www.crainsdetroit.com Open in urlscan Pro
2606:4700::6812:b83b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Submission: On May 15 via api (May 15th 2024, 11:16:07 pm UTC) from LU — Scanned from DE

Summary HTTP 233 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 61 IPs in 5 countries across 45 domains to perform 233 HTTP transactions. The main IP is 2606:4700::6812:b83b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.crainsdetroit.com. The Cisco Umbrella rank of the primary domain is 196779.
TLS certificate: Issued by E1 on April 10th 2024. Valid for: 3 months.

This is the only time www.crainsdetroit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700::68... 2606:4700::6812:b83b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:237... 2600:9000:237d:a800:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	184.30.17.133 184.30.17.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.230.228.19 54.230.228.19	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:26d... 2600:9000:26da:c000:c:b42a:3740:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2 2	2606:4700:20:... 2606:4700:20::ac43:4acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.135.7 172.67.135.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.173.187.121 18.173.187.121	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY)
1	35.190.38.143 35.190.38.143	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	52.17.32.208 52.17.32.208	16509 (AMAZON-02) (AMAZON-02)
3	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.201.104.135 35.201.104.135	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	172.67.153.27 172.67.153.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	108.138.36.25 108.138.36.25	16509 (AMAZON-02) (AMAZON-02)
8	141.147.81.223 141.147.81.223	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	18.173.187.18 18.173.187.18	16509 (AMAZON-02) (AMAZON-02)
1	172.217.23.106 172.217.23.106	15169 (GOOGLE) (GOOGLE)
12	2606:4700:10:... 2606:4700:10::ac43:1a0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.173.187.9 18.173.187.9	16509 (AMAZON-02) (AMAZON-02)
2	172.67.212.172 172.67.212.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	176.34.167.98 176.34.167.98	16509 (AMAZON-02) (AMAZON-02)
1 1	52.18.190.199 52.18.190.199	16509 (AMAZON-02) (AMAZON-02)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	66.235.152.221 66.235.152.221	15224 (OMNITURE) (OMNITURE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	18.66.192.39 18.66.192.39	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::ac43:247d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
46	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	52.216.212.169 52.216.212.169	16509 (AMAZON-02) (AMAZON-02)
1	3.94.219.251 3.94.219.251	14618 (AMAZON-AES) (AMAZON-AES)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	99.83.154.140 99.83.154.140	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20a... 2600:9000:20ae:9600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.230.228.64 54.230.228.64	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a01:b740:a10... 2a01:b740:a10:f100::210	6185 (APPLE-AUSTIN) (APPLE-AUSTIN)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	63.140.62.17 63.140.62.17	15224 (OMNITURE) (OMNITURE)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	104.198.23.205 104.198.23.205	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
233	61

23 2606:4700::6812:b83b (United States)

ASN13335 (CLOUDFLARENET, US)

www.crainsdetroit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3-rd-prod.crainsdetroit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:237d:a800:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 184.30.17.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-133.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-19.muc50.r.cloudfront.net

tags.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26da:c000:c:b42a:3740:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4acf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

crain-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.135.7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-intake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.187.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-121.muc50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.38.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.38.190.35.bc.googleusercontent.com

pubcast-files.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.32.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-32-208.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com

vi.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.153.27 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-ingest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.36.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-25.muc50.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.147.81.223 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.187.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-18.muc50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::ac43:1a0b (United States)

ASN13335 (CLOUDFLARENET, US)

www.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-9.muc50.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.212.172 (United States)

ASN13335 (CLOUDFLARENET, US)

applets.ebxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.167.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-167-98.eu-west-1.compute.amazonaws.com

craommunications.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.190.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-190-199.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.221 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-66-235-152-221.data.adobedc.net

craommunications.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-39.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:247d (United States)

ASN13335 (CLOUDFLARENET, US)

js-tag.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cb5c1cc561473d5027199696b4de8a69.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.212.169 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

crain-global.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.94.219.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-219-251.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ae:9600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-64.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:b740:a10:f100::210 (Frankfurt am Main, Germany)

ASN6185 (APPLE-AUSTIN, US)

applepay.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.17 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net

crain.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.23.205 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 205.23.198.104.bc.googleusercontent.com

r.lr-ingest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 cb5c1cc561473d5027199696b4de8a69.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 164	384 KB
46	moatads.com z.moatads.com — Cisco Umbrella Rank: 733 mb.moatads.com — Cisco Umbrella Rank: 848 px.moatads.com — Cisco Umbrella Rank: 608	108 KB
23	crainsdetroit.com www.crainsdetroit.com — Cisco Umbrella Rank: 196779 s3-rd-prod.crainsdetroit.com — Cisco Umbrella Rank: 204123	900 KB
14	pelcro.com js.pelcro.com — Cisco Umbrella Rank: 62384 www.pelcro.com — Cisco Umbrella Rank: 57262	431 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 338 www.linkedin.com — Cisco Umbrella Rank: 619 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419	3 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 345	31 KB
6	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 3223	192 KB
6	btloader.com btloader.com — Cisco Umbrella Rank: 876 api.btloader.com — Cisco Umbrella Rank: 958	19 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 maps.googleapis.com — Cisco Umbrella Rank: 361	181 KB
4	lr-ingest.com cdn.lr-ingest.com — Cisco Umbrella Rank: 27524 r.lr-ingest.com — Cisco Umbrella Rank: 24852	226 KB
4	ml314.com ml314.com — Cisco Umbrella Rank: 1937 vi.ml314.com — Cisco Umbrella Rank: 7465	22 KB
4	stripe.com js.stripe.com — Cisco Umbrella Rank: 1088	168 KB
4	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1718 mab.chartbeat.com — Cisco Umbrella Rank: 2854	47 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	333 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 ad.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 89	171 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 243 craommunications.demdex.net — Cisco Umbrella Rank: 84603	2 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 425	84 KB
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 3500	497 B
2	zemanta.com js-tag.zemanta.com — Cisco Umbrella Rank: 27879 p1.zemanta.com — Cisco Umbrella Rank: 18878	4 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 742 script.hotjar.com — Cisco Umbrella Rank: 988	59 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1387 pixel.quantserve.com — Cisco Umbrella Rank: 1107	10 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 914	1 KB
2	ebxcdn.com applets.ebxcdn.com — Cisco Umbrella Rank: 9443	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	72 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
2	videoplayerhub.com 2 redirects crain-com.videoplayerhub.com — Cisco Umbrella Rank: 84980	472 B
2	remixd.com tags.remixd.com — Cisco Umbrella Rank: 20350 pubcast-files.remixd.com — Cisco Umbrella Rank: 21201	11 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 245	718 B
1	2o7.net crain.112.2o7.net — Cisco Umbrella Rank: 78041	392 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 636	18 KB
1	cdn-apple.com applepay.cdn-apple.com — Cisco Umbrella Rank: 15043	49 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	273 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1410	641 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1476	201 B
1	amazonaws.com crain-global.s3.amazonaws.com — Cisco Umbrella Rank: 114178	4 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 882	393 B
1	t.co t.co — Cisco Umbrella Rank: 717	375 B
1	omtrdc.net craommunications.tt.omtrdc.net — Cisco Umbrella Rank: 85970	850 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1317	490 B
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 3699	34 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 803	17 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 801	15 KB
1	gstatic.com fonts.gstatic.com	26 KB
1	lr-intake.com cdn.lr-intake.com — Cisco Umbrella Rank: 43477	167 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	19 KB
233	45

	Domain	Requested by
46	pagead2.googlesyndication.com	cdn.lr-ingest.com securepubads.g.doubleclick.net www.crainsdetroit.com pagead2.googlesyndication.com
29	px.moatads.com	www.crainsdetroit.com
21	www.crainsdetroit.com	www.crainsdetroit.com
12	www.pelcro.com	js.pelcro.com cdn.lr-ingest.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
9	z.moatads.com	www.crainsdetroit.com z.moatads.com securepubads.g.doubleclick.net
8	mb.moatads.com	z.moatads.com
6	bat.bing.com	assets.adobedtm.com bat.bing.com www.crainsdetroit.com cdn.lr-ingest.com
6	consent.trustarc.com	assets.adobedtm.com consent.trustarc.com www.crainsdetroit.com
4	px.ads.linkedin.com	3 redirects cdn.lr-ingest.com
4	js.stripe.com	www.crainsdetroit.com js.stripe.com
4	maps.googleapis.com	www.crainsdetroit.com maps.googleapis.com
4	www.googletagmanager.com	www.crainsdetroit.com www.googletagmanager.com assets.adobedtm.com
3	api.btloader.com	crain-com.videoplayerhub.com cdn.lr-ingest.com
3	ml314.com	www.crainsdetroit.com ml314.com z.moatads.com
3	btloader.com	www.crainsdetroit.com crain-com.videoplayerhub.com
3	assets.adobedtm.com	www.crainsdetroit.com assets.adobedtm.com
3	static.chartbeat.com	www.crainsdetroit.com
2	r.lr-ingest.com	cdn.lr-ingest.com
2	api.sail-personalize.com	cdn.lr-ingest.com
2	s3-rd-prod.crainsdetroit.com	www.crainsdetroit.com
2	ad-delivery.net	www.crainsdetroit.com
2	applets.ebxcdn.com	www.crainsdetroit.com cdn.lr-ingest.com
2	cdn.lr-ingest.com	assets.adobedtm.com cdn.lr-ingest.com
2	dpm.demdex.net	assets.adobedtm.com www.crainsdetroit.com
2	connect.facebook.net	assets.adobedtm.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	crain-com.videoplayerhub.com	2 redirects
2	js.pelcro.com	www.crainsdetroit.com js.pelcro.com
2	securepubads.g.doubleclick.net	www.crainsdetroit.com securepubads.g.doubleclick.net
1	bam.nr-data.net	cdn.lr-ingest.com
1	crain.112.2o7.net	cdn.lr-ingest.com
1	js-agent.newrelic.com	www.crainsdetroit.com
1	applepay.cdn-apple.com	js.pelcro.com
1	pixel.quantserve.com	www.crainsdetroit.com
1	www.facebook.com	www.crainsdetroit.com
1	script.hotjar.com	static.hotjar.com
1	rules.quantcount.com	secure.quantserve.com
1	p1.zemanta.com	www.crainsdetroit.com
1	px4.ads.linkedin.com	www.crainsdetroit.com
1	www.linkedin.com	1 redirects
1	ping.chartbeat.net	www.crainsdetroit.com
1	crain-global.s3.amazonaws.com	assets.adobedtm.com
1	cb5c1cc561473d5027199696b4de8a69.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	cdn.lr-ingest.com
1	js-tag.zemanta.com	www.crainsdetroit.com
1	static.hotjar.com	www.crainsdetroit.com
1	secure.quantserve.com	www.crainsdetroit.com
1	analytics.twitter.com	www.crainsdetroit.com
1	t.co	www.crainsdetroit.com
1	craommunications.tt.omtrdc.net	assets.adobedtm.com
1	ad.doubleclick.net	www.crainsdetroit.com
1	cm.everesttech.net	1 redirects
1	craommunications.demdex.net	assets.adobedtm.com
1	ak.sail-horizon.com	www.crainsdetroit.com
1	snap.licdn.com	assets.adobedtm.com
1	vi.ml314.com	www.crainsdetroit.com
1	static.ads-twitter.com	assets.adobedtm.com
1	pubcast-files.remixd.com	tags.remixd.com
1	mab.chartbeat.com	static.chartbeat.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.lr-intake.com	www.crainsdetroit.com
1	tags.remixd.com	www.crainsdetroit.com
1	cdnjs.cloudflare.com	www.crainsdetroit.com
1	fonts.googleapis.com	www.crainsdetroit.com
233	65

This site contains links to these domains. Also see Links.

Domain
jobs.crainsdetroit.com
www.facebook.com
www.linkedin.com
twitter.com
marketing.crainmarketing.com
www.twitter.com
www.instagram.com
help.crainsdetroit.com
wd1.myworkdaysite.com

Subject Issuer	Validity	Valid
www.crainsdetroit.com E1	`2024-04-10` - `2024-07-09`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
*.remixd.com Amazon RSA 2048 M03	`2024-01-10` - `2025-02-07`	a year	crt.sh
*.pelcro.com Amazon RSA 2048 M02	`2023-10-12` - `2024-11-08`	a year	crt.sh
lr-intake.com E1	`2024-03-20` - `2024-06-18`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-03-27` - `2024-06-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
pubcast-files.remixd.com GTS CA 1D4	`2024-05-07` - `2024-08-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-23` - `2024-05-23`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-04-26` - `2024-07-25`	3 months	crt.sh
vi.ml314.com GTS CA 1D4	`2024-03-22` - `2024-06-20`	3 months	crt.sh
lr-ingest.com GTS CA 1P5	`2024-04-25` - `2024-07-24`	3 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2024-03-16` - `2025-04-14`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
pelcro.com E1	`2024-04-18` - `2024-07-17`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M02	`2023-12-04` - `2024-12-30`	a year	crt.sh
ebxcdn.com GTS CA 1P5	`2024-04-19` - `2024-07-18`	3 months	crt.sh
btloader.com GTS CA 1P5	`2024-04-14` - `2024-07-13`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-04-05` - `2024-07-04`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-03-19` - `2024-06-17`	3 months	crt.sh
*.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
quantserve.com R3	`2024-04-25` - `2024-07-24`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
zemanta.com GTS CA 1P5	`2024-03-29` - `2024-06-27`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
api.sail-personalize.com Amazon RSA 2048 M02	`2024-03-25` - `2025-04-22`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
applepay.cdn-apple.com Apple Public Server ECC CA 12 - G1	`2024-03-27` - `2024-06-25`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.112.2o7.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-11` - `2025-05-12`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
api.logrocket.com R3	`2024-05-02` - `2024-07-31`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Frame ID: EB740912CFF6C484C628EDAB783D3DF5
Requests: 160 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 6E8A004529F2CDD299E7CB51ABF51350
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-86a38fe46a16bd385648c1936a19c6e8.html
Frame ID: D74F92013AE0C304B728CB72BB3AC87B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: E7B4EB0F683F70DF06EE219C42BE1319
Requests: 1 HTTP requests in this frame

Frame: https://craommunications.demdex.net/dest5.html?d_nsid=0
Frame ID: 99945D05ECECC97331D895769232AA79
Requests: 1 HTTP requests in this frame

Frame: https://cb5c1cc561473d5027199696b4de8a69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C5F7B4CCC20DF6A25EC50BD92AE168C8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/abg_lite_fy2021.js
Frame ID: 9A3546EA135FC7F77221D15DB45F86C6
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/abg_lite_fy2021.js
Frame ID: 0703B65A8F31710C877659C9465450C9
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/abg_lite_fy2021.js
Frame ID: 9EDF1474266F9A2F128FC491A2267B09
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/abg_lite_fy2021.js
Frame ID: 6D94956476EF80CA3DF1B4E83A673064
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/abg_lite_fy2021.js
Frame ID: F6F785515DCAC5000FEBEC06C8383B5A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/12328937770629736648
Frame ID: 0ECD17FDA99A789EEEE6F15351C8BECD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/abg_lite_fy2021.js
Frame ID: 8056CB600CCACD0FFFE0B47B0CD772EC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7135E58802BE65D76C27DB6F9120A078
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Flagstar bank paid $1 million in bitcoin to a ransomware group | Crain's Detroit Business

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Apple Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<script id="apple-pay

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

Page Statistics

233
Requests

97 %
HTTPS

45 %
IPv6

45
Domains

65
Subdomains

61
IPs

5
Countries

3832 kB
Transfer

15598 kB
Size

52
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://jobs.crainsdetroit.com/
Title: Post a Job

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group&title=Flagstar%20paid%20$1M%20bitcoin%20ransom%20after%20cyberattack%20in%202021,%20court%20filings%20show

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=1&url=https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group&title=Flagstar%20paid%20$1M%20bitcoin%20ransom%20after%20cyberattack%20in%202021,%20court%20filings%20show&source=https://www.crainsdetroit.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group&via=crainsdetroit&text=Flagstar%20paid%20$1M%20bitcoin%20ransom%20after%20cyberattack%20in%202021,%20court%20filings%20show

Search URL Search Domain Scan URL

URL: https://marketing.crainmarketing.com/l/201082/2020-07-23/8lghqc
Title: Get a Corporate PlanGet a Corporate Plan

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CrainsDetroit

Search URL Search Domain Scan URL

URL: https://www.twitter.com/crainsdetroit

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/crain%27s-detroit-business

Search URL Search Domain Scan URL

URL: https://www.instagram.com/crainsdetroit

Search URL Search Domain Scan URL

URL: https://help.crainsdetroit.com/hc/en-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://wd1.myworkdaysite.com/recruiting/crain/Crain_Careers
Title: Crain Careers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://crain-com.videoplayerhub.com/galleryloader.js HTTP 301
https://btloader.com/tag?h=crain-com&upapi=true

Request Chain 66

https://cm.everesttech.net/cm/dd?d_uuid=90996089907763788872174118661877102495 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZkVCMAAAALErtQN-

Request Chain 68

https://crain-com.videoplayerhub.com/galleryloader.js HTTP 301
https://btloader.com/tag?h=crain-com&upapi=true

Request Chain 96

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1715814960846&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1715814960846&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2832529%26time%3D1715814960846%26url%3Dhttps%253A%252F%252Fwww.crainsdetroit.com%252Fbanking-finance%252Fflagstar-bank-paid-1-million-bitcoin-ransomware-group%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1715814960846&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1715814960846&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cookiesTest=true&liSync=true&e_ipv6=AQI1E-Y7fck1RgAAAY9-ipGNW0MOI6iACYxCcHaaVesXiKx3SDjqrWeX1RzcRJZ2FuONsfnm

233 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request flagstar-bank-paid-1-million-bitcoin-ransomware-group Show response
www.crainsdetroit.com/banking-finance/ 221 KB
40 KB 3145ms
3101ms Document
text/html 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9430dec7e210f490107db19e3148ff1097eff0f37644af1dd20c34b22ea4c73c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

cache-control: public, max-age=43200
cf-cache-status: MISS
cf-ray: 8846d5379f4d5caa-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=UTF-8
date: Wed, 15 May 2024 23:15:59 GMT
expires: Thu, 16 May 2024 11:15:59 GMT
last-modified: Wed, 15 May 2024 23:15:57 GMT
server: cloudflare
vary: Cookie,Accept-Encoding
via: varnish
x-ah-environment: prod
x-cache: MISS
x-content-type-options: nosniff
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-request-id: v-15a7838c-1311-11ef-91dd-d77e6eecabaa
x-ua-compatible: IE=edge

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 93 KB
29 KB 127ms
49ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

1967f7b46e886fe2dd0f04fd852977909d1b5e791c8ef9313fcc785a11b93789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29944
x-xss-protection: 0
server: cafe
etag: 774 / 19858 / m202405090101 / config-hash: 12445603281626279439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 May 2024 23:15:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
70 KB 135ms
49ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2717831-1

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b45415d678d249e376453af500ab106737d4283a997226ad5eb08b2c1086c6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:15:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71053
x-xss-protection: 0
last-modified: Wed, 15 May 2024 22:28:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 May 2024 23:15:59 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 252ms
15ms Script
application/x-javascript 2600:9000:237d:a800:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a800:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 18:33:23 GMT
content-encoding: gzip
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
age: 16957
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: EFeDxoGw3ev5tp442eRNWWbYAobSNfYshAaZmpwhOZtLjm-u3MNkqA==
expires: Thu, 16 May 2024 18:33:23 GMT

GET
H2 200 launch-ef0d5546c26e.min.js Show response
assets.adobedtm.com/05852ba8023b/f33085ef03e5/ 269 KB
83 KB 244ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 24fcce4d063676374643817ec12847f4e45921ec95d36643dc825c361dcc9241

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
last-modified: Mon, 26 Feb 2024 11:48:23 GMT
server: AkamaiNetStorage
etag: "581b777219121cbe79e4869e8393f24d:1708948103.492676"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 84428
expires: Thu, 16 May 2024 00:16:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
992 B 133ms
45ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,300;0,400;0,500;0,700;0,800;0,900;1,300;1,400;1,500;1,700;1,800;1,900&display=swap

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4753efaa55ec4381d4b4b320f2cec85ebce4577de533e6e24553b4fe34204022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 May 2024 23:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 15 May 2024 23:15:59 GMT

GET
H2 200 css_3FF6l0njmb_bd4YkMb1Cf3pBiOFqYRKpwUArf0mRdWg.css
www.crainsdetroit.com/sites/cdb_rd/files/css/ 112 KB
20 KB 23ms
22ms Stylesheet
text/css 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/css/css_3FF6l0njmb_bd4YkMb1Cf3pBiOFqYRKpwUArf0mRdWg.css

