_b6kNV3icYobA
.thecourier.com/	1970-01-21 07:21:24	Name: __gpi Value: UID=00000e73be378455:T=1720788375:RT=1720788375:S=ALNI_MYAnCieQCrKugY8omTZUAgbfKABWw
.thecourier.com/	1970-01-21 02:19:00	Name: __eoi Value: ID=d86b5f4d758e1b16:T=1720788375:RT=1720788375:S=AA-AfjZ2z6bXAouHm_Sx0mRjo4jh
.doubleclick.net/	1970-01-20 22:43:00	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 02:19:00	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 07:35:48	Name: IDE Value: AHWqTUlUZKErGqOGozzmTpjFmp4Ei5tiHD7r-pceEjYPsUGJDj_u9UbCnDQXQcZzESc
.thecourier.com/	1970-01-21 06:45:24	Name: FCNEC Value: %5B%5B%22AKsRol9FDJEgXyoJiPxOPdOQ2IVDMCuW5b1rGKAMx_b4jg28L40B2twXJEzdXTp7sumcTohWGA5BbtaVu71IdNIreS_RUpuqe2UKamDM882y83IisJI3_lCpsvfEg-C8gYpFqohrOKF7_MREUOzk-q6ZRvzl7VQbjw%3D%3D%22%5D%5D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://media.myteamscoop.com/typefaces/Font%20Awesome%205%20Pro%20Brands/fa-brands-400.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://media.myteamscoop.com/typefaces/Font%20Awesome%205%20Pro%20Brands/fa-brands-400.woff Message: Failed to load resource: the server responded with a status of 404 ()
deprecation	warning	URL: https://media.myteamscoop.com/js/jquery.js?v=1.14.5.35821(Line 2) Message: Listener added for a 'DOMNodeInserted' mutation event. This event type is deprecated, and will be removed from this browser VERY soon. Usage of this event listener will cause performance issues today, and represents a large risk of imminent site breakage. Consider using MutationObserver instead. See https://chromestatus.com/feature/5083947249172480 for more information.
network	error	URL: https://thecourier.com/news/530195/Findlay_car_dealership_accused_of_fraud/undefined/ Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
c.amazon-adsystem.com
cdn01.basis.net
config.aps.amazon-adsystem.com
connect.facebook.net
csi.gstatic.com
d3i5p6znmm9yua.cloudfront.net
f7b7d89316cce6dae6dd23c885bf56d8.safeframe.googlesyndication.com
findlaycourier.mynews360.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
media.myteamscoop.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.sitescout.com
platform.twitter.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
thecourier.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
media.myteamscoop.com
pagead2.googlesyndication.com
18.160.10.101
18.160.51.31
18.165.96.154
216.157.106.133
2600:9000:208f:b800:3:bb0d:a880:21
2606:2800:220:de:468:2285:c1:4a3
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c09::61
2607:f8b0:4004:c09::6a
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1b::9b
2607:f8b0:4004:c1b::9d
2607:f8b0:4004:c1f::84
2607:f8b0:400d:c03::84
2607:f8b0:400d:c04::5f
2607:f8b0:400d:c04::9b
2607:f8b0:400d:c09::65
2607:f8b0:400d:c0f::8b
2a00:1450:4001:808::2003
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
34.36.216.150
44.209.222.101
69.28.157.216
02fd7e6ec1ca17f651487d7653738bd4710cae64faf6535cfe62321b5253eb25
0408c3373d549357fc57716957bf4bd2ca405d8d7939a19f39e721c7bc0df9d3
047ddcf7f418811433e494b1fbb28e87eba265853e54cdd80a4572f4a474b1e4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
082b99c0cbb8bdbb2779cd6441ace46324af1b61cc1fc78512c7fd7da5ccdd21
09ac178a258f539d0edf3776ebca3d9cd59549fe940be2038f69162b80df08e9
09c7a12fd0fec6718fb3c35e5a117ac3ba66bfc2c33b819999aa88099ba28bef
0b031c767315fdf813de937616e7cec830d2aff725d8bdc86b08bad76e8bf9fd
12419754b6b694a88031b7ad2b60e243ef4067e7d34b9e59214c35cd03dca591
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20a43046cebf276b96a8efffa395a69fd9bbbd487ef2d96a5190fbb144c46089
23ab3ea89bbc7a1f3b984bb14c57f1c6ff6f997aab0edb711bf342f729e4247d
25e7ff7147661562fcd9ec30c792a6fe1138e452d0b87f907c659f445d3486de
29e3b587db2f05281fd0358aa0573387239ab83c5e81c5f519eae6efb2a0eb4f
2ba5df09a99cee16f283a66cbaf22197af11a2cf8d5fce37f79c3488d6b52f7c
327fce3a54be7383e5edd267034af94826eb06a5f9b8e92ae721476a99c42e33
38916ce03bb015001a9c72ba6fa873666bfb17e1d12722e5add2c651c0202abc
3a5ca6ce03e876531389547be627799645db5d08b15d897f4f11b7a306a1e25d
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
3ac246346f02eff826779e6aeb081193fe302182fc9eb7c870f3e954bed1b7a4
3c766a0f141701edd393f089dbcd602bd9f8a1b89410885c45b3b5e9f6b5935a
3e276158ae2e3ccddef955010aba2bec59fdeb3c2a6c950e28b6e13927aa7f03
47d9927c3813e8addcb0401b869915e663e59a28e080070949719aacdfe3be1a
48b4038b2040709e696c9d9bd3e916baf808ecd725db827d75ec5c51d5ccb3c7
