urlscan.io logo urlscan.io
SecurityTrails logo

plus.npr.org Open in urlscan Pro
151.101.2.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://plus.npr.org/
Effective URL: https://plus.npr.org/
Submission: On May 31 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 21 domains to perform 67 HTTP transactions. The main IP is 151.101.2.133, located in United States and belongs to FASTLY, US. The main domain is plus.npr.org.
TLS certificate: Issued by R3 on May 19th 2023. Valid for: 3 months.
This is the only time plus.npr.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
plus.npr.org
24    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
plus.npr.org
5    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
media.supportingcast.fm
1    2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    52.216.177.133 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
4    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:c00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    44.241.154.210 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-154-210.us-west-2.compute.amazonaws.com
api.amplitude.com
2    2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.piano.io
c2.piano.io
2    216.35.221.71 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
api.npr.org
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm
2    2a02:26f0:6c00:1a1::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
2    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-adaptive-growth.cloudfunctions.net
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fi
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
Apex Domain
Subdomains		 Transfer
27 npr.org
plus.npr.org
api.npr.org — Cisco Umbrella Rank: 23738
822 KB
5 supportingcast.fm
media.supportingcast.fm
1 MB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
276 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 343
14 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
216 B
2 google.fi
www.google.fi — Cisco Umbrella Rank: 33970
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
googleads.g.doubleclick.net Failed
394 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 157
115 KB
2 cloudfunctions.net
us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2425
2 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 4807
40 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
2 piano.io
cdn.piano.io — Cisco Umbrella Rank: 20686
c2.piano.io — Cisco Umbrella Rank: 4941
102 KB
2 amplitude.com
api.amplitude.com — Cisco Umbrella Rank: 1464
205 B
1 tinypass.com
buy.tinypass.com — Cisco Umbrella Rank: 6023
421 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
408 B
1 pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 2348
6 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1443
681 B
1 amazonaws.com
s3.amazonaws.com
127 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 868
12 KB
0 clarity.ms Failed
www.clarity.ms Failed
0 tiktok.com Failed
analytics.tiktok.com Failed
67 21
Domain Requested by
25 plus.npr.org 1 redirects plus.npr.org
5 media.supportingcast.fm plus.npr.org
4 www.googletagmanager.com plus.npr.org
www.googletagmanager.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
plus.npr.org
2 www.facebook.com plus.npr.org
2 www.google.fi plus.npr.org
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net plus.npr.org
connect.facebook.net
2 us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm
2 cdn.cxense.com cdn.piano.io
cdn.cxense.com
2 www.google-analytics.com www.googletagmanager.com
plus.npr.org
2 api.npr.org plus.npr.org
2 api.amplitude.com media.supportingcast.fm
1 buy.tinypass.com cdn.piano.io
1 www.google.com plus.npr.org
1 c2.piano.io cdn.piano.io
1 cdn.pdst.fm plus.npr.org
1 cdn.piano.io plus.npr.org
1 polyfill.io media.supportingcast.fm
1 s3.amazonaws.com plus.npr.org
1 use.fontawesome.com plus.npr.org
0 www.clarity.ms Failed bat.bing.com
0 googleads.g.doubleclick.net Failed www.googletagmanager.com
0 analytics.tiktok.com Failed plus.npr.org
67 24

This site contains links to these domains. Also see Links.

Domain
www.npr.org
npr.formstack.com
help.npr.org
text.npr.org
www.supportingcast.fm
Subject Issuer Validity Valid
plus.npr.org
R3		 2023-05-19 -
2023-08-17		 3 months crt.sh
*.supportingcast.fm
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-28 -
2023-11-29		 a year crt.sh
use.fontawesome.com
GTS CA 1P5		 2023-05-06 -
2023-08-04		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2023-12-20		 8 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2023-01-23 -
2024-02-14		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
*.npr.org
Thawte RSA CA 2018		 2023-01-09 -
2024-02-02		 a year crt.sh
cdn.pdst.fm
GTS CA 1D4		 2023-05-27 -
2023-08-25		 3 months crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-13		 a year crt.sh
misc.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-09 -
2023-06-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google.fi
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-12 -
2023-09-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://plus.npr.org/
Frame ID: A6F0D67A859EC863F8DF30CF617BCCB6
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NPR Plus | Membership

Page URL History Show full URLs

  1. http://plus.npr.org/ HTTP 301
    https://plus.npr.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