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bfb1167b9643c68d51ade6ed315ca37cb8956bca91e8b8ced28cc30adc02909

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 5
date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 811153
cf-polished: origSize=115428
x-cache: HIT
x-ah-environment: prod
x-request-id: v-4f60cbaa-0bb0-11ef-b343-e31d6f941f27
cf-bgj: minify
last-modified: Mon, 06 May 2024 13:55:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
cf-ray: 8846d54b0bc35caa-FRA
expires: Mon, 20 May 2024 13:55:34 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 100 KB
19 KB 37ms
18ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 64591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18861
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-49ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWQp33pqMiehBbvsHN6L8oOIWuRpZqINPACRv7PwhtRL8D4TY4TL1lWIU09DkaqEaG3XxiS7aYOhSV%2FUzZcPFs9agjuDuPIjwEdgY2F7TGlkSh71q1YJjUrgkvWrdMaT5pvWo5iecEbSz9bUjlHxXlAo"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8846d54b29f93820-FRA
expires: Mon, 05 May 2025 23:15:59 GMT

GET
H2 200 css_Zx6V1JyOEGoSEV0dZMUVf0hXwnjtRjck2Gs-2uCKd-s.css
www.crainsdetroit.com/sites/cdb_rd/files/css/ 193 KB
32 KB 27ms
26ms Stylesheet
text/css 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/css/css_Zx6V1JyOEGoSEV0dZMUVf0hXwnjtRjck2Gs-2uCKd-s.css

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5fe094625575f4bf03499179c180ebac5f74c9c768d6a1bba4db53326e655d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 2
date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 619351
cf-polished: origSize=198263
x-cache: HIT
x-ah-environment: prod
x-request-id: v-302b167c-022e-11ef-b4ec-7f326da434cf
cf-bgj: minify
last-modified: Thu, 21 Mar 2024 07:50:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
cf-ray: 8846d54b0bc55caa-FRA
expires: Mon, 20 May 2024 23:32:24 GMT

GET
H2 200 js_lyb0K5ITaniwcgo-uFqLgufjqgYVW6mPAkzWFQRWKOQ.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 93 KB
33 KB 34ms
33ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_lyb0K5ITaniwcgo-uFqLgufjqgYVW6mPAkzWFQRWKOQ.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d598b11113ca13e57538e85b580e0135467c25fbbf1f60f248dcadac20e86fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 419
date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 628180
cf-polished: origSize=97739
x-cache: HIT
x-ah-environment: prod
x-request-id: v-ceab0148-d6d9-11ee-957a-576201cf6307
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 11:14:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8846d54b8c035caa-FRA
expires: Mon, 20 May 2024 22:48:03 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/crainprebidheader782626518086/ 273 KB
94 KB 244ms
8ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/crainprebidheader782626518086/moatheader.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

34bf08ff219b36887d4a53ab9eedf7858aff5d0d624d1ae67e475f90fe6771be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 May 2024 23:16:00 GMT
content-md5: UNCYPanZs4RvGIeChPezww==
storage-tier: Standard
content-length: 95605
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:09 GMT
opc-request-id: iad-1:Wk37OjWyGoar0PI15_xdU-T06TL8-shVyH0aAXHG2ZOoWKgqw71kw2bV4p83zlDG
x-api-id: native
etag: 7e2283bf-a8c3-40c1-afbd-18eaf15101b4
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 5646b131-02d3-45e2-a2b7-6379564833c5
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=18532
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 js_954lV8Ki6AP6yA3A6MvYfEsTL54ijdEl-FolfnmMi2s.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 2 KB
782 B 20ms
20ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_954lV8Ki6AP6yA3A6MvYfEsTL54ijdEl-FolfnmMi2s.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

476f3ea93ecf3d5a3d04f9ec7264d9be07c55792cae459e1e056d668fbe0eb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 400
date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 623623
cf-polished: origSize=2710
x-cache: HIT
x-ah-environment: prod
x-request-id: v-01cd3242-d6dc-11ee-a045-dba128821247
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 11:14:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8846d54b8c045caa-FRA
expires: Mon, 20 May 2024 22:48:03 GMT

GET
H2 200 js_-QM9b70ms9vwfnmLPrfosaU6dnxAznojaeO3JCOcMSs.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 2 KB
766 B 19ms
18ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_-QM9b70ms9vwfnmLPrfosaU6dnxAznojaeO3JCOcMSs.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7429f8084c66cf882a7e96a4afcf207df7c77483f13a91ec7333887392dc346a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 385
date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 628180
cf-polished: origSize=4073
x-cache: HIT
x-ah-environment: prod
x-request-id: v-01cc83ba-d6dc-11ee-a22c-b3891c107790
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 11:14:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8846d54b8c055caa-FRA
expires: Mon, 20 May 2024 22:48:03 GMT

GET
H2 200 adobe_launch_dtm_init.js Show response
www.crainsdetroit.com/modules/contrib/adobe_launch/js/ 67 B
231 B 24ms
24ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/modules/contrib/adobe_launch/js/adobe_launch_dtm_init.js?sdj25x

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d986b35a59fa7cdf953a4b6e5ad899b3d9ebfed1501c01a385f67c22e3690a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 4
date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 38
cf-polished: origSize=196
x-cache: HIT
x-ah-environment: prod
x-request-id: v-37f0ead0-12b9-11ef-a8b7-3f5e04299a0e
cf-bgj: minify
last-modified: Tue, 17 May 2022 03:05:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 8846d54b8c065caa-FRA
expires: Wed, 29 May 2024 23:15:59 GMT

GET
H2 200 email-decode.min.js Show response
www.crainsdetroit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
818 B 12ms
8ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 May 2024 09:31:53 GMT
server: cloudflare
etag: W/"663b4689-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8846d54b8c0a5caa-FRA
expires: Fri, 17 May 2024 23:15:59 GMT

GET
H2 200 index.js Show response
tags.remixd.com/player/v5/ 34 KB
10 KB 250ms
14ms Script
text/javascript 54.230.228.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.remixd.com/player/v5/index.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-19.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
via: 1.1 e18c612d6dd4d2546736ebc7db886b6a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10041
last-modified: Tue, 31 Oct 2023 15:34:26 GMT
server: AmazonS3
etag: "57b6f8ad4125903b7e06bb427c232d10"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=1800
accept-ranges: bytes
x-amz-cf-id: 9Koa2OJvHiwx_zGCngyyJRxRnMA99C2FehxDPfjCgE7sR8mfKvAW6A==

GET
H2 200 js_O40j1Rj3SRByEkq45U7DZLlm2gVdyVYzPfFrl_gpJOM.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 156 KB
46 KB 29ms
25ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_O40j1Rj3SRByEkq45U7DZLlm2gVdyVYzPfFrl_gpJOM.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fcef0716825e85fb5a12018e61d82ba24f358254c0f6ed5cb1bae3d3a920904

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 220470
cf-polished: origSize=213514
x-cache: MISS
x-ah-environment: prod
x-request-id: v-e4c654ac-e50a-11ee-87c0-6347e383912e
cf-bgj: minify
last-modified: Mon, 18 Mar 2024 09:35:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8846d54b8c0b5caa-FRA
expires: Mon, 27 May 2024 08:51:20 GMT

GET
H2 200 crain_pelcro_user.js Show response
www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/ 25 KB
7 KB 27ms
23ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/crain_pelcro_user.js?sdj25x

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9d3a057c8548067a9019fbdd104c53ef1345757324c4a54b26d0cfa1f292c85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 4
date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 37
cf-polished: origSize=35846
x-cache: HIT
x-ah-environment: prod
x-request-id: v-37eedfe2-12b9-11ef-a35b-af4a7bebe9ca
cf-bgj: minify
last-modified: Mon, 06 May 2024 09:39:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 8846d54bdc355caa-FRA
expires: Wed, 29 May 2024 23:15:59 GMT

GET
H2 200 crain_pelcro_order.js Show response
www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/ 1 KB
716 B 25ms
21ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/crain_pelcro_order.js?sdj25x

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c03d980fed6f86344148c1d33e311ffe17b84985ec47519e62556e3dd82d8f7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 4
date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 37
cf-polished: origSize=1938
x-cache: HIT
x-ah-environment: prod
x-request-id: v-37ee839e-12b9-11ef-af70-dbfe97ed31e5
cf-bgj: minify
last-modified: Mon, 06 Mar 2023 08:57:55 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 8846d54bdc365caa-FRA
expires: Wed, 29 May 2024 23:15:59 GMT

GET
H2 200 js_aB3pV_g8EzMbF2tfYa4D6I_LhjVWSGrRltLYM30Oklw.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 2 MB
502 KB 36ms
33ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_aB3pV_g8EzMbF2tfYa4D6I_LhjVWSGrRltLYM30Oklw.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acef1ebe8455cfe80152dd9a7319a75cae6ad0480bb17b84a5efa6964ba3a0a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 8
date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 229389
cf-polished: origSize=2023101
x-cache: HIT
x-ah-environment: prod
x-request-id: v-a127b85a-10fa-11ef-932c-631a40a7e9d1
cf-bgj: minify
last-modified: Mon, 13 May 2024 07:30:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8846d54b8c0c5caa-FRA
expires: Mon, 27 May 2024 07:30:10 GMT

GET
H2 200 main.min.js Show response
js.pelcro.com/sdk/ 305 KB
87 KB 291ms
15ms Script
text/javascript 2600:9000:26da:c000:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/sdk/main.min.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:c000:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 487bcaab8332911b0f473f9ab02c4fe8a85aa61d66b6290e0526640d026374e5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 02:52:27 GMT
content-encoding: gzip
via: 1.1 7bf4f64fa64e134b5dbb63cabb0aa9e4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 73414
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: SHvKq4MykRsPRz+asCxP6Khaph1mtikOBSZkDQJjdOU=
x-cache: Hit from cloudfront
x-amz-meta-sha384: F2eh+OHzha/HxsT43mjilliKj5gtj1mkWnTb3GaLzZ49OWoWXQfV2VoNcymaQDkd
last-modified: Fri, 26 Apr 2024 12:16:47 GMT
server: AmazonS3
etag: W/"1b0c047b9cf39f0866aeda927ac384ff"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-amz-meta-md5: 1b0c047b9cf39f0866aeda927ac384ff
x-amz-cf-id: 3IY3TBfaUzzaYapLZwTBohKILRIbcFLajXEUmUiV9ZcQOF8hzEuBQQ==

GET
H2 200 js_SnKD2-3aEfAFBELg9IZ5JYEiN0TYGTM1RmvX_BtxeIA.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 5 KB
2 KB 26ms
23ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_SnKD2-3aEfAFBELg9IZ5JYEiN0TYGTM1RmvX_BtxeIA.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63aae67d48458f330d11bac26bf2fc81512d26d4186cdb01f82021be2a0b2ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 388
date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 623623
cf-polished: origSize=7332
x-cache: HIT
x-ah-environment: prod
x-request-id: v-ceac1bd2-d6d9-11ee-97ba-977bae4661e5
cf-bgj: minify
last-modified: Mon, 26 Feb 2024 10:42:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8846d54b8c0e5caa-FRA
expires: Mon, 20 May 2024 22:48:03 GMT

GET
H2 200 google_analytics.js Show response
www.crainsdetroit.com/modules/contrib/google_analytics/js/ 4 KB
1 KB 38ms
33ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/modules/contrib/google_analytics/js/google_analytics.js?v=9.5.3

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d8fb7264da35f0a328c76bea44722c24c4a12e7de9b690a2180b5f57e868f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 160979
date: Wed, 15 May 2024 23:16:00 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 37
cf-polished: origSize=8219
x-cache: HIT
x-ah-environment: prod
x-request-id: v-910ebbfe-d6d9-11ee-bd8b-4b0bd0ebdabd
cf-bgj: minify
last-modified: Thu, 28 Jul 2022 07:49:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 8846d54bdc375caa-FRA
expires: Wed, 29 May 2024 23:16:00 GMT

GET
H2 200 js_ySV8cx5Xd25-JgzJg1_GgmeuXnQWMfpNooegsiNDl4c.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 309 KB
94 KB 31ms
29ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_ySV8cx5Xd25-JgzJg1_GgmeuXnQWMfpNooegsiNDl4c.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5897e8e09a85f610e1afffe64f8838900def6ecd2296dccbd2cf006de83c17d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 114
date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 541269
cf-polished: origSize=330497
x-cache: HIT
x-ah-environment: prod
x-request-id: v-91ca1668-e770-11ee-b6a2-ffd24d288645
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 11:15:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8846d54b9c0f5caa-FRA
expires: Tue, 21 May 2024 03:57:35 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 201 KB
68 KB 367ms
83ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

cf096f08bf59a3372d0bfbfb24279d66a3f147fee24cd8322539b7195d0bcd6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69247
x-xss-protection: 0

GET
H2 200 js_x6MgcET8oDgbRU1afwk62u_-W0QNSJb4Oc6nUCha01I.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 182 KB
60 KB 29ms
28ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_x6MgcET8oDgbRU1afwk62u_-W0QNSJb4Oc6nUCha01I.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95259d6c5ec410f47cc15f6a090eca13b8f2ec6c6982e164cd68d79a3815d45c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 2
date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 826253
cf-polished: origSize=271497
x-cache: HIT
x-ah-environment: prod
x-request-id: v-12f7e2ac-0b8d-11ef-a0cd-bb47269f7111
cf-bgj: minify
last-modified: Mon, 06 May 2024 09:43:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8846d54b9c115caa-FRA
expires: Mon, 20 May 2024 09:43:20 GMT

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://crain-com.videoplayerhub.com/galleryloader.js
https://btloader.com/tag?h=crain-com&upapi=true

53 KB
18 KB

44ms
19ms

Script
application/javascript

2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=crain-com&upapi=true
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1f155fac3ce471021288818fc595041ad963a62b08ffeb008b6cd7adca8d092

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 15 May 2024 22:21:56 GMT
server: cloudflare
age: 3131
etag: "3c28cce322678d0375bcafeccb93cdb9"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8846d54da8675d3e-FRA
content-length: 18191

Redirect headers

date: Wed, 15 May 2024 23:16:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KBvYNuTWQF379imHJww%2Fv98emlh9qRTO04cdE9yA8o1oL943W15O3OjvnJpiWBfqIbkAf6jaGjndx60F%2BnzNJnXpj01fvHhdXf8x4S%2BzF6HZ057pozGn4Jpgoc61qJ7vEfGW6xa%2B42S6do%2FV9irhkyZkxWSxCSHkJgM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://btloader.com/tag?h=crain-com&upapi=true
cache-control: max-age=3600
cf-ray: 8846d54d5a593736-FRA
content-length: 167
expires: Thu, 16 May 2024 00:16:00 GMT

GET
H2 200 sitetotal.js Show response
static.chartbeat.com/js/sitewidgets/ 54 KB
22 KB 252ms
17ms Script
application/x-javascript 2600:9000:237d:a800:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/sitewidgets/sitetotal.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a800:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 879f8ac93353fa4011fb96c803114599fccc3bdf068c906fc2ea35b9e9715d79

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 17:21:56 GMT
content-encoding: gzip
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
last-modified: Fri, 12 Apr 2013 15:40:22 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
age: 21244
etag: W/"51682ae6-d6df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: k5IAf3QMULebwi3ITCJGf0bf6Y3b1NZZVg7-OBkR2Yqi7a25cRixXw==
expires: Thu, 16 May 2024 17:21:56 GMT

GET
H2 200 dashboard.js Show response
www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/chartbeat/js/build/ 2 KB
836 B 26ms
22ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/chartbeat/js/build/dashboard.js?sdj25x

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

694d8d308661f0a9835c8ba2c50f848dd8effa27fbea6938d0bbd95b9f9ee571

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 4
date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 37
cf-polished: origSize=2340
x-cache: HIT
x-ah-environment: prod
x-request-id: v-37f0610a-12b9-11ef-b474-e365517d795a
cf-bgj: minify
last-modified: Thu, 02 Feb 2023 06:17:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 8846d54bdc385caa-FRA
expires: Wed, 29 May 2024 23:15:59 GMT

GET
H2 200 js_BwJvJtQpD6N1n5JIwO40iabpp_e3t6PihViGOkHc0VM.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 48 KB
12 KB 22ms
21ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_BwJvJtQpD6N1n5JIwO40iabpp_e3t6PihViGOkHc0VM.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15a059b15cfcce2325b0d0c6576dd6333c2e0653275d6127ed63d25237b74c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 1
date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 721565
cf-polished: origSize=67837
x-cache: HIT
x-ah-environment: prod
x-request-id: v-0de41c0c-0180-11ef-bac9-c3859ccf5a49
cf-bgj: minify
last-modified: Tue, 23 Apr 2024 14:44:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8846d54b9c125caa-FRA
expires: Mon, 20 May 2024 22:04:15 GMT

GET
H2 200 crain_pelcro_user_status.js Show response
www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/ 3 KB
1 KB 33ms
30ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/crain_pelcro_user_status.js?sdj25x

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6e1bca811af848f4ad930170f9bc77edcd142fc90badc0218cd8c6dc57f36ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 4
date: Wed, 15 May 2024 23:15:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 37
cf-polished: origSize=4140
x-cache: HIT
x-ah-environment: prod
x-request-id: v-37eec12e-12b9-11ef-99d5-5fbc513871c5
cf-bgj: minify
last-modified: Mon, 05 Feb 2024 10:35:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 8846d54bdc395caa-FRA
expires: Wed, 29 May 2024 23:15:59 GMT

GET
H2 200 icons.svg
www.crainsdetroit.com/themes/custom/citybook_rd/dist/ 20 KB
7 KB 35ms
32ms Other
image/svg+xml 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/themes/custom/citybook_rd/dist/icons.svg

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c72f4dff7cebbfb793dee88030ddb9dc7441dc9b5acf793a3de9d6a6fd6a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 20
date: Wed, 15 May 2024 23:16:00 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 37
x-cache: HIT
x-ah-environment: prod
x-request-id: v-02c5d712-f39c-11ee-87e3-d718c4de636b
last-modified: Thu, 21 Mar 2024 07:34:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=1209600
cf-ray: 8846d54bdc3a5caa-FRA
expires: Wed, 29 May 2024 23:15:59 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif

GET
H3 200 logger-1.min.js Show response
cdn.lr-intake.com/ 843 KB
167 KB 133ms
29ms Script
text/javascript 172.67.135.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-intake.com/logger-1.min.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_aB3pV_g8EzMbF2tfYa4D6I_LhjVWSGrRltLYM30Oklw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.135.7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37fb6bb21fcf6ae372979763f11326982bb8d814afe0ca050da2ec9913b642ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 285
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230118-FRA
last-modified: Wed, 15 May 2024 22:20:33 GMT
server: cloudflare
x-timer: S1715811882.933570,VS0,VE1
etag: W/"5ab2bd7374862d1dd3883f2d221b86ae6a9f3c9e996445ac42d26647546bf103-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntooV5Bm9fFpV86cK6KdbbMwT5waNlPU24XOewZrzZkdjEsNKqSAYE5wLACCn1NgdA8udRZqNfl0ODl0wz0kgDjMUh90VL7HX8LZ2DH49Kefa78e1NfCkAxhztikVSa8JIa%2FhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8846d54d5895bb4f-FRA
x-cache-hits: 1

GET
H2 200 v3 Show response
js.stripe.com/ 604 KB
167 KB 80ms
17ms Script
text/javascript 18.173.187.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_aB3pV_g8EzMbF2tfYa4D6I_LhjVWSGrRltLYM30Oklw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-121.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

703c6538c7c240f05fa39933fe7625588a50071d6d402250da0075de638c7b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:15:34 GMT
content-encoding: gzip
via: 1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 37
x-amz-cf-pop: MUC50-P4
x-cache: Hit from cloudfront
last-modified: Wed, 15 May 2024 20:41:03 GMT
server: Cloudfront
etag: W/"470acd355ab36612885d09fe7907ab94"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: Td0IQfsyGYlpKNQlqwqGohB39aHFu4oJN_fq-9FiIyOFiVsXo5YBOA==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/ 454 KB
142 KB 38ms
38ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:11:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 280
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145002
x-xss-protection: 0
server: cafe
etag: 8410536799634492291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 15 May 2025 23:11:20 GMT

GET
H2 200 ijwRs572Xtc6ZYQws9YVwnNGfJ7QwOk1.woff2
fonts.gstatic.com/s/publicsans/v15/ 26 KB
26 KB 125ms
36ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ7QwOk1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,300;0,400;0,500;0,700;0,800;0,900;1,300;1,400;1,500;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8458e4b4a54eacfd1b843411542fb3c450c0b9cf9552297bfca73fc718a258ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.crainsdetroit.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 14 May 2024 13:55:04 GMT
x-content-type-options: nosniff
age: 120056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26160
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 13:55:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 119ms
35ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2717831-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 May 2024 21:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5697
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 15 May 2024 23:41:03 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 235 B
528 B 141ms
110ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=crainsdetroit.com&domain=crainsdetroit.com&path=%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 192574e33506cbc2db0a4a31e24e7a72abe1bd1fc08f10da2e1e0d789bbed5fe