4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583
4ffd81618fe4afbdf33906894cf99175506b413dd642d9ae53f2f81cfec5d5cf
5501ff9a3d71ad324813ab101dfd8a5643ee43385b908e812a0c36a17783dd44
5710d02969932614b8eb5b4093d1dfd588fd1a188dc6a981723b72dfd2d67a16
57c1e35b41cf69219684c28bdd817cb683bab22ec0a470dc1ecec157a3af9f03
57cc1415b4eab8938a8203ceff0a19a9d928e96c5dd01d7a6e6c321c16cc83ca
5855541129bccda895f2161044f0d683411d9a4c383fee27df4bc9c2668a46aa
58f0fe02befa451d3ac97e57109b8bfb9960d4977c66c7bec0bb16bc7f129643
5dceeefdfbd931432ae67ac75e6f5cf9a62894d7be7fdd7f91bd8c8a7c8d1d3a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f79d2b82f30e45a0f64e55d407500f68dd1de845dac688084e88cc4bfff4e4
668a056bbbe6a1e52fabd2e479daea137282e58aa2ac5f60560684a04d9bda05
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
67eea2657d4e8676fa28a9a8420e31a325892da71acfdb7f77049652680c89f9
682e87e3182fa97b686d93fbf298399d992dd316646afeb77faa0853456cff0a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d81185edd131ba435b0b1db755472b3d24936a37b8f29f0d9aebc24dd4e8dd9
726c19c042ced111a61b3a82ffe980908eb15fb6e7fa0b85e95cc65e664c956c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
774c3f1eec2330687ff300942799fb467faf4aae6d0f97c9e49004dccd6abd31
7de63c3b33604acd0c2913704327b8dc035d5c8408b2b10f6fb7309e3a606e5c
7e4772e1fd63c89e332d0668a738ffcfcc36ce276078a89421d12139d26aa6fe
824ab2732f066b4e1e33657251a69137f7bf2cba17f2decb2dc875432d8edc12
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
8f5b09673bfb083eb60dde21e9099896d7d4b00d2ea2d434f18fe7830814de2b
900790b359a6c1de7fd875fa2d603c84983f8424089edd6910d9acaba6b8664f
9648886125fbff759fc988526f7eea7067ac5e135cd6c60c026e14ce212fc107
9bb77cfa02e895268f80f4147653b175fe0cc4a16456a30e6ff5f0b008cc69aa
9c9454c7ed2489caaa4d27e4482945be9efa5e053272fb9d6f811544ffae604b
9f61dd59fa621dcd8a2105c38024ca73e871aed0a7b6f63faec2cc1c6a9c2fc1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392
a7ca69ac12be48a31c54a92353d2864dbe621fc18c6aec93ea3758357e292275
a93cc1ffc3efdc38370ff784b896c592fe7eb8ad3dd9f7284ca96c7078228be0
ab645a3b6b2e9ad3125b96865b86d4caf0e7842ed4ab37a9d3b921f7e0e116e5
aebd3c606078c5fdf3e37e5c97b6f9a30a83f98464c159b2d177e1564a2b330b
aee71f63a396db90257f7d8f4e084ad6031c8f24add0c218e0f138578538b0de
b78de46be1aa7cb9f8c429bde4d202a358c1651ae0cc6217cbfd79097793d894
bd1b0996e1a774cd7164b35ffc2b864dd76ce8080f27613bad089826d76159f4
c0d6ad18156e63ec83215c2539d98ae86b82b379196bd01e6fdb534ea0badf24
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c5ee3e9f616bbd9b7628d7fc4bd7990927d4f15aa660bf27830fcfd4b80f850b
c7f0f65b6febc7c080ce3871b74e27808464b726ec80e6191efe21e60c73cac6
cad3871304d851263df74d11d15a97cb1e237c44072eab7a4b514d2691f52fab
cc9e9a6d3b7aeea4fc963da3a5f6936babbddbca30ab71d270aaa2871cb7919d
cdaad4ca29e0e8c3213940f5f91af007f6bac4f0e4af348faae6ef652166daf5
d5123849bc8cc6d51aaa01642cae40d614911fba7253a40f8413a455460e4323
d5f7521b478d7e6630e6548cddd675a096d5aaae629e34c54d838c00560d6aa2
db4c54caa0a2c4fc3b7dea6c390abb1910d45c8bbedea27aef0c66d7a897ae23
dbdf98ad147b5f8d5be7c73bf067eccabc831c1a812460e83cfa2fe68173f0c1
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e03f31f070cdf96deb44c8a8760578f65f041cdfc2f69a1b449da43ee298c326
e396172b3734568f03c45b6b60ebd469f2e13972ee2f914c365e2e01b9ad012f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54f5b43fb0ee8e50f5d15d1a4d9fbe57823621ff593582963b8688dd7e55644
e5f01d676f4afca430ebaf9b0a8124269159c094e8c908ebaa479c61b9935388
e88517586ea2b8e20a693eb444336161825a8ab996399a133b7acd0d9d12df38
e9a103447aa1492af72ae82f0aa4696296e1158dedd2d95ad5eb0bc85efbf785
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17f8557122f9526135441acada8564b6e8e377b33bdf41d86c4630fd5115f0f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f70c59a4763b53da4e890d35686ae11fce8eab3b2e0a9bcbe092f903de9c7c3f

thecourier.com Open in urlscan Pro 44.209.222.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

97 %HTTPS

72 %IPv6

18 Domains

26 Subdomains

26 IPs

2 Countries

2853 kBTransfer

7508 kBSize

34 Cookies

15 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thecourier.com Open in urlscan Pro
44.209.222.101 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

97 %
HTTPS

72 %
IPv6

18
Domains

26
Subdomains

26
IPs

2
Countries

2853 kB
Transfer

7508 kB
Size

34
Cookies

140 HTTP transactions
7 data transactions