67
Requests

93 %
HTTPS

67 %
IPv6

21
Domains

24
Subdomains

21
IPs

3
Countries

2772 kB
Transfer

4030 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://plus.npr.org/ HTTP 301
    https://plus.npr.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
plus.npr.org/
Redirect Chain
  • http://plus.npr.org/
  • https://plus.npr.org/
37 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2243bb9603448bf2afec4a22fbe21f7951daf2abc080207743c62aab7da3ad59
Security Headers
Name Value
Content-Security-Policy default-src 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com data:;form-action *.supportingcast.fm plus.npr.org docs.google.com connect.stripe.com *.supportingcast.fm;img-src * data:;media-src * data:;connect-src 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;style-src 'unsafe-inline' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;frame-src docs.google.com *.stripe.com www.google.com cdn.cxense.com;frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, private
content-encoding
gzip
content-security-policy
default-src 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com data:;form-action *.supportingcast.fm plus.npr.org docs.google.com connect.stripe.com *.supportingcast.fm;img-src * data:;media-src * data:;connect-src 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;style-src 'unsafe-inline' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;frame-src docs.google.com *.stripe.com www.google.com cdn.cxense.com;frame-ancestors 'none';
content-type
text/html; charset=UTF-8
cr-x-cache
MISS
date
Wed, 31 May 2023 01:18:22 GMT
feature-policy
geolocation 'self' https://js.stripe.com https://www.googletagmanager.com https://amplitude.com https://profile-api.amplitude.com; payment 'self' https://js.stripe.com
permissions-policy
camera=(), display-capture=(self), fullscreen=(self), geolocation=(), microphone=(), web-share=()
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-iad-kiad7000071-IAD, cache-fra-eddf8230085-FRA
x-timer
S1685495901.286205,VS0,VE901
x-xss-protection
1; mode=block

Redirect headers

Accept-Ranges
bytes
CR-X-Cache
HIT
Connection
close
Content-Length
0
Date
Wed, 31 May 2023 01:18:21 GMT
Location
https://plus.npr.org/
Retry-After
0
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
0
X-Served-By
cache-fra-eddf8230109-FRA
X-Timer
S1685495901.106420,VS0,VE0
app.css
media.supportingcast.fm/css/ 		157 KB
157 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.supportingcast.fm/css/app.css?d=1685159335
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
766b4d697256f585a498b337c32930707c9df4f2e3ec9eea02dd60a87285d102

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230088-FRA
date
Wed, 31 May 2023 01:18:22 GMT
via
1.1 varnish
cr-x-cache
HIT
last-modified
Sat, 27 May 2023 03:38:17 GMT
age
549
x-timer
S1685495902.387955,VS0,VE1
etag
"62917f17d02369be8eb46afecdc9cdf1"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/css
accept-ranges
bytes
content-length
160674
x-cache-hits
1
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer
https://plus.npr.org/
Origin
https://plus.npr.org
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:18:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HP9EHTSB1SFF1MTY
age
375364
alt-svc
h3=":443"; ma=86400
x-amz-id-2
BHWj8oeGhiD49MCO4TimnKPkdpOpEGRvtqRUAqA+zcxzK6blahDvnH/Lglz/3fB8ua/Mu7S40No=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxtiYUWcqOlkBdab3GdRgPIBGq906jyqr18qGIBJTfgaVlXPDHoaDJkJ7CLyDAzO2qX5WaJD2XEqB6Brv87Qa%2Fm7HOb2zqONQwbBPu%2FVDfKPAP3YoXIT5ITCwGS%2F3pPsYdBOJVfhc4018OrJhgj547Kh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7cfb61ed9c2c0a20-ARN
supportingcast_sdk.js
media.supportingcast.fm/js/ 		97 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.supportingcast.fm/js/supportingcast_sdk.js?d=1685159335
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f9a41c03171e54f4a360fff5dcff90e0b1c8a9c56f02bd435a87da3699dbedc9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230088-FRA
date
Wed, 31 May 2023 01:18:22 GMT
via
1.1 varnish
cr-x-cache
HIT
last-modified
Sat, 27 May 2023 03:38:19 GMT
age
548
x-timer
S1685495902.387930,VS0,VE1
etag
"f459ae01f3474c5e9ab918f665ba5574"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
content-length
99629
x-cache-hits
1
d68cd88d-6559-43e2-8f55-a457d0a48875.png
media.supportingcast.fm/content/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.supportingcast.fm/content/d68cd88d-6559-43e2-8f55-a457d0a48875.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21cc8dcc72ed316a038fc267308fbb3b75581600876f59019e05afdae6d14c15