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 0
date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 170
x-served-by: cache-fra-eddf8230143-FRA
x-timer: S1715814960.295325,VS0,VE104
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Mon, 13 May 2024 23:16:00 GMT

GET
H2 403 crainsdetroit.com Show response
pubcast-files.remixd.com/player-configs/ 111 B
496 B 150ms
113ms Fetch
application/xml 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pubcast-files.remixd.com/player-configs/crainsdetroit.com
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 08142330655deb1526dcc56795c92eb5c13012f75b599d5ac68db4027953ed80

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
server: UploadServer
x-guploader-uploadid: ABPtcPqFSN68kLU1gDM3NuwQQiJAAssxWpMgU2ICthoNsAQhr84xIHbJLzOHMSlfLw1oC5-hLSgZqPqtdw
content-type: application/xml; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
expires: Wed, 15 May 2024 23:16:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 39ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 15 May 2024 23:16:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=2773, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: AJBGfJxaj8KJyIxJh+nD+5CspFjvaqONC+7oyxHzmK7dqZQ4ndGQXu4RBf/4AyYTib0bekXVY5KKD3winHaGYA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 34ms
6ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220104-FRA

GET
H2 200 id Show response
dpm.demdex.net/ 375 B
923 B 118ms
34ms XHR
application/json 52.17.32.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=138FFF2554E6E7220A4C98C6%40AdobeOrg&d_nsid=0&ts=1715814960324

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.17.32.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-32-208.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4383cc8b466bdf744829575deab522bdfc31c79ae445c00f3e67decc7ad003e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-1-v061-07d7d81b2.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Wed, 15 May 2024 23:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: 0N9VsbN8Tu4=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 314
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
80 KB 60ms
58ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-593664384&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2717831-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a46d9c08c19d90ef03528d806747cb80ac15a7736fe13b82dd49b0e47647369d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82076
x-xss-protection: 0
last-modified: Wed, 15 May 2024 22:28:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 May 2024 23:16:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
91 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R975N3VDSQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2717831-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24d22182057e5ee1c7137845d0c1470b86fcef9cd9b649600d837732d383f7b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93527
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 May 2024 23:16:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
92 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R975N3VDSQ&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2020a2a94f0b774c5669a8eba3631abcc3f10b472f1b87493f73f33b814073c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 May 2024 23:16:00 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ 33 KB
11 KB 59ms
15ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?164
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b65f414221cf068135ffc1d6b5a814da1b1a363325b451698c52a4064303a5bb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 22:43:02 GMT
via: 1.1 google
content-encoding: br
age: 1978
x-guploader-uploadid: ABPtcPromTWb6AXu9bo9dmZEHd5XTt8A6JAdzx1lj3ho7_DC96oVH8L1fOrv-2gQBrwDrFPQD7c
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10611
last-modified: Tue, 07 May 2024 22:27:04 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1715120823907330
x-goog-hash: crc32c=10AurQ==, md5=zLoLKAsL6lcopoHLyCZEiw==
content-type: application/javascript
cache-id: AMS-5232d789
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 34184
accept-ranges: bytes

GET
H2 200 get Show response
vi.ml314.com/ 264 B
388 B 67ms
30ms Script
application/javascript 35.201.104.135
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vi.ml314.com/get?eid=69120&tk=weP6qvbwC4vTzjKxXoXB2fkYVMrqAXGxMEdSJ6g2fHRUg3d&fp=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

135.104.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
via: 1.1 google
date: Wed, 15 May 2024 23:16:00 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 LogRocket.min.js Show response
cdn.lr-ingest.com/ 112 KB
30 KB 62ms
29ms Script
text/javascript 172.67.153.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.com/LogRocket.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b5e22c462b7d9f98ab74024d0f7f7529da933523a000eb09909be467f627fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230123-FRA
last-modified: Wed, 15 May 2024 22:20:33 GMT
server: cloudflare
x-timer: S1715814960.377461,VS0,VE0
etag: W/"118467099b69784b38d1d13a79eb7a6ba29d765460e5735d74829345890c528b-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NG1PBufhK4DeP4vYYgcVRXZy82FmYmvM%2B9dghW6kE8JaNCnZLU6I3g1JfjR7TbfvCCJ336Sz7J6L775PChEd1sWTavL%2FnE9b5R9h6h3oolbB%2FYw0AS80XH8MgwXcHalcjv72pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8846d54e48293603-FRA
x-cache-hits: 9

GET
H2 200 notice Show response
consent.trustarc.com/ 36 KB
11 KB 152ms
104ms Script
text/javascript 108.138.36.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=crain.com&c=teconsent&text=true&pcookie=true&cdn=1&gtm=true&js=bb&noticeType=bb&privacypolicylink=%2Fprivacy-policy&cookieLink=%2Fprivacy-policy

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-25.muc50.r.cloudfront.net

Software

Resource Hash

959b3c1d0d322ea5743b0063dc6184bc441915e21b8136e7bceb60675fe2e74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=3600
x-amz-cf-id: 5G54i578NiHkdFUDgbaTjww8e3edLvROanvi9xsuk14NJisYM7fdag==

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 606 B
683 B 120ms
46ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&pcode=crainprebidheader782626518086&rx=281233913972&callback=MoatNadoAllJsonpRequest_36410599
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 238d782920cae4324f75bd1e586d04eb7a5ea34c49783180ee7b8696171dea2c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
server: istio-envoy
etag: "c490633c6458970a7e20f161ebcafa3f7fff4574"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 25
timing-allow-origin: *
content-length: 606

GET
H2 200 n.js Show response
mb.moatads.com/ 86 B
265 B 103ms
32ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&i=CRAIN_PREBID_HEADER1&hp=1&wf=1&pxm=3&sgs=3&vb=0&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1715814960334&de=583212628484&rx=281233913972&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=1&cb=1&cu=1715814960334&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3378%3A3378%3A0%3A0&fs=208210&na=263317557&cs=0&callback=MoatDataJsonpRequest_36410599
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 2fae556231decb8446d729db5390e492c09ce4f9a08795528990465279b78c4b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
server: istio-envoy
etag: "db98546979450616de73b234a07f098a60d30545"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 12
timing-allow-origin: *
content-length: 86

GET
H2 200 iframe.html
z.moatads.com/hd09824092/ Frame 6E8A 0
0 19ms
7ms Document
text/html 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/hd09824092/iframe.html

Requested by

Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=351
content-encoding: gzip
content-length: 803
content-md5: Spy8LlvBZDE9rOQqWL7xQQ==
content-type: text/html
date: Wed, 15 May 2024 23:16:00 GMT
etag: 0d341092-8e0f-4735-ae34-f388ff501eed
last-modified: Thu, 21 Mar 2024 17:22:14 GMT
opc-meta-btime: 2021-01-26T22:41:39Z
opc-meta-mtime: 1611700899
opc-request-id: iad-1:iYaHZIcKsZiQsRRW1QohMTyfudXax_SNk12jPcrbtHzhbwSM-ygOOdh1u7H4De-w
storage-tier: Standard
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
version-id: 5af5eb63-417c-4960-9068-358f7e3e1642
x-api-id: native
x-content-type-options: nosniff

GET
H2 200 controller-with-preconnect-86a38fe46a16bd385648c1936a19c6e8.html
js.stripe.com/v3/ Frame D74F 0
0 41ms
15ms Document
text/html 18.173.187.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-86a38fe46a16bd385648c1936a19c6e8.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-18.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 35
cache-control: max-age=60, stale-while-revalidate=900
content-length: 391
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 15 May 2024 23:15:26 GMT
etag: "86a38fe46a16bd385648c1936a19c6e8"
last-modified: Wed, 15 May 2024 20:03:33 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 25a522e44c88aba621285693935f1eaa.cloudfront.net (CloudFront)
x-amz-cf-id: AgsxNuklX7c37IifyBvptYV09_MFQkzNVH3DRvLpDstsIXg_8y7aMA==
x-amz-cf-pop: MUC50-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 130ms
56ms XHR
application/json 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.crainsdetroit.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 site Show response
www.pelcro.com/api/v1/sdk/ 11 KB
2 KB 22ms
21ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/site?site_id=5070&language=en

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42a5cf957cd4ef3d5f7dc4e73b6692f8bb589113a49986f4c68b8fdb64d8a330

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.17.0
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 15 May 2024 23:04:55 GMT
server: cloudflare
age: 258
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=0
cf-ray: 8846d5513a543a7c-FRA
expires: Wed, 15 May 2024 23:04:55 GMT

OPTIONS
H2 204 site
www.pelcro.com/api/v1/sdk/ Frame 0
0 343ms
304ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/site?site_id=5070&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8846d54f49463a7c-FRA
date: Wed, 15 May 2024 23:16:00 GMT
expires: Wed, 15 May 2024 23:16:00 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

GET
BLOB 200
OK 12cffcf1-2b89-4c72-ae7e-e5ebb2aba7b1
https://www.crainsdetroit.com/ 470 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.crainsdetroit.com/12cffcf1-2b89-4c72-ae7e-e5ebb2aba7b1
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20528b0c66b4a3b314cc2e34b11bac6d61dfddbdfa6bc8e987386c86e6a795c6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Length: 481770
Content-Type

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 17ms
15ms Script
application/x-javascript 2600:9000:237d:a800:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/chartbeat/js/build/dashboard.js?sdj25x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a800:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d107b341b2356549974efad9aa65c0d321c5627a0e9bc8681223e8f69688d80

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 18:16:39 GMT
content-encoding: gzip
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
last-modified: Thu, 11 Apr 2024 00:12:34 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
age: 17961
etag: W/"66172af2-9889"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: RzIOQNnD6ageUcieR93vNUUZd6oxjuibS13R4nwKhYOfOC1oswpWrg==
expires: Thu, 16 May 2024 18:16:39 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 45ms
6ms Script
application/javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 May 2024 17:20:18 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=45211
accept-ranges: bytes
content-length: 16683

GET
H2 200 RCa1ef3faa49e84abf89a7410820c6c505-source.min.js Show response
assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/ 377 B
508 B 8ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/RCa1ef3faa49e84abf89a7410820c6c505-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b4910ab351d6b75afc3397714f5d0ede5809dfd642fbc43ef390e44519c2b4d6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
last-modified: Mon, 26 Feb 2024 11:48:25 GMT
server: AkamaiNetStorage
etag: "2802d3aea24d254dd967b5eff9bf953e:1708948105.733511"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 247
expires: Thu, 16 May 2024 00:16:00 GMT

GET
H2 200 RC78c47e69cfbf44d8bcc4b5ba97685ba4-source.min.js Show response
assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/ 401 B
515 B 8ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/RC78c47e69cfbf44d8bcc4b5ba97685ba4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2658d58658e760341eb4e0233a076241d20647c97b71e1b64c57c3ca263578bd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
last-modified: Mon, 26 Feb 2024 11:48:25 GMT
server: AkamaiNetStorage
etag: "2802d3aea24d254dd967b5eff9bf953e:1708948105.733511"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 254
expires: Thu, 16 May 2024 00:16:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 69ms
33ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 15 May 2024 23:15:59 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D27F3DF5A4F443C7B11AC8272655C4B6 Ref B: FRAEDGE1707 Ref C: 2024-05-15T23:16:00Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 103 KB
34 KB 70ms
15ms Script
application/javascript 18.173.187.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_SnKD2-3aEfAFBELg9IZ5JYEiN0TYGTM1RmvX_BtxeIA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-9.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:15:00 GMT
content-encoding: gzip
via: 1.1 25a522e44c88aba621285693935f1eaa.cloudfront.net (CloudFront)
last-modified: Tue, 20 Feb 2024 06:45:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 66
x-amz-server-side-encryption: AES256
etag: W/"6a90e37d3f128291a2aab5a6b31ac0a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: Ii88zToTQWxnwiAoRYuSBkZjOV0oONPXAgK4op3S-oBV7EkZNMoiEg==

GET
H3 200 ebx.js Show response
applets.ebxcdn.com/ 464 B
989 B 50ms
19ms Script
application/javascript 172.67.212.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applets.ebxcdn.com/ebx.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_lyb0K5ITaniwcgo-uFqLgufjqgYVW6mPAkzWFQRWKOQ.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: br
x-amzn-remapped-content-length: 464
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 562
x-amzn-requestid: aa7f6694-d67e-4e35-ab05-fd0f257555e8
x-amz-apigw-id: X1bvzHNtDoEEa6A=
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed Aug 30 13:25:09 GMT 2023
server: cloudflare
x-amzn-trace-id: Root=1-66453ffe-1c3cd4af2d25a79c6711ec38;Parent=3c5c50142cb26557;Sampled=0;lineage=7936cbcf:0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D1d4G3KCVccLRpPgoNaWlkMeuhKfslg61%2BH2okXtfTa54hq0ShsMmJV4%2BA5FGFFKEjXcRQBfNEcfilwSZra4u8Pezt1%2BVVSkgdwEQNRtP9SIDwIFxZ6JtBVaHGr%2B%2Bukw3RxLBT4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=7200
cf-ray: 8846d54f785f0410-FRA

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame E7B4 0
0 30ms
25ms Document
text/html 18.173.187.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-18.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 453
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 15 May 2024 23:08:32 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 10 May 2024 20:57:19 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 25a522e44c88aba621285693935f1eaa.cloudfront.net (CloudFront)
x-amz-cf-id: C6UMSQwBVPPy4x99OpSearFpUX2tOYM8Lsdup3quEZb02YZwkyFYHg==
x-amz-cf-pop: MUC50-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 dest5.html
craommunications.demdex.net/ Frame 9994 0
0 106ms
28ms Document
text/html 176.34.167.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://craommunications.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

176.34.167.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-176-34-167-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 15 May 2024 23:16:00 GMT
dcs: dcs-prod-irl1-2-v061-0ea71b15b.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 9 May 2024 12:26:17 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: z6jrqxpWSAk=

GET
H2

200

ibs:dpid=411&dpuuid=ZkVCMAAAALErtQN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=90996089907763788872174118661877102495
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZkVCMAAAALErtQN-

42 B
717 B

35ms
35ms

Image
image/gif

52.17.32.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZkVCMAAAALErtQN-

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Server

52.17.32.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-32-208.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

dcs: dcs-prod-irl1-1-v061-067025349.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Wed, 15 May 2024 23:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: JsbCz4l2Tvs=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZkVCMAAAALErtQN-
Date: Wed, 15 May 2024 23:16:00 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 45ms
41ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1591261994&t=pageview&_s=1&dl=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&ul=de-de&de=UTF-8&dt=Flagstar%20bank%20paid%20%241%20million%20in%20bitcoin%20to%20a%20ransomware%20group%20%7C%20Crain%27s%20Detroit%20Business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1957792307&gjid=2112614318&cid=1945130533.1715814961&tid=UA-2717831-1&_gid=946488180.1715814961&_r=1&gtm=457e45d0za200&gcd=13l3l3l2l3&dma_cps=sypham&dma=1&did=dMDhkMT&gdid=dMDhkMT&npa=1&z=1896816083

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:16:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

tag
btloader.com/
Redirect Chain

https://crain-com.videoplayerhub.com/galleryloader.js
https://btloader.com/tag?h=crain-com&upapi=true

53 KB
36 B

18ms
18ms

Other
application/javascript

2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=crain-com&upapi=true
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1f155fac3ce471021288818fc595041ad963a62b08ffeb008b6cd7adca8d092

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 May 2024 22:21:56 GMT
server: cloudflare
age: 3131
etag: "3c28cce322678d0375bcafeccb93cdb9"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8846d550ba405d3e-FRA
content-length: 18191

Redirect headers

date: Wed, 15 May 2024 23:16:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KBvYNuTWQF379imHJww%2Fv98emlh9qRTO04cdE9yA8o1oL943W15O3OjvnJpiWBfqIbkAf6jaGjndx60F%2BnzNJnXpj01fvHhdXf8x4S%2BzF6HZ057pozGn4Jpgoc61qJ7vEfGW6xa%2B42S6do%2FV9irhkyZkxWSxCSHkJgM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://btloader.com/tag?h=crain-com&upapi=true
cache-control: max-age=3600
cf-ray: 8846d54d5a593736-FRA
content-length: 167
expires: Thu, 16 May 2024 00:16:00 GMT

GET
H2 200 websiteconfig Show response
btloader.com/ 719 B
636 B 153ms
135ms Fetch
application/json 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/websiteconfig?bt_env=prod&o=5764463032532992&w=crainsdetroit.com
Requested by: Host: crain-com.videoplayerhub.com
URL: https://crain-com.videoplayerhub.com/galleryloader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b808853d35cf8a40cf369902b30c2af931b6889b6c446264fc21c19597d8f54

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Wed, 15 May 2024 23:15:49 GMT
server: cloudflare
etag: "f07fdebed0dc23af70e406c58ea32cb3"
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 8846d54fed1b9760-FRA
content-length: 374

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 154ms
116ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: crain-com.videoplayerhub.com
URL: https://crain-com.videoplayerhub.com/galleryloader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Wed, 15 May 2024 23:16:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 39ms
16ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1727523
x-guploader-uploadid: ABPtcPrux6dlODB5e_tasWROPm5jTBdL450Xz1Wts3KrxFSKJRkUiuPhL3oKK-QLBZQzrtIKB6QwkkAwAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Udq5LiJvbc5SjfLvaGm%2FzbZF1XleQlOdDcVMYD%2FTX5qQYAZ%2BZVR8TwSjoZTY4w57Drx%2FCKTm7lSAfdB9iOKNouNdAUw6aCYaKAs4JU5G1jcnmtDtlHGTz6RcOGf5%2BBtcm1xW8wSooO3AxgMVpg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8846d54ff9c130ed-FRA
expires: Fri, 26 Apr 2024 00:23:57 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 95ms
36ms Image
image/x-icon 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 13:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33633
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 May 2024 13:55:27 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
919 B 36ms
14ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.973263280715057
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1727523
x-guploader-uploadid: ABPtcPrux6dlODB5e_tasWROPm5jTBdL450Xz1Wts3KrxFSKJRkUiuPhL3oKK-QLBZQzrtIKB6QwkkAwAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RzXp9DKbHCBViXCNVJESq8qQu7pPEQ5IHysZGJCZUcHrfx37X3lS1BS5ioAtjvOmWEKUDSSXuFoqQcWTmWGK5NBs2BcN6GFB7tz%2B7rIDGcUvxFkQjp2%2B6S9AijhcReizxnuc6hSQkUIACbsHzg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8846d54fe9bf30ed-FRA
expires: Fri, 26 Apr 2024 00:23:57 GMT

POST
H2 200 delivery Show response
craommunications.tt.omtrdc.net/rest/v1/ 359 B
850 B 121ms
41ms XHR
application/json 66.235.152.221
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://craommunications.tt.omtrdc.net/rest/v1/delivery?client=craommunications&sessionId=b331117041cc40be968bb396fd47122e&version=2.10.2

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.221 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-66-235-152-221.data.adobedc.net

Software

jag /

Resource Hash

f71e3754154b06bda5f80fdddff84b372f789451c2400e0d8b020172dfe57e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crainsdetroit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 2999cf62-895f-418e-b386-9d9d0aec9a68

GET
H2 200 micro-logo.svg
www.crainsdetroit.com/themes/custom/citybook_rd/images/cdb/ 4 KB
1 KB 365ms
365ms Image
image/svg+xml 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crainsdetroit.com/themes/custom/citybook_rd/images/cdb/micro-logo.svg

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb947a7f8ed92bb31038d96a8e36f2f844bb8c8c925ea96183a0d647748cd5c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 10
date: Wed, 15 May 2024 23:16:01 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-cache: HIT
x-ah-environment: prod
x-request-id: v-0fbb780a-f39c-11ee-85e9-3341b37fc536
last-modified: Mon, 13 Feb 2023 08:12:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=1209600
cf-ray: 8846d5504e705caa-FRA
expires: Wed, 29 May 2024 23:16:01 GMT

GET
H2 200 2JEN3RX.jpg
s3-rd-prod.crainsdetroit.com/styles/1024x512/s3/ 36 KB
36 KB 456ms
406ms Image
image/jpeg 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-rd-prod.crainsdetroit.com/styles/1024x512/s3/2JEN3RX.jpg
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b4f22f30d39cb4bcedecf40d500aa953c8d891970f73e0b9b61d97c4666330b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
cf-cache-status: MISS
last-modified: Wed, 13 Mar 2024 14:52:32 GMT
server: cloudflare
x-amz-request-id: DJKNDCF0QXVMPXJ3
etag: "068ae438ea24e57c10b4d16a64680f4a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 8846d55099415c50-FRA
content-length: 36920
x-amz-id-2: tKrJnowbwVbBwwkEbUEiCYWXh8aqwQW+SMKw0kp3sl9c/Nlf3hEbWrd00iPExke+Vy6Uies2x/c=
expires: Thu, 16 May 2024 00:16:01 GMT

GET
H2 200 adsct
t.co/i/ 43 B
375 B 191ms
171ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=650631b5-6eb9-4b0d-a139-d4eca20a6152&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=23a707e6-7981-497e-a6a9-a3bfb626a1e7&tw_document_href=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4r93&type=javascript&version=2.3.30

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-response-time: 164
date: Wed, 15 May 2024 23:16:00 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 6e42bc4ba5fa0e14
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 4d33f139e608558d36e83daa0f0e73ea1edda8af7a852ccff48a6381edf2e168
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 241ms
209ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=650631b5-6eb9-4b0d-a139-d4eca20a6152&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=23a707e6-7981-497e-a6a9-a3bfb626a1e7&tw_document_href=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4r93&type=javascript&version=2.3.30

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-response-time: 202
date: Wed, 15 May 2024 23:16:00 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 38eb68bbd7e3f16d
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 789196d21f419158ec41fde6a2cef48fa58d346c33b9a63c3ca1c4dedc1bc850
content-length: 43

GET
H2 200 637988649571323 Show response
connect.facebook.net/signals/config/ 66 KB
14 KB 193ms
192ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/637988649571323?v=2.9.156&r=stable&domain=www.crainsdetroit.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ed3d39d00e835daf933dbafe0f5ce1c35458f1521ddda0f32f000d03a94c1e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 15 May 2024 23:16:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=63, mss=1326, tbw=63299, tp=-1, tpl=-1, uplat=185, ullat=0
pragma: public
x-fb-debug: tCDGaX9E9S/BaHCg965VfkYf/JGnLDkoS//zipW5VodjwvG+B+Xc8bRlfbCgrawxwB6+JKHDOInYlEF0TPneAw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
254 B 34ms
33ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=69120&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&pv=1715814960696_qkuoile6x&bl=de-de&cb=755219&return=&ht=&d=&dc=&si=1715814960696_qkuoile6x&cid=&s=1600x1200&rp=&v=2.7.2.162
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:16:00 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 logger-1.min.js Show response
cdn.lr-ingest.com/ 843 KB
167 KB 38ms
25ms Script
text/javascript 172.67.153.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.com/logger-1.min.js

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37fb6bb21fcf6ae372979763f11326982bb8d814afe0ca050da2ec9913b642ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 253
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Wed, 15 May 2024 22:20:33 GMT
server: cloudflare
x-timer: S1715811945.454771,VS0,VE1
etag: W/"5ab2bd7374862d1dd3883f2d221b86ae6a9f3c9e996445ac42d26647546bf103-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jd7tVXSLQDOvt0hCE8Z1u0Rpb9MJMCYmz4gy3pusrWcXkmIkpVJMOXCT3B0hd3QYvswLzvnD65Sy85eZBDGNF%2Fa3fgdAyolaZy0IIQLhU1X7Eeg3Cri3JpXwQTHeDMnRVbIz3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8846d5507c0ba040-FRA
x-cache-hits: 1

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 54ms
7ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 22 May 2024 23:16:00 GMT

GET
H2 200 hotjar-1906609.js Show response
static.hotjar.com/c/ 9 KB
4 KB 92ms
53ms Script
application/javascript 18.66.192.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1906609.js?sv=6

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-39.muc50.r.cloudfront.net

Software

Resource Hash

dae5a3ffdf61ef697dd51222fb11e5ecc41bed4182187d720a1828498035caef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 47755cdb8b36419a04f12ee3c24f7fae.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
etag: W/e2fc122574d654786217ea37989e5374
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: FPz1Nr3kCbFfHIO54Qo3nq1E9HhI4GdWamSyXPH-OAiTLIX0TXrxCg==

GET
H2 200 zcpt.js Show response
js-tag.zemanta.com/ 8 KB
3 KB 48ms
18ms Script
application/javascript 2606:4700:10::ac43:247d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-tag.zemanta.com/zcpt.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 08:53:31 GMT
server: cloudflare
x-amz-request-id: S6Q2B68RCPCRWY7J
age: 3216
etag: W/"6376a488d713d6cf8cf3d1ebfb5e6361"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8846d550ad219739-FRA
x-amz-id-2: 1+OR4J+zCmPFXcmJqOeUoVhZe0ATBpZ/JKeQ6TOflmC7PNNgzbFlE+ffdYD0QbTAthrSuVDdpsU=

OPTIONS
H2 204 authorization
www.pelcro.com/api/v1/sdk/members/ip/ Frame 0
0 609ms
609ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8846d550aa033a7c-FRA
date: Wed, 15 May 2024 23:16:01 GMT
expires: Wed, 15 May 2024 23:16:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

OPTIONS
H2 204 country
www.pelcro.com/api/v1/sdk/geo/ Frame 0
0 762ms
762ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/geo/country?site_id=5070&language=en&locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8846d550aa083a7c-FRA
date: Wed, 15 May 2024 23:16:01 GMT
expires: Wed, 15 May 2024 23:16:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 404 authorization Show response
www.pelcro.com/api/v1/sdk/members/ip/ 76 B
161 B 343ms
342ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2057b29ca580da0aab4aa5c20f0cf9204c5e80025bbcaa343ecefbf0b0f420

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.17.0
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: no-cache, private
cf-ray: 8846d5547cc13a7c-FRA

GET
H2 200 country Show response
www.pelcro.com/api/v1/sdk/geo/ 5 KB
3 KB 332ms
332ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/geo/country?site_id=5070&language=en&locale=en

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ba5484f689481b134a0ddf78b337af0f276a33c1c4019f9d088aa6b96f2b7de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.17.0
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=0
cf-ray: 8846d5556d633a7c-FRA
expires: Wed, 15 May 2024 23:16:01 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 62ms
22ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2717831-1&cid=1945130533.1715814961&jid=1957792307&gjid=2112614318&_gid=946488180.1715814961&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1372520881

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 15 May 2024 23:16:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v1.7-3281 Show response
consent.trustarc.com/asset/notice.js/v/ 93 KB
27 KB 14ms
14ms Script
text/javascript 108.138.36.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-3281

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=crain.com&c=teconsent&text=true&pcookie=true&cdn=1&gtm=true&js=bb&noticeType=bb&privacypolicylink=%2Fprivacy-policy&cookieLink=%2Fprivacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-25.muc50.r.cloudfront.net

Software

Resource Hash

5eeb76abbd17b81bc8a7f6722be1f0b980897bce2c1fe38bbe9f126573486d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Wed, 15 May 2024 22:33:04 GMT
content-encoding: gzip
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 2 May 2024 01:55:11 GMT
x-amz-cf-pop: MUC50-P2
age: 2576
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
x-amz-cf-id: OI7e5TPRf5vhMHmNnIvF_9zIYDOSvAn6W1VdGfJT3lgW89tTL8cYFQ==

GET
H2 200 log
consent.trustarc.com/ 43 B
1 KB 77ms
49ms Image
image/gif 108.138.36.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=crain.com&country=de&state=&behavior=implied&session=394221de-a538-4bba-b98b-07e9a7c79b7e&userType=NEW&c=4417

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-25.muc50.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.prod.internal.trustarc.com https://.trustarc.eu https://.prod.internal.trustarc.eu https://.staging.internal.trustarc.com https://.trustarc-svc.net https://.truste-svc.net https://.qa.truste-svc.net https://.dev.truste-svc.net http://localhost: https://.nymity.com https://.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-security-policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: MUC50-P2
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: cross-origin
expect-ct: enforce, max-age=60
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id: 38U3NdgeWZBRo0_oj_Nc6RLYN0_5lgbYonQncP0XdGTezaakWaAuWw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 357 KB
41 KB 203ms
131ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=468024550569019&correlator=2940149831083437&eid=44809527%2C31083341%2C31083633%2C95332150%2C31079525&output=ldjh&gdfp_req=1&vrg=202405090101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=105554924%2Ccdb%2Cbanking-finance%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%2C1200x250%7C970x90%7C970x250%7C728x90%2C1x1%2C970x90%7C728x90%2C300x250%2C300x250%7C300x600%2C300x250%2C320x50%2C300x250%2C970x90%7C970x250%7C728x90&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0&ifi=1&sfv=1-0-40&ists=640&eri=1&sc=1&abxe=1&dt=1715814960802&lmt=1715814957&adxs=0%2C0%2C740%2C255%2C1120%2C1120%2C1120%2C1120%2C1120%2C160&adys=0%2C112%2C2046%2C2213%2C283%2C917%2C917%2C917%2C917%2C3828&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C0%7C0%7C0%7C0%7C0%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&vis=1&psz=1600x0%7C1600x0%7C0x0%7C970x0%7C320x0%7C320x0%7C320x0%7C320x0%7C320x0%7C1280x0&msz=1600x0%7C1600x0%7C0x0%7C970x0%7C320x0%7C320x0%7C320x0%7C320x0%7C320x0%7C1280x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&dlt=1715814959838&idt=514&prev_scp=m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3Dinterstitial%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_gv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26pos%3DLB_01%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DINREAD%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DLB_02%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DREC_01%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DREC_02%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DREC_03%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DNTV_01%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DREC_04%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DLB_03%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&adks=2469479782%2C3408410643%2C3786919291%2C1903794186%2C3974399175%2C3305026640%2C512715725%2C4228418464%2C3679085481%2C2004704769&frm=20&eoidce=1

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

30615aca981aaafc631ef2d7dedea85a410523bcc83eaa1aee916af801f9e637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41946
x-xss-protection: 0
google-lineitem-id: -2,6720578578,-2,6439686130,6704818548,6266034181,6354644058,-2,6354644058,6708827759
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138475310326,-2,138458624057,138471847605,138463833524,138441589527,-2,138442311334,138472193612
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
cb5c1cc561473d5027199696b4de8a69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C5F7 0
0 156ms
43ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cb5c1cc561473d5027199696b4de8a69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 23:16:00 GMT
expires: Thu, 15 May 2025 23:16:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK cci-firstTouchCookie.js Show response
crain-global.s3.amazonaws.com/global/js/ 3 KB
4 KB 358ms
128ms Script
application/javascript 52.216.212.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://crain-global.s3.amazonaws.com/global/js/cci-firstTouchCookie.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.216.212.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a52bf805948390e3ecf0ee9bf232f1563a9d8cae24a20152845730f355adedbb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date: Wed, 15 May 2024 23:16:02 GMT
Last-Modified: Tue, 26 Sep 2023 14:12:59 GMT
Server: AmazonS3
x-amz-request-id: T4M6ZB6TWQG9REZ3
ETag: "b79b890f95a91ffbf5a1e0c99ee5eeed"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3185
x-amz-id-2: w0Rn5u2q1qXwkW6gYC6DhIa5DI2WeuYdx6CWwRFuA5sXeRq0qjSR/RKlpL26/+fYB1LCnqLrAeA=

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 334ms
109ms Image
image/gif 3.94.219.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=crainsdetroit.com&p=%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&u=Dh1AmQBQq6tju8qtB&d=crainsdetroit.com&g=25465&g0=No%20Section&g1=Anna%20Fifelski&n=1&f=00001&c=0&x=0&m=0&y=4727&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&b=4156&t=D4nNpAFud768mJaYDcvv4pB8VqU&V=145&i=Flagstar%20bank%20paid%20%241%20million%20in%20bitcoin%20to%20a%20ransomware%20group%20%7C%20Crain%27s%20Detroit%20Business&tz=-120&_acct=anon&sn=1&sv=kprAxCnX454YmdeNEWmrlCLX22Y&sr=external&sd=1&im=067b0fff&_
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.219.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-219-251.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1715814960846&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1715814960846&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cooki...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2832529%26time%3D1715814960846%26url%3Dhttps%253A%252F%252Fwww.crainsdetroit.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1715814960846&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cooki...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1715814960846&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cook...

0
264 B

180ms
150ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1715814960846&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cookiesTest=true&liSync=true&e_ipv6=AQI1E-Y7fck1RgAAAY9-ipGNW0MOI6iACYxCcHaaVesXiKx3SDjqrWeX1RzcRJZ2FuONsfnm
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FC8EB2DD26F0470B89C422D45D5BD2DF Ref B: FRAEDGE1511 Ref C: 2024-05-15T23:16:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYYhk1LM3QnxrtUf7wdPA==

Redirect headers

date: Wed, 15 May 2024 23:16:01 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 65E4F9E423F444AAA1FD12ED42F95B38 Ref B: FRAEDGE1221 Ref C: 2024-05-15T23:16:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1715814960846&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cookiesTest=true&liSync=true&e_ipv6=AQI1E-Y7fck1RgAAAY9-ipGNW0MOI6iACYxCcHaaVesXiKx3SDjqrWeX1RzcRJZ2FuONsfnm
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYYhk1IdGl/OvhtR6YB7Q==

GET
H3 200 scripts.js Show response
applets.ebxcdn.com/applets/www.crainsdetroit.com/ 2 KB
2 KB 182ms
166ms XHR
text/javascript 172.67.212.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applets.ebxcdn.com/applets/www.crainsdetroit.com/scripts.js
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30cc81680ac73a0ed5dd4570067c32dc4867a4879e3003e695a672315d3f1a24

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amzn-requestid: f5005794-7445-4410-a9bd-e61539422723
x-amz-apigw-id: X1dHsFWJjoEEFjQ=
content-length: 1572
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 10 Jan 2024 12:58:56 GMT
server: cloudflare
etag: aV3RLxUawR+XrKqGWhCg3g==
x-amzn-trace-id: Root=1-66454230-5d4693cb0371ed8e27379df1;Parent=578484950b1cdc86;Sampled=0;lineage=388d0713:0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bluuyc46T9ivnmBadzMj2vtnx7MwTEC8TTn08ratcg18bY7kJfirnlhUr%2BEzvOUubWAfATOpKpzrH7ZeCzIHKYj%2BNp4rQVB2bWwLBTzYBNx1xPXdWK9sL%2Ff%2BBc4VvOQItQpBc8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=300, no-transform
accept-ranges: bytes
cf-ray: 8846d5516ca89a35-FRA

GET
H2 200 187044856.js Show response
bat.bing.com/p/action/ 1 KB
842 B 50ms
49ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187044856.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7a14a0fe551572acdc43f34050492d8bd9ffb0e9e312532308fed7b8322c2903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Wed, 15 May 2024 23:15:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6D0D777337CE42C3A4B5F886AACE9F78 Ref B: FRAEDGE1707 Ref C: 2024-05-15T23:16:00Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
286 B 35ms
35ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187044856&tm=al001&Ver=2&mid=44698fed-e374-4230-b1a3-477cc68ffb4e&sid=17ecb860131111efb8fe115b929a7ce4&vid=17ecd500131111ef99d3b13cfb9816bb&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Flagstar%20bank%20paid%20%241%20million%20in%20bitcoin%20to%20a%20ransomware%20group%20%7C%20Crain%27s%20Detroit%20Business&p=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&r=&lt=3839&pt=1715814956688,,,,,0,21,21,21,44,27,44,3145,3232,3150,3804,3809,3839,,,&pn=0,0&evt=pageLoad&sv=1&rn=491613

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 May 2024 23:15:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6167042A37B94F2DBBBFCF1E66A7178F Ref B: FRAEDGE1707 Ref C: 2024-05-15T23:16:00Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 289 B
497 B 150ms
150ms Fetch
application/json 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=1&okv=%7B%7D
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: 8deb1058867ce83b69dd02f1a0097b5c5cfd87b691d6fac57f6d1daa0462a2f4

Request headers

x-lib-version: v1.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
authorization: Bearer 9e4ef7ae863f721d8ef0aa6f15b0ac85
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type: application/json
accept: application/json
Referer: https://www.crainsdetroit.com/
x-referring-url: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 196
expires: -1

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 369ms
117ms Preflight
text/plain 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=1&okv=%7B%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://www.crainsdetroit.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Wed, 15 May 2024 23:16:01 GMT

OPTIONS
H2 200 location
www.pelcro.com/api/v1/sdk/ Frame 0
0 22ms
22ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pelcro.com/api/v1/sdk/location
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
cf-ray: 8846d551bab13a7c-FRA
content-length: 0
date: Wed, 15 May 2024 23:16:00 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 location Show response
www.pelcro.com/api/v1/sdk/ 66 B
155 B 21ms
21ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pelcro.com/api/v1/sdk/location
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d92dc4ef46f39dae0b2908c18f8f0623acfd88bc861da9378e7d2393f092228

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.17.0
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Wed, 15 May 2024 23:16:00 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 8846d551dace3a7c-FRA
vary: Accept-Encoding
content-type: application/json; charset=UTF-8

GET
H2 200 country Show response
api.btloader.com/ 37 B
162 B 115ms
114ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=5764463032532992
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37

GET
H2 200 /
p1.zemanta.com/v2/p/js/38076/PAGE_VIEW/ 26 B
168 B 341ms
331ms Image
image/gif 2606:4700:10::ac43:247d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p1.zemanta.com/v2/p/js/38076/PAGE_VIEW/?bust=0956321701951865&optOut=false

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
x-robots-tag: none
cf-ray: 8846d551fe109739-FRA
content-length: 26

GET
H2 200 rules-p-J_kXLtyWmukpz.js Show response
rules.quantcount.com/ 160 B
641 B 88ms
39ms Script
application/javascript 2600:9000:20ae:9600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-J_kXLtyWmukpz.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:9600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b022a884114de14db9cefdd4d2554c1f281ae12820f33976f3c7e768f7998fbc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:14:21 GMT
via: 1.1 3909cd34f904454f54cf78c975b2c198.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 101
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:30:53 GMT
server: AmazonS3
etag: "599ac3fe3327eee0bd61b8e478fad20a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 6yJaKUD8lLvAG1sO4fDqyGSO1IDlrSPBx0-UYz1mzxeUsbIcIDimOw==

GET
H2 200 modules.e5979922753cf3b8b069.js Show response
script.hotjar.com/ 222 KB
55 KB 54ms
15ms Script
application/javascript 54.230.228.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e5979922753cf3b8b069.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1906609.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-64.muc50.r.cloudfront.net

Software

Resource Hash

0c9367da8b34432f76a9ff9f347fc20129239f9a6b137bed9a830d02f501e89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 14 May 2024 13:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c357e4a7404abfefc6d5fb1647246a74.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 121134
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55998
last-modified: Tue, 14 May 2024 13:36:29 GMT
etag: "dabac5cc8e90131b43632bc82895bb8e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ERABttRstvHSraKQze4FhW4vACzyOFPNUjqMbg6vzgIj7LvAgwFLOQ==

GET
BLOB 200
OK fbfd92ff-285d-40de-a3f4-75cb2492f773
https://www.crainsdetroit.com/ 470 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.crainsdetroit.com/fbfd92ff-285d-40de-a3f4-75cb2492f773
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20528b0c66b4a3b314cc2e34b11bac6d61dfddbdfa6bc8e987386c86e6a795c6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Length: 481770
Content-Type

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 30ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=637988649571323&ev=PageView&dl=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&rl=&if=false&ts=1715814960994&sw=1600&sh=1200&v=2.9.156&r=stable&a=adobe_launch&ec=0&o=4126&fbp=fb.1.1715814960992.876823167&cs_est=true&ler=empty&cdl=API_unavailable&it=1715814960692&coo=false&rqm=GET

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1326, tbw=2765, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 15 May 2024 23:16:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 187044856 Show response
bat.bing.com/p/insights/t/ 712 B
1003 B 107ms
107ms Script
application/x-javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/187044856

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/187044856.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

943774ccbe059f33febb00266e70a86205e6c7433cfa990d191c91b47366b958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: -1
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 15 May 2024 23:16:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CC7A2579D69D489FAB0C2CC06CCC81ED Ref B: FRAEDGE1707 Ref C: 2024-05-15T23:16:01Z
vary: Accept-Encoding
x-azure-ref: 20240515T231601Z-r1d4978dc9fqwkjk0gznwxqtdn00000001yg00000000w5ed
content-type: application/x-javascript
x-cache: CONFIG_NOCACHE
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 603
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

OPTIONS
H2 204 5070
www.pelcro.com/api/v1/sdk/ecommerce/products/site/ Frame 0
0 287ms
286ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/ecommerce/products/site/5070

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8846d5525b1b3a7c-FRA
date: Wed, 15 May 2024 23:16:01 GMT
expires: Wed, 15 May 2024 23:16:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 5070 Show response
www.pelcro.com/api/v1/sdk/ecommerce/products/site/ 16 KB
2 KB 22ms
22ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/ecommerce/products/site/5070

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11990d6189d8e7f5e3c792c96be70170c9c4ee1f3b519531f6553e0a3ed2c8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.17.0
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 15 May 2024 23:07:13 GMT
server: cloudflare
age: 259
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=0
cf-ray: 8846d5542c903a7c-FRA
expires: Wed, 15 May 2024 23:07:13 GMT

GET
H2 200 main.min.js Show response
js.pelcro.com/ui/plugin/crain-detroit-business/ 1 MB
337 KB 26ms
25ms Script
text/javascript 2600:9000:26da:c000:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/ui/plugin/crain-detroit-business/main.min.js
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:c000:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 638297b75f75befe7efeb3ab8ef5f20d99e7f32919f68053ead445e50c903e73

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
content-encoding: gzip
via: 1.1 7bf4f64fa64e134b5dbb63cabb0aa9e4.cloudfront.net (CloudFront)
last-modified: Wed, 01 May 2024 09:33:00 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 62519
x-amz-server-side-encryption: AES256
etag: W/"27a72262018ce16b0f6881c85dbf49be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
x-amz-cf-id: aTubLsUqmrhA-k91dh107tg-oNikt9LJb6mdcPFLoHfgBv5rKawgNA==

GET
H2 200 get
consent.trustarc.com/ 127 KB
77 KB 17ms
16ms Font
font/ttf 108.138.36.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=OpenSansRegular.ttf

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-25.muc50.r.cloudfront.net

Software

Resource Hash

a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Wed, 15 May 2024 22:47:54 GMT
content-encoding: gzip
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P2
age: 1687
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
x-amz-cf-id: Oq7i_UJ69b8qHDn4wajJLZRnqGNu0gJAhzEY3qtLFD5KynKi9LqIRw==

GET
H2 200 get
consent.trustarc.com/ 127 KB
75 KB 16ms
15ms Font
font/ttf 108.138.36.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=OpenSansBold.ttf

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-25.muc50.r.cloudfront.net

Software

Resource Hash

914b98c4be37d22289a09667dc5083f7c625d972fea66a049d73decad7f1df72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Wed, 15 May 2024 23:01:02 GMT
content-encoding: gzip
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P2
age: 899
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
x-amz-cf-id: rLgjUrnTSOUxhUr7wbVANTEghEFhgzY8V5IviW6_6xYB6AKvQtfAHw==

GET
H2 200 bannermsg
consent.trustarc.com/ 43 B
1 KB 48ms
48ms Image
image/gif 108.138.36.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/bannermsg?action=views&domain=crain.com&behavior=implied&country=de&language=de&rand=0.3065121835925717&session=394221de-a538-4bba-b98b-07e9a7c79b7e&userType=NEW

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-25.muc50.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.prod.internal.trustarc.com https://.trustarc.eu https://.prod.internal.trustarc.eu https://.staging.internal.trustarc.com https://.trustarc-svc.net https://.truste-svc.net https://.qa.truste-svc.net https://.dev.truste-svc.net http://localhost: https://.nymity.com https://.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
content-security-policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: MUC50-P2
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: cross-origin
expect-ct: enforce, max-age=60
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id: UPzSi2nqY8lyZHay292oZHpBLHVLlqyIB_dEw7WK5A7qG1RdYX6MkQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 pv Show response
api.btloader.com/ 0
12 B 116ms
116ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=j3QkKpxj&w=5661028241113088&o=5764463032532992&cv=2.1.44-1-g797e4b1&widget=false&checksum=a75e0b02&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&sid=R7YjHSJPcu&pm=false&upapi=true
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Wed, 15 May 2024 23:16:01 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/ Frame 9A35 23 KB
9 KB 162ms
88ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

7ad6da96f121321c0902f93c186674d9ce01d6e3b667a829edbb31f65c3c4c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 17:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 9535300308894514296
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 May 2024 17:03:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/ Frame 9A35 3 KB
1 KB 159ms
86ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 17:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 May 2024 17:03:27 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9A35 214 KB
65 KB 108ms
36ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

045195637bee3150d8ab91964b576be80df50bf4c3a802f8b4ec25b44e2acf73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66400
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 May 2024 00:03:27 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame 9A35 10 KB
5 KB 17ms
15ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/craindfp44917164363/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 May 2024 23:16:01 GMT
content-md5: vhllMQq6aHL0wqgkGTf5Aw==
storage-tier: Standard
content-length: 3856
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:07 GMT
opc-request-id: iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m
x-api-id: native
etag: 001ba0e4-6408-48ba-b7a3-18af31904bce
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 438c0f49-c157-4286-81f2-36c01f2a344f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=18586
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 9033028528250262584
tpc.googlesyndication.com/simgad/ Frame 9A35 102 KB
102 KB 218ms
124ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9033028528250262584

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6faf580cb3fb929803e68c4465bd15ef97cb20a380885651f812748f2bf9d187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Wed, 14 May 2025 14:17:50 GMT
date: Tue, 14 May 2024 14:17:50 GMT
x-content-type-options: nosniff
age: 118691
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104315
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 19:00:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/ Frame 0703 23 KB
0 156ms
156ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

7ad6da96f121321c0902f93c186674d9ce01d6e3b667a829edbb31f65c3c4c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 17:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 9535300308894514296
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 May 2024 17:03:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/ Frame 0703 3 KB
0 155ms
155ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 17:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 May 2024 17:03:27 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0703 214 KB
0 102ms
102ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

045195637bee3150d8ab91964b576be80df50bf4c3a802f8b4ec25b44e2acf73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66400
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 May 2024 00:03:27 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame 0703 10 KB
0 11ms
11ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/craindfp44917164363/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vhllMQq6aHL0wqgkGTf5Aw==
storage-tier: Standard
content-length: 3856
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:07 GMT
opc-request-id: iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m
x-api-id: native
etag: 001ba0e4-6408-48ba-b7a3-18af31904bce
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 438c0f49-c157-4286-81f2-36c01f2a344f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=18586
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 16993375091110671538
tpc.googlesyndication.com/simgad/ Frame 0703 65 KB
66 KB 123ms
37ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16993375091110671538

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c72f7117f8074a4938b64c241b62929ce19615e9766d4a8c6cff8608735e5fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Wed, 14 May 2025 14:52:46 GMT
date: Tue, 14 May 2024 14:52:46 GMT
x-content-type-options: nosniff
age: 116595
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66905
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 19:29:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/ Frame 9EDF 23 KB
0 150ms
150ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

7ad6da96f121321c0902f93c186674d9ce01d6e3b667a829edbb31f65c3c4c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 17:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 9535300308894514296
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 May 2024 17:03:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/ Frame 9EDF 3 KB
0 149ms
149ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 17:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 May 2024 17:03:27 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9EDF 214 KB
0 95ms
95ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

045195637bee3150d8ab91964b576be80df50bf4c3a802f8b4ec25b44e2acf73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66400
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 May 2024 00:03:27 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame 9EDF 10 KB
0 5ms
5ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/craindfp44917164363/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vhllMQq6aHL0wqgkGTf5Aw==
storage-tier: Standard
content-length: 3856
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:07 GMT
opc-request-id: iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m
x-api-id: native
etag: 001ba0e4-6408-48ba-b7a3-18af31904bce
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 438c0f49-c157-4286-81f2-36c01f2a344f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=18586
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 6728796043336926069
tpc.googlesyndication.com/simgad/ Frame 9EDF 22 KB
22 KB 193ms
113ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6728796043336926069

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e080100886650be66d2cc041b214ba03fc2f447efa5e242137cbabf378b9008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Thu, 15 May 2025 15:22:24 GMT
date: Wed, 15 May 2024 15:22:24 GMT
x-content-type-options: nosniff
age: 28417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22354
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 15:59:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/ Frame 6D94 23 KB
0 144ms
144ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

7ad6da96f121321c0902f93c186674d9ce01d6e3b667a829edbb31f65c3c4c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 17:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 9535300308894514296
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 May 2024 17:03:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/ Frame 6D94 3 KB
0 143ms
143ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 17:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 May 2024 17:03:27 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6D94 214 KB
0 89ms
89ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

045195637bee3150d8ab91964b576be80df50bf4c3a802f8b4ec25b44e2acf73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66400
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 May 2024 00:03:27 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame 6D94 10 KB
0 0ms
0ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/craindfp44917164363/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vhllMQq6aHL0wqgkGTf5Aw==
storage-tier: Standard
content-length: 3856
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:07 GMT
opc-request-id: iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m
x-api-id: native
etag: 001ba0e4-6408-48ba-b7a3-18af31904bce
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 438c0f49-c157-4286-81f2-36c01f2a344f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=18586
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 12242086710981126734
tpc.googlesyndication.com/simgad/ Frame 6D94 34 KB
34 KB 228ms
154ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12242086710981126734

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f953eb12e08ffeaab8f9a2488e2673e7ffa15f386bfb8716b1b238e1d02cc4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

allow-fenced-frame-automatic-beacons: true
date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35149
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 18:33:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 May 2025 23:16:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/ Frame F6F7 23 KB
0 138ms
138ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

7ad6da96f121321c0902f93c186674d9ce01d6e3b667a829edbb31f65c3c4c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 17:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 9535300308894514296
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 May 2024 17:03:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/ Frame F6F7 3 KB
0 137ms
137ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 17:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 May 2024 17:03:27 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F6F7 214 KB
0 82ms
82ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

045195637bee3150d8ab91964b576be80df50bf4c3a802f8b4ec25b44e2acf73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66400
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 May 2024 00:03:27 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame F6F7 10 KB
0 0ms
0ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/craindfp44917164363/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vhllMQq6aHL0wqgkGTf5Aw==
storage-tier: Standard
content-length: 3856
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:07 GMT
opc-request-id: iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m
x-api-id: native
etag: 001ba0e4-6408-48ba-b7a3-18af31904bce
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 438c0f49-c157-4286-81f2-36c01f2a344f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=18586
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 12328937770629736648
tpc.googlesyndication.com/simgad/ Frame F6F7 51 B
176 B 190ms
124ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12328937770629736648

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a926196a97d8e400c8c714bcc663de7e30e226928ed7432e3c8f03ba9183eab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Wed, 14 May 2025 08:08:30 GMT
date: Tue, 14 May 2024 08:08:30 GMT
x-content-type-options: nosniff
age: 140851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
last-modified: Wed, 13 Apr 2016 17:30:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 9A35 0
26 B 141ms
96ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstCzFX3PZ6y6SHvYOkfnUgrfM3oop9TVjWa8xSTofn5JUirq0hcb2EI5Y2xNxoFOzEGXIR-n-hTztgd_9l74nToZEytxK6TLDDDppIBxWnBCZOnMRTo9_EkSjPzjQ4Xw6E4goaHyr4YRHQ8Q7eKC1MYY7nKqj7vv5sEX6xoCbSqVrCDuOn02z923sOOY_3Ih5XUD68Z4ELrtCDvZ04pSTeziJ_oKBJsowhzM3-I8bQqMJBry39VKnVcR135uQizcC-hEL8QtCw-Aw7tzrAot58iYDtP5FFEI0HzpJ0joX81IBv232aw_ur55_btp0q7jr5s_Uc1_hQTabMYPjkO02Uj9_Tnz5msiULpSlQCk_5GMga9R8OVP5ychbsj6tN1XwnSxvm34MZ2Qi9t&sig=Cg0ArKJSzMEd0K8pdH1xEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0703 0
26 B 137ms
95ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvpAWj2EsqT_YH9YzqshmBfyw4MGBNGFQN7leLycynAFYVy23XBXWC3pmO7N2EbnCJ7okFj2-GYgsPxWpmSB6lAINKSK2SbED50WsxJnrjNOCtCWGwmJZJbAPR_-f-YgjsPuy9jCd7rv47XKcGIZ2OnERJGWdgHJinT2PvA0XG7wot84xOa7ljvHmltAeGKzcnqub_tJ_bBL11C2wGAMvZgeDawjmHj6Ai0dtU9cqcALWILlH-VKvZBKdNhTJOhEfoZmbhC-sjGcAYD25LdRt-WTmbNfQz4OiRfmDw9Cz5ta7EG2-vZYr3nTIX51LwoK75nfqaZNPTC-IjMGVRDToq4FJDZaPQsTGTqzGq74KDbbYphk07045NCAPejy0GTjkWHAadFtpI&sig=Cg0ArKJSzIJhyytd_3q0EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 9EDF 0
26 B 140ms
98ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuX9nFM64xFnt8zSPwEbGx9_L55cA9YF9Q07ReBJKC7LNdkpW2VHskMsoOX87Go2nMhbtwVJU-6iW4_q8RmFJBlTkSLHEab-YPXyuTOGBbROGfgnHt2gQwqjhgRgOq4ubPbuTtA6NVdKIZIhWZLpDgJt1khgXF9_djk0YT15JATpWsV78aUigYeclLHaBU8O5zOZKREoWyKSYgcLKxWuzTVQWydzsfBF58s5HaCMkOz5LP2tbK0Ch1EXf0t2ybq5HsbRjcgQ9huWUJ_rV7J-uYFZLScY1NdxJfIDqBFl8SmZWLl9qWAKcCBesD4ve4GJyJYYSQ-c1C1sGYCgItuDpHmudchInAP6xdaEqobKYBooZ3vwLTzFc8HJvGWFggrnrMhcXVq5xo&sig=Cg0ArKJSzCvMrq3_CoKBEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6D94 0
26 B 140ms
98ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstboDNaULOxF8VQYCi3GgYfRoPP5lx_igz48sUdckMYAJF5vcn4SpGkYQssaFWoddOzJ6w1JBbkgscTvoPLIGceDOjU6XCIex0ppwFXzRHVNSqokm0-ZT40a7LplzOBIJs4ufMym3VPtMrp0neFc7AEcO-M9XY2pVz3kxwWB4Ztoxn2zrJVFLcZX_iksP1aRzG7D1ISdoKNon2uAx3hw-txiximwQlEcweFOQ8NfVAiheaV_G_pLHxOavtts6XHMaIfs7lRl0jULs5MxVwYPuKImZPx2cOjwEN0F8I3pR2exUlGMrGCXerAkTnkklwQB9E-m8xKAcx-SEiHqKf8OzJINp7OP6eRdQ5dZOQWmjYQOffCVh0jqoSJD9kXo3YZEt3F7lDFXn0&sig=Cg0ArKJSzGLnUTA3yfzLEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F6F7 0
26 B 140ms
98ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvert_IS8AHpiYacvYq_j9omp59fHDLiBHON1HecBmHB6kNIfYtILq3dIvN15jicG74-JP0SNE-B7LIFH3eHM6wZTE4QzWbA3XjsYq3SbPiLG078qXaZ-8e3BhbN32e2knVuMVsfZYv203qwt7uOSeS0z91ZAx_EKKAOAdnfN73GSy_iCwnrxEE8Kr8urPo4-cfWD1_YZv60JXIhnUVPk-caAOAIU9v1vhC2EIL5zk09wypFUeAmpzDGRaKF4eh6OBAR8RKeAat_-qDYZzrt__OgPh1vDPenPfC6cSK-104feDDm6pk4vSU8DKo5aeNrj3QMin6u2ExvezC_eE6ugXVNzA8JJ3MWLukSqnGJP_2SjJ0ULGRY-BcF2mRXBeAqpw9xlCGe60&sig=Cg0ArKJSzBHnguivVrLmEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 12328937770629736648
tpc.googlesyndication.com/simgad/ Frame 0ECD 51 B
0 125ms
125ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12328937770629736648

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a926196a97d8e400c8c714bcc663de7e30e226928ed7432e3c8f03ba9183eab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Wed, 14 May 2025 08:08:30 GMT
date: Tue, 14 May 2024 08:08:30 GMT
x-content-type-options: nosniff
age: 140851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
last-modified: Wed, 13 Apr 2016 17:30:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/ Frame 0ECD 23 KB
0 123ms
123ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

7ad6da96f121321c0902f93c186674d9ce01d6e3b667a829edbb31f65c3c4c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 17:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 9535300308894514296
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 May 2024 17:03:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/ Frame 0ECD 3 KB
0 120ms
120ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 17:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 May 2024 17:03:27 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0ECD 214 KB
0 65ms
65ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

045195637bee3150d8ab91964b576be80df50bf4c3a802f8b4ec25b44e2acf73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66400
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 May 2024 00:03:27 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame 0ECD 10 KB
0 0ms
0ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/craindfp44917164363/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vhllMQq6aHL0wqgkGTf5Aw==
storage-tier: Standard
content-length: 3856
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:07 GMT
opc-request-id: iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m
x-api-id: native
etag: 001ba0e4-6408-48ba-b7a3-18af31904bce
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 438c0f49-c157-4286-81f2-36c01f2a344f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=18586
access-control-allow-credentials: true
accept-ranges: bytes

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/ Frame 8056 23 KB
0 120ms
120ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

7ad6da96f121321c0902f93c186674d9ce01d6e3b667a829edbb31f65c3c4c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 17:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 9535300308894514296
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 May 2024 17:03:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/ Frame 8056 3 KB
0 117ms
117ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 17:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 May 2024 17:03:27 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8056 214 KB
0 59ms
59ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

045195637bee3150d8ab91964b576be80df50bf4c3a802f8b4ec25b44e2acf73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66400
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 May 2024 00:03:27 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame 8056 10 KB
0 0ms
0ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/craindfp44917164363/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vhllMQq6aHL0wqgkGTf5Aw==
storage-tier: Standard
content-length: 3856
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:07 GMT
opc-request-id: iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m
x-api-id: native
etag: 001ba0e4-6408-48ba-b7a3-18af31904bce
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 438c0f49-c157-4286-81f2-36c01f2a344f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=18586
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 8606077076610020647
tpc.googlesyndication.com/simgad/ Frame 8056 24 KB
24 KB 111ms
76ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8606077076610020647

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c46c65b6b4db310f702c3914b25c7f2bd762421ab6761c5c3207519261d40c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Wed, 14 May 2025 21:04:38 GMT
date: Tue, 14 May 2024 21:04:38 GMT
x-content-type-options: nosniff
age: 94283
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24741
x-xss-protection: 0
last-modified: Wed, 17 Apr 2024 20:22:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0ECD 0
26 B 114ms
95ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvkQRvnxc5gGWa94wDlO80vBDIWZsDCF7TgTjW4ROFxl_vwcEKTPoWymrYGG3Gwzn2SYjl30igS0TPImyEiZ0-OBx2FqRTp9VQiIfKc-9cryZAWpwe-cZr7Mn5jnXA57A5ek30riQjoEkAO3P193H51tte5j6SxlP6HtmDkpIWO6d6LT8uLVtI4u3LMdGHfa_qq3m0x5JYQNW3g8Uixw1_qjhkPjDAbwL-BovKKGj8pc2L0jfjKVGheWC5Ds8Hq4LBVMF-9zxTlxP3K2Nk_Obe_LTLTjrMF8jsPkTfpjpwHNur4w6XdIqXIAb0DZ1nLTBaBF9KQX3D4p4RG6Fx8hVnTOizFsVJELQHMGtqSvGA0jvd3Ao3yAtvrmDIlQfCRozYTBXD8tW4&sig=Cg0ArKJSzNKI84kjb-jOEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 8056 0
26 B 114ms
95ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst0nAgfClbvyoBPQqbHGu2NkKm8gI1b0ueuHiR05Otd1Sg-RAXJX9stmPb-349DL9Yo5OLmiEqmKVYQlEp-yP5dVJ5voaqRi5DxQA1fgXOZBO2jQDWaxQ8gErhkosAQPcwX-qSK6PLES0qF-um3eO5-Xs73RiXgyJ25j7cvNvYw0XMVttMVis0jqpW6c85fze3yGo2rCvqnIaIMrCuTXjOd9wqIyT1YAn70eEwpid4q0BAf0LqwqqN5o-SFvizfuVwjNky74cyJqdOPLT46zIjzPJH9xoPlemd1mXEVUwJbDFP3gYk_0-YVUSqEVz0E9rHPakLZiFDgKwTxR9Stp4Z9w8v_UJXcHOZV2zvfEX1izr07TG8Tw10OWqP-L8i9TPaUK-BwS5A&sig=Cg0ArKJSzGgQWC4aY-U4EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9A35 550 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fff3010fbc3c82a6b92ce60b62c5ab57ab4f7e4f4fd01c5e110b10f7eca8d1dd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0703 449 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f78c2a4bbfba89f67dae03566dc6fbc0aebd79475acaaa388c43c82726e9e9d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9EDF 543 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0354ab78e5a1a6d9ef66130e46af0b4c4536ff35487e384be05f31fbe984302

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6D94 554 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23a1fa2f557b508cfe22be9ddfe6cbd4cc221531f4f2ee8dc21c543dca7755b4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F6F7 368 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53a776b62bd8d0faf06fa29d1717d4ffb654d83b5b818539ce7aef1d757415e6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0ECD 367 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 094fd7296a0775a3ddd3079616d603b4f601ecde486d62da4c0cbad0cf0926fa

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8056 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8387924f70a19c294873755cd9c208aa7c5b6f024b53ec1311442bdce641641

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H2 200 pixel;r=1892680598;rf=0;a=p-J_kXLtyWmukpz;url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group;uht=2;fpan=1;fpa=P0-544799660-17158149609...
pixel.quantserve.com/ 35 B
409 B 28ms
11ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=1892680598;rf=0;a=p-J_kXLtyWmukpz;url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group;uht=2;fpan=1;fpa=P0-544799660-1715814960946;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=crainsdetroit.com;dst=1;et=1715814961231;tzo=-120;ogl=site_name.Crain's%20Detroit%20Business%2Ctype.article%2Curl.https%3A%2F%2Fwww%252Ecrainsdetroit%252Ecom%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitco%2Ctitle.Flagstar%20paid%20%241M%20bitcoin%20ransom%20after%20cyberattack%20in%202021%252C%20court%20filings%20show%2Cimage.https%3A%2F%2Fs3-rd-prod%252Ecrainsdetroit%252Ecom%2Fstyles%2F1200x630%2Fs3%2F2JEN3RX%252Ejpg%2Cimage%3Aurl.https%3A%2F%2Fs3-rd-prod%252Ecrainsdetroit%252Ecom%2Fstyles%2F1200x630%2Fs3%2F2JEN3RX%252Ejpg%2Cupdated_time.2024-03-13T12%3A21%3A03-04%3A00;ses=74261428-20c8-4c8d-96f3-52d0dde4f92c;mdl=
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 0.7.34 Show response
bat.bing.com/p/insights/s/ 35 KB
15 KB 33ms
32ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.34

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/187044856

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

05196bbc70bbbb7e8b6775fd38c82a3eedff7ee9a81c2b330083f8086df45754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Wed, 15 May 2024 23:16:00 GMT
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
x-fd-int-roxy-purgeid: 51562430
content-length: 15075
last-modified: Tue, 14 May 2024 23:26:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E2135E77934A490E91F8DE21757B203D Ref B: FRAEDGE1707 Ref C: 2024-05-15T23:16:01Z
etag: W/"0x8DC746D4A452C46"
vary: Accept-Encoding
x-azure-ref: 20240515T231601Z-r1d4978dc9fn79rl4v0xa1tr4c00000000w000000000agd7
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 5c12ad8a-501e-0064-4b6a-a6df43000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 9A35 0
0 70ms
69ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuSzkZ0Qc4XqCZ0a7HbsfFwhVcw4juCwhBUEV9EPrb-p0Ie2VBbQDWTkHMdYHhwpVK26SeC09-A21CgQPZeirh9z4mnPm4CkH2rjs3EhLi9xU-tgpNeBcwTE4Jf30c5viCzITJgW7Ea9ahyd4KjvPUeVjon-sBC3z-lZgs9UuvIhicVQUsSn4KlFl1Ciw0igV3pj5ZiaTynNi9LyrgSOKEA1aArgt8lGb9SvVI68jT1wFAv46pWQcz8bpR8kTw-CyHom8uMcYuwAJSNu_7B9VTDqLx2aXbhRTAv78dfPWNtJGR5OEPcr1xj0sqFlh6OivNVuHPxDnHgayNnaN_s1V5SXl5GlvjW7wywfjoUIDFLwHm2pDDC49ZnPSxzNyJPsefo8wM1o5xMF2LGX9E&sig=Cg0ArKJSzKC_atYeLBVCEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A35 0
0 67ms
66ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tag.aspx Show response
ml314.com/ 33 KB
10 KB 15ms
15ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1642024
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b65f414221cf068135ffc1d6b5a814da1b1a363325b451698c52a4064303a5bb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 22:43:02 GMT
via: 1.1 google
content-encoding: br
age: 1979
x-guploader-uploadid: ABPtcPromTWb6AXu9bo9dmZEHd5XTt8A6JAdzx1lj3ho7_DC96oVH8L1fOrv-2gQBrwDrFPQD7c
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10611
last-modified: Tue, 07 May 2024 22:27:04 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1715120823907330
x-goog-hash: crc32c=10AurQ==, md5=zLoLKAsL6lcopoHLyCZEiw==
content-type: application/javascript
cache-id: AMS-5232d789
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 34184
accept-ranges: bytes

GET
H2 200 ii.js Show response
mb.moatads.com/ 134 B
234 B 27ms
27ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6720578578&callback=lineItemInfo6720578578Callback_36410599
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 9ada3f5171454831a3fc6d94452d9e6e48fa362970da337fecd6d19cc886fb62

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
server: istio-envoy
etag: "492fffbd9325fd446ec9a7ae9a9a14a0c7e40a2d"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 6
timing-allow-origin: *
content-length: 134

GET
H2 200 pixel.gif
px.moatads.com/ Frame 9A35 43 B
265 B 16ms
8ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&d=CRAINDFP1%3A104555044%3A415459684%3A-&de=873560528619&t=1715814961410&i=MOAT_FEATHER_DEBUG1&gw=craindfp44917164363&cm=10&f=0&bq=0&ar=9cc5b3e58a7-clean&iw=b7274d2&dMoatOQs=moatClientLevel1%3D5616644584%26moatClientLevel2%3D3545583520%26moatClientLevel3%3D6720578578%26moatClientLevel4%3D138475310326%26moatClientSlicer1%3D104555044%26moatClientSlicer2%3D415459684%26zMoatPS%3DLB_01%26zMoatMData%3D1%26zMoatMMV%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26zMoatMGV%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26zMoatMSafety%3Dunsafe%26zMoatSZ%3D1200x250%26refresh%3D1&fq=1&sy=1&gh=0&wb=0&g=0&na=1034805290&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 15ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1715814960334&de=854973045657&rx=281233913972&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=2&cb=1&cu=1715814960334&ll=2&lm=0&ln=0&em=0&en=0&d=5616644584%3A3545583520%3A6720578578%3A138475310326&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3378%3A3378%3A0%3A3805&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&fs=208210&na=1232304447&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0703 0
0 69ms
69ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstWFNfSqcXuQf1P3rfWy3evYwXj7EsKrb6jT8JTA-FMuiIQQZ3dTkfk-1QBozWZRXq1pXM1VNSE_gc-_ytOe10xWbRTt33iIvneBIw3NQy8XAm9eJNIDyF9_PMzxIxDKBNDyNa35gENdZeIDGoxd9zTtCnm9QE2n1tplaLHNbvbBzqx71wlrjp3u_ea1RrR_qhTd8aj1udNh-9Y-fHWXxCJONlynctkN2kRZLTSUI7qr8yw02VVrUvIzew_xs86kGqywbviWsDpBBat7opG3qAWSnAlC4Mpc1JLyLD92fLM9R6KGLpPaDR9OE7r96Dpdu444tmhMYMEYZIuoCzh2hQqhxxw1zazh4NuvPNR1mE2W6hsFf2n76VISjIVT1yC4UvgfNApLJPvUw&sig=Cg0ArKJSzMtyJLC30uRVEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0703 0
0 104ms
67ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ii.js Show response
mb.moatads.com/ 128 B
201 B 26ms
26ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6439686130&callback=lineItemInfo6439686130Callback_36410599
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 5b3552458f9cdc4e5d60435a5c9989f39a778c1f465b562912b173f779ba44ee

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
server: istio-envoy
etag: "3e3b6e8e3016cdf3f00c4e3bc8c8ddecf167c33a"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 6
timing-allow-origin: *
content-length: 128

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6D94 0
0 70ms
70ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstmN7oBMajjWBwGgoiNJkNdavE7QHIEOW_vI_Hr2NbVDIGu8fVgxemhiJtDSREvEaHegeBeuK0H80oloaYIvFiOrH7pA24CSnzP1L8efab2nFY8lJTr20wL75jUTyNyN2gmyOzEL8V56yzKt7FjRtaFshnZB33_djHRcXtpPx9VyKRrwGP0IbpNGk9CdpGgeIdGLTMJpZZaMge3WlMmIilDF_LGgciDXtZpI2b9T3VDfyhb3vp39v_TmH47QB0aIT3FprJ2IEkSvy7nKEMmDnLLKN5KixsStHzb4YfXKskAQYNVjPZIRNypincZmCttQxZVwfH5Asrz5QRvE3GbcAZi4GzKNXJ80UQUwoEufDDFjtkwVNUHTO7vg3lOXUOGY7Clz84bdgBwjw&sig=Cg0ArKJSzB_InqpJeKrOEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D94 0
0 141ms
66ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ii.js Show response
mb.moatads.com/ 43 B
116 B 27ms
27ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6266034181&callback=lineItemInfo6266034181Callback_36410599
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e6863d6b7459dab8b8b8127e5ed605f5d3a0bff80cab834c8d9dda655fad35ec

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
server: istio-envoy
etag: "e0a697960bb505eb5c94477642b57efc31d7285e"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 6
timing-allow-origin: *
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6F7 0
0 188ms
66ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0ECD 0
0 236ms
66ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 9EDF 0
0 70ms
70ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss1g-VYcGhfRfD8rE26poE0REfW2hxCYWy43AYsQQJReU2SjXNIsllxO_92JcajYubWWoxtbHiIFf18MszrYXxL-NQ-dPjE22yKv6szh7U1miqedvZSI50Fx30zTukybezz1vswk4-zrXigZQPZEmNA2KP7Wm_QilZj3XKlParGqVFZDb6157HYfEeNulgh5Zrqvru-PdbY5Wyi3lXfYt5B6s11CV-r_o7a_Jn_cDSqqOqmLG_oKjkV_CNQbrXy8A60bBEH8pYWvVgddYZ6WePHiytAISI1N0NI8Ns4E7tANDx3x01p2pgm9zzES2P9ivhfjBoYr6qFxJu9B5y809umhNQ3vLD9N0Ut8Pb1QRf1MIXD7I65nQ1rdgIh9aHwcz1aW5Bnnz2a-w&sig=Cg0ArKJSzIqiBs8H6XKsEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EDF 0
0 282ms
66ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ii.js Show response
mb.moatads.com/ 128 B
201 B 27ms
26ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6704818548&callback=lineItemInfo6704818548Callback_36410599
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: ec2a2637230aeb5c79647ed9f18cd84862f6f42524fc23d25afbe81897d2f122

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
server: istio-envoy
etag: "08f984ccb6e14bc9856a244d07aef8a4c5ced548"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 6
timing-allow-origin: *
content-length: 128

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 8056 0
0 69ms
69ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss0wwsOcHsfWVH2XYqcxFBF2_CY6kRveC8vnJRTJ4xoqlZk86KhGTcM9awELgYQigCrzOkjz6y-U3C0Au_8p8B2TkMR6gb9rbbsLuhqDcK49qqf23uNPFHdS3NRHBDRDlLcbX_dVmEGLV4FSCa53O3sFs1prFk7TdhpOavc58fSu5wJ6VNw4vzFcwDVS9MsAzsS4hO1WnE3O5lJkGKXNWX0Ack9d0fd03-nUuNGJ2hxPPKb9-OckM7RKs3FdnQYqRP18pp69c4XLeKGBcr0HxlF2bO2xKOoybH0-tnO4RUvTf8C2wSCq6QQyopiWV2rKgV1ETZjMRkC92BZjYiIF0GBf6o8cSM5Xy7VSl0B_728z2thQ1S51OMuKku8o5ZEsB7Gk2GyvB5mUQ&sig=Cg0ArKJSzDEC4QtjhxhmEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8056 0
0 319ms
66ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ii.js Show response
mb.moatads.com/ 128 B
202 B 29ms
29ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6708827759&callback=lineItemInfo6708827759Callback_36410599
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 588d19a0071ed949d421c042e59371358d8ad1a5eb10096c2cf3f6b9bc050db2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
server: istio-envoy
etag: "4ae10a7240aafd7b4ca10dbfc1217510ce6ed880"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 9
timing-allow-origin: *
content-length: 128

OPTIONS
H2 204 authorization
www.pelcro.com/api/v1/sdk/members/ip/ Frame 0
0 334ms
333ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8846d555fdcd3a7c-FRA
date: Wed, 15 May 2024 23:16:01 GMT
expires: Wed, 15 May 2024 23:16:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H/1.1 200
OK apple-pay-sdk.js Show response
applepay.cdn-apple.com/jsapi/v1/ 162 KB
49 KB 75ms
6ms Script
application/javascript 2a01:b740:a10:f100::210
APPLE-AUSTIN

General

Check archive.org

Show headers Download Go to

Full URL

https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a01:b740:a10:f100::210 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN, US),

Reverse DNS

Software

Apple /

Resource Hash

afd584eb5736dd0208473226960ee2d03ca960465d28b21bf9e3a610c70899e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date: Wed, 15 May 2024 10:21:59 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
content-encoding: gzip
Via: http/1.1 defra3-edge-lx-003.ts.apple.com (acdn/153.14426), http/1.1 defra3-edge-bx-026.ts.apple.com (acdn/153.14426)
Age: 46442
X-Cache: hit-fresh, hit-fresh
CDNUUID: 8e2a5274-fd98-426b-b955-8d33df5f9f74-14154046273
edge-control: cache-maxage=7d
x-envoy-upstream-service-time: 6
Connection: keep-alive
Content-Length: 48790
x-xss-protection: 1; mode=block
apple-tk: false
Server: Apple
apple-seq: 0
x-conversation-id: 42d7ca0d-9d1c-c8ff-a9b0-56d8e2a8d0d6
Etag: "836f40c1160e2cc053e0fd945a62cca3--gzip"
apple-originating-system: wp-content-server-prod1-use1
vary: Accept-Encoding
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401, stale-while-revalidate=86400
access-control-allow-credentials: false

GET
H2 404 authorization Show response
www.pelcro.com/api/v1/sdk/members/ip/ 76 B
171 B 352ms
352ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2057b29ca580da0aab4aa5c20f0cf9204c5e80025bbcaa343ecefbf0b0f420

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.17.0
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: no-cache, private
cf-ray: 8846d5581f0c3a7c-FRA

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.crainsdetroit.com%2F%2Fbanking-finance%2F-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&bq=11&g=0&h=250&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=112&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=854973045657&rx=281233913972&cu=1715814960334&m=1085&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=112&lb=4757&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3378%3A3378%3A0%3A3805&as=0&ag=131&an=0&gf=131&gg=0&ix=131&ic=131&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=131&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=262&cd=0&ah=262&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5616644584%3A3545583520%3A6720578578%3A138475310326&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=DOMSEARCH&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=208210&na=2136022602&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1715814960334&de=175030515154&rx=281233913972&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=3&cb=1&cu=1715814960334&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6439686130%3A138458624057&zMoatMMV_MAX=slotNoSlotData&zMoatPS=LB_02&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3378%3A3378%3A0%3A3805&tz=LB_02&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=50626372&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F6F7 0
0 70ms
70ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst86Lkoo894v6jnDCbWYuzPUb22FCo7B0L86VSW76CJM-nH0CgnGN34i-IFj0S29N-VGx4Bt5zP3e8AWsDWB1XCRT1Fh-rQNyXuPg3sqnJai_yf4OHNADtKr8F_G6AWyGpKrX1E8kUIAtBinO2rZF4QeFKqbL-AgfIk75o09y_xtYUg_w139Ze1ATTtMFsz4tCsWG-ltdFsBUPeuhb4nmwP7uOnTBZ5AzLIppYMulvVgTnF6tUvDfSp_0fVp9eCgbDOGPvS-IT-cXcbG_6wNl9TfH5g8i-Y1vfPsbpD0mdLafXiBU3IMdSszyQUc5xLM9SA26BmW_3wTXo8BgXzsp1GDZW_H5807hosQvlHi725vHek7_6r0KBl5n4cTz0ejjmY6herMXFBhw&sig=Cg0ArKJSzHJf_ULunJ5EEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0ECD 0
0 71ms
70ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvBYLz_eRk4BbgLMpUAGGvQNLrC8ADFuDfUkoogV8mTLzt-pmzW7nQu-27ey4tOiLslaBbHa2Tpn7l7Jv-AX6X2_I3NuAKDfnPgeWGHtxyQ_Y9QTjL6Ox0ASSqm_tJbc4HCpz3tWRwD5IDj1PawNyjr2vZnnig7rVm6mg4rkgL3PwWatEtH4KopkZqQc963YgRtNNm_ftsmjt-L68F8ORzivV7LUhmWMpV-9l7K3Ks9LWFKRTUjxzu1lU-xpZ8htVozvHkZGtCqHYn5UVpnBhlN0bg4uUHQIpWWCWB-ZjePi5gdGahI9Pim_BXvJidVusfLMU9Con31wknlru0oUVT5un70WrmMTiqfl2YRW3ftJuC3UcdnRs1yyMvtD1Os48rOumUUKFUk4Q&sig=Cg0ArKJSzDdn_WqcRyd7EAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16993375091110671538&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&bq=11&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=175030515154&rx=281233913972&cu=1715814960334&m=1110&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4757&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3378%3A3378%3A0%3A3805&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=28&cd=0&ah=28&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6439686130%3A138458624057&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=LB_02&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_02&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=1714970957&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1715814960334&de=775703190463&rx=281233913972&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=4&cb=1&cu=1715814960334&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6266034181%3A138463833524&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_02&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3378%3A3378%3A0%3A3805&tz=REC_02&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=1352444078&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 14ms
14ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F12242086710981126734&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&bq=11&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=775703190463&rx=281233913972&cu=1715814960334&m=1137&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4757&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3378%3A3378%3A0%3A3805&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=27&cd=0&ah=27&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6266034181%3A138463833524&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_02&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_02&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=681024188&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 0703 0
0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1715814960334&de=444726573884&rx=281233913972&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=5&cb=1&cu=1715814960334&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A418459684%3A6354644058%3A138441589527&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_03&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=1x1&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3378%3A3378%3A0%3A3805&tz=REC_03&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=38259880&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1715814960334&de=590870635693&rx=281233913972&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=6&cb=1&cu=1715814960334&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A418459684%3A6354644058%3A138442311334&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_04&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=1x1&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3378%3A3378%3A0%3A3805&tz=REC_04&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=236083312&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1715814960334&de=825118571079&rx=281233913972&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=7&cb=1&cu=1715814960334&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6704818548%3A138471847605&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3378%3A3378%3A0%3A3805&tz=REC_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=1130169731&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 9ms
9ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F6728796043336926069&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&bq=11&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=825118571079&rx=281233913972&cu=1715814960334&m=1197&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4757&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3378%3A3378%3A0%3A3805&as=0&ag=30&an=0&gf=30&gg=0&ix=30&ic=30&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=30&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=59&cd=0&ah=59&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6704818548%3A138471847605&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=112522086&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

POST
H2 204 x Show response
bat.bing.com/p/insights/c/ 0
213 B 127ms
127ms XHR
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/x

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/x-webinsights-gzip
Referer: https://www.crainsdetroit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 May 2024 23:16:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E7D73A422D92422DB050598ED5F7F96C Ref B: FRAEDGE1707 Ref C: 2024-05-15T23:16:01Z
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://www.crainsdetroit.com
access-control-allow-credentials: true
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1715814960334&de=894924497769&rx=281233913972&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=8&cb=1&cu=1715814960334&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6708827759%3A138472193612&zMoatMMV_MAX=slotNoSlotData&zMoatPS=LB_03&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3378%3A3378%3A0%3A3805&tz=LB_03&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=1028986209&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F8606077076610020647&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&bq=11&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=894924497769&rx=281233913972&cu=1715814960334&m=1225&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4757&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3378%3A3378%3A0%3A3805&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=29&cd=0&ah=29&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6708827759%3A138472193612&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=LB_03&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_03&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=1130784356&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F9033028528250262584&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&h=250&w=1200&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=112&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=854973045657&rx=281233913972&cu=1715814960334&m=1383&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=112&lb=4757&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3378%3A3378%3A0%3A3805&as=0&ag=313&an=131&gf=313&gg=131&ix=313&ic=313&ez=1&aj=1&pg=100&pf=100&ib=0&cc=0&bw=313&bx=131&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=444&cd=262&ah=444&am=262&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5616644584%3A3545583520%3A6720578578%3A138475310326&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=208210&na=1701946230&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
199 B 161ms
160ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.crainsdetroit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6D47B7644E54433D81BC43FDFF1A0605 Ref B: FRAEDGE1221 Ref C: 2024-05-15T23:16:01Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.crainsdetroit.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYYhk1NnvssUUZNP5CMNw==

GET
H2 200 ii.js Show response
mb.moatads.com/ 41 B
113 B 27ms
27ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=__page__&callback=lineItemInfo__page__Callback_36410599
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 33edb6ddf69db23d35677d895c8fef6e77b46f04d514fed6f1507f3be22c797c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
server: istio-envoy
etag: "ee910b77aa8ac3eb924c1e52afb0d31059315c99"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 6
timing-allow-origin: *
content-length: 41

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
8ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAIN_PREBID_HEADER1&hp=1&wf=1&ra=5&pxm=3&sgs=6&vb=10&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1715814960334&de=729097005681&rx=281233913972&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=9&cb=1&cu=1715814960334&ll=2&lm=0&ln=0&em=0&en=0&d=crainsdetroit.com%3AFlagstar%20paid%20%241M%20bitcoin%20ransom%20after%20cyberattack%20in%202021%2C%20court%20filings%20show%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3378%3A3378%3A0%3A3805&fs=208210&na=1201142798&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

GET
H2 200 nr-rum-1.260.0.min.js Show response
js-agent.newrelic.com/ 50 KB
18 KB 29ms
6ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum-1.260.0.min.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

00f201a5d775905421f60c5daf7875d305482d23e1441e31ece8052df4ca4318

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: PHhaUkNeXeJnjzOBWMAzC.1dTsiS0ABs
content-encoding: br
via: 1.1 varnish
date: Wed, 15 May 2024 23:16:01 GMT
strict-transport-security: max-age=300
x-amz-request-id: VYK78YWRDPFQM55J
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17438
x-amz-id-2: E6YDRu1IMdR4T2+lxZ+WNGcz3mvnFwwBb4/O0DlwXcetKFCP+fvFO8igfTFbljibVzEh2vMiqh0=
x-served-by: cache-fra-eddf8230027-FRA
last-modified: Mon, 13 May 2024 21:56:00 GMT
server: AmazonS3
etag: "4a84a8fcc768c33188c67998b4f61db6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 28374

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 51ms
51ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405090101&st=env

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

60da246155067363491b9cfaf434b9063f5f90558e769620f6c7437a6c513361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12291
x-xss-protection: 0

POST
H2 200 s12743282302324 Show response
crain.112.2o7.net/b/ss/craindetroit/1/JS-2.20.0/ 43 B
392 B 130ms
18ms XHR
image/gif 63.140.62.17
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://crain.112.2o7.net/b/ss/craindetroit/1/JS-2.20.0/s12743282302324

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crainsdetroit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 16 May 2024 23:16:01 GMT
server: jag
etag: 3684684573667524608-4618476046708721102
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.crainsdetroit.com
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 14 May 2024 23:16:01 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=3&sgs=6&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.crainsdetroit.com%2F%2Fbanking-finance%2F-&i=CRAIN_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1715814960334&de=729097005681&rx=281233913972&cu=1715814960334&m=1479&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3853&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A3378%3A3378%3A0%3A3805&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=crainsdetroit.com%3AFlagstar%20paid%20%241M%20bitcoin%20ransom%20after%20cyberattack%20in%202021%2C%20court%20filings%20show%3A__page__%3A-&gw=crainprebidheader782626518086&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=2099169192&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:01 GMT

GET
H2 200 Icon-40%402x.png
s3-rd-prod.crainsdetroit.com/ 550 B
844 B 22ms
21ms Other
image/webp 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-rd-prod.crainsdetroit.com/Icon-40%402x.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4908257d837a524d823ae0f7b92c981276f1b9670ef1696aa63fff4e44f39fea

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
cf-cache-status: HIT
x-amz-request-id: QYJPZD3X80ZFE0V7
age: 37
cf-polished: origFmt=png, origSize=719
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Icon-40%402x.webp"
content-length: 550
x-amz-id-2: /ChiULVHPww2lzy4v4St59gRqYOHDradPf2Et/Rlu+CCbBwQMILqegTXBwfO/ERLSdXJoDkJMus=
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Feb 2023 09:21:03 GMT
server: cloudflare
etag: "19a2aeb7e476cbf462ad0f81d378386e"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 8846d5579d095c50-FRA
expires: Thu, 16 May 2024 00:16:01 GMT

POST
H/1.1 200
OK 6e51ac8bf4 Show response
bam.nr-data.net/1/ 150 B
718 B 623ms
528ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/6e51ac8bf4?a=165752170&v=1.260.0&to=bwMEMhYCXUUCUBBbW1ZJJwUQClxYTHcWR0RZCjoICwdWaiBcCkZGVwoKAxY/fVkHVjJbUU8lCQgQEVxaD1YWHwpODwMR&rst=5172&ck=0&s=a90b50c5e50964d5&ref=https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group&ptid=eab3087759b1ac80&qt=5&ap=2648&be=3146&fe=1986&dc=694&at=Q0QHRF4YTks%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1715814956687,%22n%22:0,%22f%22:0,%22dn%22:22,%22dne%22:22,%22c%22:22,%22s%22:27,%22ce%22:44,%22rq%22:44,%22rp%22:3145,%22rpe%22:3232,%22di%22:3805,%22ds%22:3809,%22de%22:3840,%22dc%22:5123,%22l%22:5127,%22le%22:5131%7D,%22navigation%22:%7B%7D%7D
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b4e795f61489cd3ae77c4621ca909655b17d330af08bbb25f90a7f5c3273882

Request headers

Referer: https://www.crainsdetroit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type: text/plain

Response headers

Date: Wed, 15 May 2024 23:16:02 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.crainsdetroit.com
access-control-expose-headers: Date
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 8846d5583a6e3736-FRA
timing-allow-origin: https://www.crainsdetroit.com

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 May 2024 23:16:01 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7135 0
0 113ms
36ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
age: 46454
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 10:21:48 GMT
expires: Thu, 15 May 2025 10:21:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9A35 42 B
65 B 70ms
69ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrfzm0q7ckqUQXCPpEJUDwfw9VRDwTmFNWIuGidYaS8jXvluZC4HlwMU0642Qd64SOt2V0IEW7d76X9W2cDjSwa7wrkj-bJG13Im3nMOvpYLtWSmf_iSEOzhfeIQfW3xPWq3pKHC7KsnddS1J2ksigHEoa7qU47sIlAS3wknpZYkw&sig=Cg0ArKJSzBmsxmSvpXtaEAE&id=lidar2&mcvt=1000&p=112,200,362,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240515&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3408410643&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1174776100&rst=1715814961054&rpt=336&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:16:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=2&h=250&w=1200&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=854973045657&rx=281233913972&cu=1715814960334&m=2098&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3853&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3378%3A3378%3A5131%3A3805&as=1&ag=1148&an=313&gi=1&gf=1148&gg=313&ix=1148&ic=1148&ez=1&ck=1148&kw=1077&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1148&bx=313&ci=1148&jz=1077&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1077&cd=444&ah=1077&am=444&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5616644584%3A3545583520%3A6720578578%3A138475310326&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=208210&na=229359064&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:02 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=3&h=250&w=1200&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=854973045657&rx=281233913972&cu=1715814960334&m=2099&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3853&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3378%3A3378%3A5131%3A3805&as=1&ag=1148&an=1148&gi=1&gf=1148&gg=1148&ix=1148&ic=1148&ez=1&ck=1148&kw=1077&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1148&bx=1148&ci=1148&jz=1077&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1077&cd=1077&ah=1077&am=1077&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5616644584%3A3545583520%3A6720578578%3A138475310326&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=208210&na=225367270&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:02 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=4&h=250&w=1200&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=854973045657&rx=281233913972&cu=1715814960334&m=2099&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3853&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3378%3A3378%3A5131%3A3805&as=1&ag=1148&an=1148&gi=1&gf=1148&gg=1148&ix=1148&ic=1148&ez=1&ck=1148&kw=1077&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1148&bx=1148&ci=1148&jz=1077&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1077&cd=1077&ah=1077&am=1077&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5616644584%3A3545583520%3A6720578578%3A138475310326&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=208210&na=1759938117&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9EDF 42 B
65 B 70ms
70ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1lVIrdh38DbhNyO1jCqwXNMKDODGlts3PkiygPFcD5gqXITfExzQ9bKdxo61V3-6CAecBmBKjhNwN6HmCWUd0FEY9OPKdR6pWwmAI1NRFDRIXdjOaclEQt4WDxYTlNIcLB9WM_ufYRd8PbqNndWGj9Su_pin-x3dwqwoTUKzHOkk&sig=Cg0ArKJSzGXscqQlkvWlEAE&id=lidar2&mcvt=1000&p=564,1130,814,1430&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240515&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3974399175&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1174776100&rst=1715814961070&rpt=453&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:16:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
8ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=825118571079&rx=281233913972&cu=1715814960334&m=2302&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3853&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3378%3A3378%3A5131%3A3805&as=1&ag=1136&an=30&gi=1&gf=1136&gg=30&ix=1136&ic=1136&ez=1&ck=1136&kw=962&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1136&bx=30&ci=1136&jz=962&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=962&cd=59&ah=962&am=59&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6704818548%3A138471847605&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=406967874&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:02 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 11ms
11ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=825118571079&rx=281233913972&cu=1715814960334&m=2303&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3853&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3378%3A3378%3A5131%3A3805&as=1&ag=1136&an=1136&gi=1&gf=1136&gg=1136&ix=1136&ic=1136&ez=1&ck=1136&kw=962&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1136&bx=1136&ci=1136&jz=962&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=962&cd=962&ah=962&am=962&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6704818548%3A138471847605&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=957047833&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:02 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
8ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=825118571079&rx=281233913972&cu=1715814960334&m=2303&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3853&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3378%3A3378%3A5131%3A3805&as=1&ag=1136&an=1136&gi=1&gf=1136&gg=1136&ix=1136&ic=1136&ez=1&ck=1136&kw=962&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1136&bx=1136&ci=1136&jz=962&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=962&cd=962&ah=962&am=962&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6704818548%3A138471847605&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=1271782408&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:02 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

OPTIONS
H2 204 i
r.lr-ingest.com/ Frame 0
0 407ms
112ms Preflight 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.com/i?a=wlb5gx%2Fdrupal-sites&r=5-37cbc9da-e92d-4810-96f9-8214a975dfd1&t=8bbc8f8e-7767-4542-a579-75984fb590b3&s=0&rs=0%2Cu&u=eb89a0eb-fd9d-487c-b779-a9f6b1d1ab9e&is=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-logrocket-relay-version
Access-Control-Request-Method: POST
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Wed, 15 May 2024 23:16:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 i Show response
r.lr-ingest.com/ 28 KB
28 KB 1024ms
346ms XHR
application/json 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.com/i?a=wlb5gx%2Fdrupal-sites&r=5-37cbc9da-e92d-4810-96f9-8214a975dfd1&t=8bbc8f8e-7767-4542-a579-75984fb590b3&s=0&rs=0%2Cu&u=eb89a0eb-fd9d-487c-b779-a9f6b1d1ab9e&is=1

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/logger-1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

/ Express

Resource Hash

c618815c31cd6b002511e90a51af1c454ac7a8205414503773c09c0d5ca91146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
X-LogRocket-Relay-Version: 2023.12.0
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 23:16:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
etag: W/"6f7e-VYhQja/79aBTrWxa9C41VIBMrmY"
x-powered-by: Express
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
content-length: 28542

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/ 256 KB
56 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e02652bb3712b0d6c86d46b57605d17f3620592c070f87889855a180047079d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 14 May 2024 13:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57202
x-xss-protection: 0
last-modified: Tue, 07 May 2024 21:52:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 13:58:58 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/ 182 KB
56 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99fef3f878b819e7ed61ba40a1d4cb9aa10a115ce5861823f7d67f5623d4440c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 14 May 2024 14:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57145
x-xss-protection: 0
last-modified: Tue, 07 May 2024 21:52:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:23:08 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 9ms
8ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=5&h=250&w=1200&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=854973045657&rx=281233913972&cu=1715814960334&m=6132&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3853&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3378%3A3378%3A5131%3A3805&as=1&ag=5182&an=1148&gi=1&gf=5182&gg=1148&ix=5182&ic=5182&ez=1&ck=1148&kw=1077&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5182&bx=1148&ci=1148&jz=1077&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5111&cd=1077&ah=5111&am=1077&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=5616644584%3A3545583520%3A6720578578%3A138475310326&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=208210&na=446220237&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:06 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
8ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=6&h=250&w=1200&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=854973045657&rx=281233913972&cu=1715814960334&m=6336&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3853&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3378%3A3378%3A5131%3A3805&as=1&ag=5385&an=5182&gi=1&gf=5385&gg=5182&ix=5385&ic=5385&ez=1&ck=1148&kw=1077&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5385&bx=5182&ci=1148&jz=1077&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5313&cd=5111&ah=5313&am=5111&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=5616644584%3A3545583520%3A6720578578%3A138475310326&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=208210&na=1777918638&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:06 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 9ms
8ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=175030515154&rx=281233913972&cu=1715814960334&m=6337&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3853&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3378%3A3378%3A5131%3A3805&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5051&cd=28&ah=5051&am=28&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6439686130%3A138458624057&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=LB_02&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_02&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=49906676&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:06 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=775703190463&rx=281233913972&cu=1715814960334&m=6338&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3853&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3378%3A3378%3A5131%3A3805&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5023&cd=27&ah=5023&am=27&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6266034181%3A138463833524&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_02&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_02&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=50957946&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:06 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=825118571079&rx=281233913972&cu=1715814960334&m=6338&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3853&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3378%3A3378%3A5131%3A3805&as=1&ag=5170&an=1136&gi=1&gf=5170&gg=1136&ix=5170&ic=5170&ez=1&ck=1136&kw=962&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5170&bx=1136&ci=1136&jz=962&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4996&cd=962&ah=4996&am=962&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=211798204%3A2827089045%3A6704818548%3A138471847605&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=281829620&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:06 GMT

GET
H2 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ 176 B
676 B 15ms
15ms Script
text/javascript 18.173.187.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-121.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 May 2024 22:27:24 GMT
via: 1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 2988
x-amz-cf-pop: MUC50-P4
x-cache: Hit from cloudfront
content-length: 176
last-modified: Fri, 10 May 2024 20:57:18 GMT
server: Cloudfront
etag: "96f5b26d366f47393b3ff36fe7471474"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: RDSwZqrULcqYb9fAoPDw8DbzruPxqOlb22cd9f3cscimdotgyksPvg==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1715814960334&de=894924497769&rx=281233913972&cu=1715814960334&m=6540&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3853&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3378%3A3378%3A5131%3A3805&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5140&cd=29&ah=5140&am=29&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6708827759%3A138472193612&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=LB_03&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_03&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=534562864&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:06 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=3&sgs=6&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAIN_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpe4ezmDGVFlvBb7D8Ghe3ykd2dHJOEbC2DJpL%2Bk%2BaQ3%2FnH4WYJKro1D8fQ%3D&rs=1-nV%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-4Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=3853&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=3853&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1715814960334&de=729097005681&rx=281233913972&cu=1715814960334&m=6541&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A3378%3A3378%3A5131%3A3805&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5072&cd=0&ah=5072&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=crainsdetroit.com%3AFlagstar%20paid%20%241M%20bitcoin%20ransom%20after%20cyberattack%20in%202021%2C%20court%20filings%20show%3A__page__%3A-&gw=crainprebidheader782626518086&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=339810718&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 15 May 2024 23:16:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 15 May 2024 23:16:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiYqHcCnsKAdBsbVMGBUBDbmqzJ-ONZcrxJbY3oBlgYKE2HGScuZukvO68IUYh9QI02-R7-zTlxAfzPVzEyui5P1qESvCF8bi4IKUju3V-x6-eW52QcnUcJ8ozxtjjqNUryKZoLdvzNk6K1W0AeBItZBBt4Hf6lSXZCrR4WNlgWSw&sig=Cg0ArKJSzNDmMWboyDFJEAE&id=lidartos&mcvt=0&p=2047,376,2137,1104&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240515&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=3&adk=1903794186&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&co=1174776100&rst=1715814961063&rpt=373&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405090101&jk=468024550569019&bg=!Y2ClYC_NAAbZcyKb-XM7ADQBe5WfOPZrcEKie8POr1pq0cleTRaUafMwGpd_ROJLSgij14zCk03tcZqQbijZvGEpstcQAgAAAC9SAAAAA2gBB34ANGeaFTpP2v63RrkqBWrQJIL5rdkpV-4olbiC7GOHmvSFxRyCOlZLMtC3G4q4hOkrO1kXDrSZApDLZNeUVsGO_jDaKed9hWoIr9dsNfuNtBtEogia6rgK-uClqY0pCNh7W9BvehaPXtuIAOz7aNJHitckUT9vUzinirdBSY5JYtCEY32GUquL7y7R11SfJyFF3xvtdLvoldudB4WFI-Wg1yAABeWUHfSnV1s7wIo5jfuGV1AsIYASCSjtkIUpjj8t2MmW0Uh0736J5TQg9rXEZ-McmhiFgXkKgxE63MhnTuVD0uii18a6yguUDqBUq4cH7xfpv9wZIiaOOj0WBYYdilM7JpS5s6REakG2Ze3wd360uRfPZcUsTfqyw1gSnpr3LYywWGw2uOJReOIMDgcyI8pGzvSBWlXO0J4i2YBNjhAhjhGVfyRuMD4wW0g3FTphDFBQrFZ6HRCnr_Q2gjMreuKJy0fiNxZUGDOkr73uWUniNwNz_7fqGvdumkjCdNcIdz_PMoNkTIGHuogdVuuVJgyA6mX-nd1Ckz9strEGd22yU_q_IXj91it9cvwzgf4kByL0TD_Zdqn2K97wKp-YogiCR-26ctW5qvtWV3Ave_fZ-C1Ihx12HmT_gToWE7xjoDIwgpO45VQ7yOxWFbQ1omL5QcCHBVufreS6dwtEMz9T-mkLTc8btH7p8Ixd3n4DTg4nFMQ8p3PNbPzPmbqgSgKKU3EVelt732wNyt4NbAwNiA2EWsJ1DbEclnr4usL36MXr_5cZEEizajNB4nqd7k_VTkOCgR_o3vlw4Vp_yxfsgEmOWr924dKR_3SDdNuUJREX02GhWKhBKXdLOer-8Q5WrFJ8CCzq9Xa7q6aZzZf44_RETtLViT3BFmET147ogYXVl8JDe-GvxRX-Uv-9GhciMt2UwP3324sw-i8FM9JUwQiFragrTg

Verdicts & Comments Add Verdict or Comment

217 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.crainsdetroit.com/	1970-01-20 20:36:56	Name: __cf_bm Value: zRjgxAOCuA1itefU_bfpHS_8D1UAAP1OAtwGUQzMA0w-1715814959-1.0.1.1-oyvGhI0Q.m1zQ7cotYIkRQaWvg_Rtva47bAW_Wfainwq9N.7481WWeMF1XUg9yo_cQsNq_dL0Q.w5djrdeZe5w
.demdex.net/	1970-01-21 00:56:06	Name: demdex Value: 90996089907763788872174118661877102495
.crainsdetroit.com/	1969-12-31 23:59:59	Name: AMCVS_138FFF2554E6E7220A4C98C6%40AdobeOrg Value: 1
.crainsdetroit.com/	1970-01-21 06:12:54	Name: _ga Value: GA1.2.1945130533.1715814961
.crainsdetroit.com/	1970-01-20 20:38:21	Name: _gid Value: GA1.2.946488180.1715814961
.crainsdetroit.com/	1970-01-20 20:36:55	Name: _gat_gtag_UA_2717831_1 Value: 1
.crainsdetroit.com/	1969-12-31 23:59:59	Name: at_check Value: true
www.crainsdetroit.com/	1970-01-20 20:36:58	Name: sailthru_hid Value:
.crainsdetroit.com/	1970-01-20 22:46:30	Name: _gcl_au Value: 1.1.1623894768.1715814961
.dpm.demdex.net/	1970-01-21 00:56:06	Name: dpm Value: 90996089907763788872174118661877102495
.crainsdetroit.com/	1970-01-20 20:36:56	Name: TAsessionID Value: 394221de-a538-4bba-b98b-07e9a7c79b7e\|NEW
.crainsdetroit.com/	1970-01-21 06:12:54	Name: AMCV_138FFF2554E6E7220A4C98C6%40AdobeOrg Value: 179643557%7CMCIDTS%7C19859%7CMCMID%7C90986729182708693582170930195712069366%7CMCAAMLH-1716419760%7C6%7CMCAAMB-1716419760%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1715822160s%7CNONE%7CMCSYNCSOP%7C411-19866%7CvVersion%7C5.5.0
.crainsdetroit.com/	1970-01-21 06:05:42	Name: _cb Value: Dh1AmQBQq6tju8qtB
.crainsdetroit.com/	1970-01-21 06:05:42	Name: _chartbeat2 Value: .1715814960835.1715814960835.1.kprAxCnX454YmdeNEWmrlCLX22Y.1
.crainsdetroit.com/	1970-01-20 20:36:56	Name: _cb_svref Value: external
www.crainsdetroit.com/	1970-01-20 20:36:56	Name: sailthru_pageviews Value: 1
.t.co/	1970-01-21 06:12:54	Name: muc_ads Value: 63deac78-cc7d-4de5-8669-8e048af21b1c
.crainsdetroit.com/	1970-01-21 06:12:54	Name: mbox Value: session#b331117041cc40be968bb396fd47122e#1715816821\|PC#b331117041cc40be968bb396fd47122e.37_0#1779059761
.bing.com/	1970-01-21 05:58:30	Name: MUID Value: 3034DB955FA964FF0B80CF155EA9653B
.twitter.com/	1970-01-21 06:12:54	Name: personalization_id Value: "v1_lBuvYT7SDtolQx2lcDNvNA=="
.crainsdetroit.com/	1970-01-20 20:38:21	Name: Y3JhaW5zZGV0cm9pdC5jb20%3D-_lr_tabs_-wlb5gx%2Fdrupal-sites Value: {%22sessionID%22:0%2C%22recordingID%22:%225-37cbc9da-e92d-4810-96f9-8214a975dfd1%22%2C%22webViewID%22:null%2C%22lastActivity%22:1715814960940}
.crainsdetroit.com/	1970-01-20 20:38:21	Name: Y3JhaW5zZGV0cm9pdC5jb20%3D-_lr_hb_-wlb5gx%2Fdrupal-sites Value: {%22heartbeat%22:1715814960940}
.crainsdetroit.com/	1969-12-31 23:59:59	Name: Y3JhaW5zZGV0cm9pdC5jb20%3D-_lr_uf_-wlb5gx Value: decca758-3a91-4119-bbef-24bd94ed9651
.crainsdetroit.com/	1970-01-20 22:46:30	Name: _fbp Value: fb.1.1715814960992.876823167
.crainsdetroit.com/	1970-01-21 05:15:18	Name: pelcro.unique.id Value: Y2UzaTJqYXBidWx3OGZ4ZDJy
.crainsdetroit.com/	1970-01-21 00:56:06	Name: __eoi Value: ID=76ad15211c19cd5c:T=1715814960:RT=1715814960:S=AA-AfjbPxmTa-yc-BaTOJ_mSHhrD
.bat.bing.com/	1970-01-21 05:58:30	Name: MSPTC Value: AhPdLPwpWUirFJi6aUeuuBAFUdPpguMC2HGkgbe4JHI
.linkedin.com/	1970-01-20 22:46:30	Name: li_sugr Value: 02f26779-ce18-4623-8a07-41a6e1de9cd6
.linkedin.com/	1970-01-21 05:22:30	Name: bcookie Value: "v=2&50c2c4ee-474e-43d7-88d7-9b51dd0fb958"
.linkedin.com/	1970-01-20 20:38:21	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=3028:u=1:x=1:i=1715814961:t=1715901361:v=2:sig=AQGEc0Il1DlvxBGK1i7U9u07ld5O5xOq"
.crainsdetroit.com/	1970-01-21 05:22:30	Name: _hjSessionUser_1906609 Value: eyJpZCI6ImUwOWRhZTI1LTBkZDItNTIxNy05NDI0LWE1MDdmNjcxYWVhYiIsImNyZWF0ZWQiOjE3MTU4MTQ5NjEyMjIsImV4aXN0aW5nIjpmYWxzZX0=
.crainsdetroit.com/	1970-01-20 20:36:56	Name: _hjSession_1906609 Value: eyJpZCI6IjlkOWJkYThjLTY5ZTMtNDI3NC05ZjA2LTJmYzhiMDY3MTIxZCIsImMiOjE3MTU4MTQ5NjEyMjMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.linkedin.com/	1970-01-20 21:20:06	Name: UserMatchHistory Value: AQLFuOaRx3YgPQAAAY9-ipA9EtBBmRRdNmgekrRG72yKeWmLxpQur0aBT_FnEdOuNlUJOOCYyZ8OxQ
.linkedin.com/	1970-01-20 21:20:06	Name: AnalyticsSyncHistory Value: AQKOBOCczsVs2gAAAY9-ipA9kKMthVvBWg19XyK5IjYA9AS5jeeQxdd9_uT7Wmkmei5fBPBY2XZL-H0VcETv5g
m.stripe.com/	1970-01-21 06:12:54	Name: m Value: 7470adae-afe4-4a44-90cb-04829692332516f46a
.crainsdetroit.com/	1970-01-21 06:01:23	Name: __qca Value: P0-544799660-1715814960946
.www.linkedin.com/	1970-01-21 05:22:30	Name: bscookie Value: "v=1&202405152316019730cfe1-942a-4a6a-84a8-bafa9a6e12a4AQFRsLfbMA_NwMbC-nt1UgWUoB3L1t6f"
.linkedin.com/	1970-01-21 00:56:06	Name: li_gc Value: MTswOzE3MTU4MTQ5NjE7MjswMjHnsU26P1fnozdGnFbHhvDDSRYAM0bOFp2k/VLUMaNAiA==
.www.crainsdetroit.com/	1970-01-21 05:22:30	Name: __stripe_mid Value: 448f52bd-f1c1-4222-9436-5a12d1547160026ce3
.www.crainsdetroit.com/	1970-01-20 20:36:56	Name: __stripe_sid Value: a9575bb7-1796-4be9-aa43-f7aa5409c98a78eff1
.crainsdetroit.com/	1970-01-20 20:36:55	Name: cciFirstTouch Value: %7B%7D
.crainsdetroit.com/	1970-01-20 20:38:21	Name: _uetsid Value: 17ecb860131111efb8fe115b929a7ce4\|1xkymjr\|2\|fls\|0\|1596
www.crainsdetroit.com/	1970-01-21 05:22:30	Name: sailthru_content Value: c2ecf56f67a9c657c65c9e9b3f18f673
www.crainsdetroit.com/	1970-01-21 05:22:30	Name: sailthru_visitor Value: 78d8ef20-605e-414e-a3a1-784555eb7414
.crainsdetroit.com/	1970-01-20 20:36:56	Name: s_depth Value: 1
.crainsdetroit.com/	1970-01-20 20:36:56	Name: s_ppn Value: banking%20%26%20finance%3ABanking%20%26%20Finance%3A895766_flagstar%20paid%20%241m%20bitcoin%20ransom%20after%20cyberattack%20in%202021%2C%20court%20filings%20show
.crainsdetroit.com/	1970-01-20 21:20:06	Name: s_nr Value: 1715814961834-New
.crainsdetroit.com/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D
.crainsdetroit.com/	1969-12-31 23:59:59	Name: s_ppv Value: banking%2520%2526%2520finance%253ABanking%2520%2526%2520Finance%253A895766_flagstar%2520paid%2520%25241m%2520bitcoin%2520ransom%2520after%2520cyberattack%2520in%25202021%252C%2520court%2520filings%2520show%2C31%2C31%2C1200%2C1600%2C1200%2C1200%2C1600%2C1%2CP
www.crainsdetroit.com/	1969-12-31 23:59:59	Name: chkcookie Value: 1715814961838
.crainsdetroit.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.crainsdetroit.com/	1970-01-21 05:58:30	Name: _uetvid Value: 17ecd500131111ef99d3b13cfb9816bb\|19gbazr\|1715814961895\|1\|1\|bat.bing.com/p/insights/c/x

53 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pubcast-files.remixd.com/player-configs/crainsdetroit.com Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/637988649571323?v=2.9.156&r=stable&domain=www.crainsdetroit.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
ak.sail-horizon.com
analytics.twitter.com
api.btloader.com
api.sail-personalize.com
applepay.cdn-apple.com
applets.ebxcdn.com
assets.adobedtm.com
bam.nr-data.net
bat.bing.com
btloader.com
cb5c1cc561473d5027199696b4de8a69.safeframe.googlesyndication.com
cdn.lr-ingest.com
cdn.lr-intake.com
cdnjs.cloudflare.com
cm.everesttech.net
connect.facebook.net
consent.trustarc.com
crain-com.videoplayerhub.com
crain-global.s3.amazonaws.com
crain.112.2o7.net
craommunications.demdex.net
craommunications.tt.omtrdc.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
js-tag.zemanta.com
js.pelcro.com
js.stripe.com
mab.chartbeat.com
maps.googleapis.com
mb.moatads.com
ml314.com
p1.zemanta.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
pubcast-files.remixd.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
r.lr-ingest.com
rules.quantcount.com
s3-rd-prod.crainsdetroit.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.chartbeat.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tags.remixd.com
tpc.googlesyndication.com
vi.ml314.com
www.crainsdetroit.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.pelcro.com
z.moatads.com
pagead2.googlesyndication.com
104.198.23.205
104.244.42.197
104.244.42.3
108.138.36.25
13.107.42.14
130.211.23.194
141.147.81.223
142.250.185.134
142.250.185.162
146.75.120.157
162.247.241.14
172.217.23.106
172.67.135.7
172.67.153.27
172.67.212.172
176.34.167.98
18.173.187.121
18.173.187.18
18.173.187.9
18.66.192.39
184.30.17.133
216.58.206.66
2600:9000:20ae:9600:6:44e3:f8c0:93a1
2600:9000:237d:a800:18:1fcd:353:c61
2600:9000:26da:c000:c:b42a:3740:93a1
2602:816:5001::39
2606:4700:10::ac43:1a0b
2606:4700:10::ac43:247d
2606:4700:10::ac43:293c
2606:4700:20::681a:246
2606:4700:20::ac43:4acf
2606:4700::6811:180e
2606:4700::6812:b83b
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2620:1ec:c11::237
2a00:1450:4001:800::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2008
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9b
2a01:b740:a10:f100::210
2a02:26f0:3500:16::215:148d
2a02:26f0:3500:591::1e80
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::714
3.94.219.251
34.117.77.79
35.190.38.143
35.201.104.135
52.17.32.208
52.18.190.199
52.216.212.169
54.230.228.19
54.230.228.64
63.140.62.17
66.235.152.221
99.83.154.140
00f201a5d775905421f60c5daf7875d305482d23e1441e31ece8052df4ca4318
045195637bee3150d8ab91964b576be80df50bf4c3a802f8b4ec25b44e2acf73
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
05196bbc70bbbb7e8b6775fd38c82a3eedff7ee9a81c2b330083f8086df45754
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
08142330655deb1526dcc56795c92eb5c13012f75b599d5ac68db4027953ed80
094fd7296a0775a3ddd3079616d603b4f601ecde486d62da4c0cbad0cf0926fa
0c9367da8b34432f76a9ff9f347fc20129239f9a6b137bed9a830d02f501e89e
11990d6189d8e7f5e3c792c96be70170c9c4ee1f3b519531f6553e0a3ed2c8cf
15a059b15cfcce2325b0d0c6576dd6333c2e0653275d6127ed63d25237b74c44
192574e33506cbc2db0a4a31e24e7a72abe1bd1fc08f10da2e1e0d789bbed5fe
1967f7b46e886fe2dd0f04fd852977909d1b5e791c8ef9313fcc785a11b93789
1d8fb7264da35f0a328c76bea44722c24c4a12e7de9b690a2180b5f57e868f53
1fcef0716825e85fb5a12018e61d82ba24f358254c0f6ed5cb1bae3d3a920904
2020a2a94f0b774c5669a8eba3631abcc3f10b472f1b87493f73f33b814073c1
20528b0c66b4a3b314cc2e34b11bac6d61dfddbdfa6bc8e987386c86e6a795c6
238d782920cae4324f75bd1e586d04eb7a5ea34c49783180ee7b8696171dea2c
23a1fa2f557b508cfe22be9ddfe6cbd4cc221531f4f2ee8dc21c543dca7755b4
24d22182057e5ee1c7137845d0c1470b86fcef9cd9b649600d837732d383f7b9
24fcce4d063676374643817ec12847f4e45921ec95d36643dc825c361dcc9241
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2658d58658e760341eb4e0233a076241d20647c97b71e1b64c57c3ca263578bd
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2b4f22f30d39cb4bcedecf40d500aa953c8d891970f73e0b9b61d97c4666330b
2fae556231decb8446d729db5390e492c09ce4f9a08795528990465279b78c4b
30615aca981aaafc631ef2d7dedea85a410523bcc83eaa1aee916af801f9e637
30cc81680ac73a0ed5dd4570067c32dc4867a4879e3003e695a672315d3f1a24
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33edb6ddf69db23d35677d895c8fef6e77b46f04d514fed6f1507f3be22c797c
34bf08ff219b36887d4a53ab9eedf7858aff5d0d624d1ae67e475f90fe6771be
37fb6bb21fcf6ae372979763f11326982bb8d814afe0ca050da2ec9913b642ca
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d107b341b2356549974efad9aa65c0d321c5627a0e9bc8681223e8f69688d80
42a5cf957cd4ef3d5f7dc4e73b6692f8bb589113a49986f4c68b8fdb64d8a330
4383cc8b466bdf744829575deab522bdfc31c79ae445c00f3e67decc7ad003e0
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4753efaa55ec4381d4b4b320f2cec85ebce4577de533e6e24553b4fe34204022
476f3ea93ecf3d5a3d04f9ec7264d9be07c55792cae459e1e056d668fbe0eb1c
487bcaab8332911b0f473f9ab02c4fe8a85aa61d66b6290e0526640d026374e5
4908257d837a524d823ae0f7b92c981276f1b9670ef1696aa63fff4e44f39fea
4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
53a776b62bd8d0faf06fa29d1717d4ffb654d83b5b818539ce7aef1d757415e6
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
588d19a0071ed949d421c042e59371358d8ad1a5eb10096c2cf3f6b9bc050db2
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5b3552458f9cdc4e5d60435a5c9989f39a778c1f465b562912b173f779ba44ee
5b4e795f61489cd3ae77c4621ca909655b17d330af08bbb25f90a7f5c3273882
5d92dc4ef46f39dae0b2908c18f8f0623acfd88bc861da9378e7d2393f092228
5ed3d39d00e835daf933dbafe0f5ce1c35458f1521ddda0f32f000d03a94c1e5
5eeb76abbd17b81bc8a7f6722be1f0b980897bce2c1fe38bbe9f126573486d25
60da246155067363491b9cfaf434b9063f5f90558e769620f6c7437a6c513361
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638297b75f75befe7efeb3ab8ef5f20d99e7f32919f68053ead445e50c903e73
63aae67d48458f330d11bac26bf2fc81512d26d4186cdb01f82021be2a0b2ab4
694d8d308661f0a9835c8ba2c50f848dd8effa27fbea6938d0bbd95b9f9ee571
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e02652bb3712b0d6c86d46b57605d17f3620592c070f87889855a180047079d
6faf580cb3fb929803e68c4465bd15ef97cb20a380885651f812748f2bf9d187
703c6538c7c240f05fa39933fe7625588a50071d6d402250da0075de638c7b81
7429f8084c66cf882a7e96a4afcf207df7c77483f13a91ec7333887392dc346a
759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0
7a14a0fe551572acdc43f34050492d8bd9ffb0e9e312532308fed7b8322c2903
7ad6da96f121321c0902f93c186674d9ce01d6e3b667a829edbb31f65c3c4c36
7ba5484f689481b134a0ddf78b337af0f276a33c1c4019f9d088aa6b96f2b7de
7f78c2a4bbfba89f67dae03566dc6fbc0aebd79475acaaa388c43c82726e9e9d
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8458e4b4a54eacfd1b843411542fb3c450c0b9cf9552297bfca73fc718a258ae
879f8ac93353fa4011fb96c803114599fccc3bdf068c906fc2ea35b9e9715d79
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
89b5e22c462b7d9f98ab74024d0f7f7529da933523a000eb09909be467f627fe
8deb1058867ce83b69dd02f1a0097b5c5cfd87b691d6fac57f6d1daa0462a2f4
8f953eb12e08ffeaab8f9a2488e2673e7ffa15f386bfb8716b1b238e1d02cc4a
914b98c4be37d22289a09667dc5083f7c625d972fea66a049d73decad7f1df72
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5
9430dec7e210f490107db19e3148ff1097eff0f37644af1dd20c34b22ea4c73c
943774ccbe059f33febb00266e70a86205e6c7433cfa990d191c91b47366b958
95259d6c5ec410f47cc15f6a090eca13b8f2ec6c6982e164cd68d79a3815d45c
959b3c1d0d322ea5743b0063dc6184bc441915e21b8136e7bceb60675fe2e74a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99fef3f878b819e7ed61ba40a1d4cb9aa10a115ce5861823f7d67f5623d4440c
9ada3f5171454831a3fc6d94452d9e6e48fa362970da337fecd6d19cc886fb62
9b808853d35cf8a40cf369902b30c2af931b6889b6c446264fc21c19597d8f54
9bfb1167b9643c68d51ade6ed315ca37cb8956bca91e8b8ced28cc30adc02909
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
9e080100886650be66d2cc041b214ba03fc2f447efa5e242137cbabf378b9008
a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a46d9c08c19d90ef03528d806747cb80ac15a7736fe13b82dd49b0e47647369d
a52bf805948390e3ecf0ee9bf232f1563a9d8cae24a20152845730f355adedbb
a926196a97d8e400c8c714bcc663de7e30e226928ed7432e3c8f03ba9183eab3
aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47
ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acef1ebe8455cfe80152dd9a7319a75cae6ad0480bb17b84a5efa6964ba3a0a1
afd584eb5736dd0208473226960ee2d03ca960465d28b21bf9e3a610c70899e5
b022a884114de14db9cefdd4d2554c1f281ae12820f33976f3c7e768f7998fbc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b45415d678d249e376453af500ab106737d4283a997226ad5eb08b2c1086c6ca
b4910ab351d6b75afc3397714f5d0ede5809dfd642fbc43ef390e44519c2b4d6
b65f414221cf068135ffc1d6b5a814da1b1a363325b451698c52a4064303a5bb
c03d980fed6f86344148c1d33e311ffe17b84985ec47519e62556e3dd82d8f7f
c1f155fac3ce471021288818fc595041ad963a62b08ffeb008b6cd7adca8d092
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c46c65b6b4db310f702c3914b25c7f2bd762421ab6761c5c3207519261d40c4a
c618815c31cd6b002511e90a51af1c454ac7a8205414503773c09c0d5ca91146
c6e1bca811af848f4ad930170f9bc77edcd142fc90badc0218cd8c6dc57f36ed
c72f7117f8074a4938b64c241b62929ce19615e9766d4a8c6cff8608735e5fe8
ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd5fe094625575f4bf03499179c180ebac5f74c9c768d6a1bba4db53326e655d
cf096f08bf59a3372d0bfbfb24279d66a3f147fee24cd8322539b7195d0bcd6a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0354ab78e5a1a6d9ef66130e46af0b4c4536ff35487e384be05f31fbe984302
d5897e8e09a85f610e1afffe64f8838900def6ecd2296dccbd2cf006de83c17d
d598b11113ca13e57538e85b580e0135467c25fbbf1f60f248dcadac20e86fad
d8387924f70a19c294873755cd9c208aa7c5b6f024b53ec1311442bdce641641
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d986b35a59fa7cdf953a4b6e5ad899b3d9ebfed1501c01a385f67c22e3690a0a
d9d3a057c8548067a9019fbdd104c53ef1345757324c4a54b26d0cfa1f292c85
dae5a3ffdf61ef697dd51222fb11e5ecc41bed4182187d720a1828498035caef
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0c72f4dff7cebbfb793dee88030ddb9dc7441dc9b5acf793a3de9d6a6fd6a06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6863d6b7459dab8b8b8127e5ed605f5d3a0bff80cab834c8d9dda655fad35ec
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ec2a2637230aeb5c79647ed9f18cd84862f6f42524fc23d25afbe81897d2f122
ee2057b29ca580da0aab4aa5c20f0cf9204c5e80025bbcaa343ecefbf0b0f420
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f71e3754154b06bda5f80fdddff84b372f789451c2400e0d8b020172dfe57e77
fb947a7f8ed92bb31038d96a8e36f2f844bb8c8c925ea96183a0d647748cd5c9
fff3010fbc3c82a6b92ce60b62c5ab57ab4f7e4f4fd01c5e110b10f7eca8d1dd

www.crainsdetroit.com Open in urlscan Pro 2606:4700::6812:b83b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

233 Requests

97 %HTTPS

45 %IPv6

45 Domains

65 Subdomains

61 IPs

5 Countries

3832 kBTransfer

15598 kBSize

52 Cookies

11 Outgoing links

Redirected requests

233 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.crainsdetroit.com Open in urlscan Pro
2606:4700::6812:b83b Public Scan

Screenshot
Live screenshot

Full Image

233
Requests

97 %
HTTPS

45 %
IPv6

45
Domains

65
Subdomains

61
IPs

5
Countries

3832 kB
Transfer

15598 kB
Size

52
Cookies

233 HTTP transactions
8 data transactions