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230088-FRA
date
Wed, 31 May 2023 01:18:22 GMT
via
1.1 varnish
cr-x-cache
HIT
last-modified
Fri, 02 Apr 2021 16:02:28 GMT
age
33400
x-timer
S1685495903.746206,VS0,VE1
etag
"769264ebe3759a25e73721d164a8e0e1"
x-cache
HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
14649
x-cache-hits
1
04a2ae60-ef24-42fa-b111-dd300c45ecf0.jpeg
s3.amazonaws.com/media.supportingcast.fm/content/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/media.supportingcast.fm/content/04a2ae60-ef24-42fa-b111-dd300c45ecf0.jpeg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.177.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
06dd4182eba8ec8d27a11a9854cf50a92e743c09f4524fd8b0fa8d2214a8680d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 31 May 2023 01:18:24 GMT
x-amz-version-id
null
Last-Modified
Tue, 01 Nov 2022 13:33:12 GMT
Server
AmazonS3
x-amz-request-id
6EYPFMZXVYBTE8WB
ETag
"1e350492e9994070ea48ab1b0be916cd"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
x-amz-meta-surrogate-control
max-age=31557600
x-amz-meta-surrogate-key
n232
Accept-Ranges
bytes
Content-Length
130002
x-amz-id-2
i9f2SUI+RfdPMNxasREewJtYDoCA2FlOXI1EfKIOQX/zPQDFJHR94udq/qCPpYP45yW8pHGtUdI=
apple_podcasts.png
plus.npr.org/images/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/logos/apple_podcasts.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bbef37ff761dac2a1fa9959b29ce5f890c8822e487a18c65dbcdc1a6a7414ff4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
1266499
x-cache
HIT, HIT
content-length
4768
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200158-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Apr 2023 17:05:44 GMT
x-timer
S1685495903.746086,VS0,VE1
etag
"643ecde8-12a0"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-cache-hits
1322, 1
spotify.png
plus.npr.org/images/logos/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/logos/spotify.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7417fb9ac2bcfe34cef46801b9531caee261d3b9ffc799e110a86a36cd89adf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
644614
x-cache
HIT, HIT
content-length
63167
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000098-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Apr 2023 17:05:44 GMT
x-timer
S1685495903.746078,VS0,VE1
etag
"643ecde8-f6bf"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-cache-hits
1707, 1
google_podcasts.jpg
plus.npr.org/images/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/logos/google_podcasts.jpg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76ec799209058566b88410e0a6ee331f4a1dabbcad92c9092b516015607ea1ca
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
1886753
x-cache
HIT, HIT
content-length
2236
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000027-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Apr 2023 00:54:08 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer
S1685495903.746375,VS0,VE2
etag
"6449c7b0-8bc"
x-frame-options
DENY
content-type
image/jpeg
accept-ranges
bytes
x-cache-hits
711, 1
overcast.png
plus.npr.org/images/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/logos/overcast.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b3b5519e7a63f6d8ce7c5abed5b3d753c3e58c4e349ce0ff58b1ed67f3776b7e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
2499897
x-cache
HIT, HIT
content-length
3923
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200176-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2023 20:43:38 GMT
x-timer
S1685495903.746867,VS0,VE1
etag
"6424a2fa-f53"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-cache-hits
1883, 1
pocket_casts.png
plus.npr.org/images/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/logos/pocket_casts.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21dc690c0425157582fa108407ff628954398305ee35acbb6f17b35aceb4ae94
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
611392
x-cache
HIT, HIT
content-length
3467
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200113-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 May 2023 20:07:02 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer
S1685495903.746603,VS0,VE1
etag
"64501be6-d8b"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-cache-hits
907, 1
itunes.png
plus.npr.org/images/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/logos/itunes.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5924ae8d6b1620b7e637f43c64f546da193cae58fe2b6d932169ee80cd754842
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
1273748
x-cache
HIT, HIT
content-length
3587
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000123-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Apr 2023 23:54:44 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer
S1685495903.746337,VS0,VE1
etag
"644b0b44-e03"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-cache-hits
931, 1
podcast_addict.png
plus.npr.org/images/logos/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/logos/podcast_addict.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26acc7255f577a53c63eb69f2efe25c47ce6b3c53a8b87835dc0aa013799254b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
644613
x-cache
HIT, HIT
content-length
4498
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100136-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Apr 2023 23:54:44 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer
S1685495903.746321,VS0,VE1
etag
"644b0b44-1192"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-cache-hits
1284, 1
npr-plus-bundle.png
plus.npr.org/images/npr-images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/npr-plus-bundle.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a01538fdb25dc6fc93fda7912dabf7d9591c41693df6e6a36e2c71271990da96
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
1283815
x-cache
HIT, HIT
content-length
25805
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100108-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 12 May 2023 19:07:48 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer
S1685495903.746312,VS0,VE1
etag
"645e8e84-64cd"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-cache-hits
56, 1
code-switch-plus.jpg
plus.npr.org/images/npr-images/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/code-switch-plus.jpg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
da81666807eee6bef59283c22568c46119e0603e4664c1c3dccfa2d73f1179fe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
1192303
x-cache
HIT, HIT
content-length
88032
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200156-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Apr 2023 23:54:44 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer
S1685495903.746630,VS0,VE1
etag
"644b0b44-157e0"
x-frame-options
DENY
content-type
image/jpeg
accept-ranges
bytes
x-cache-hits
611, 1
fresh-air-plus.svg
plus.npr.org/images/npr-images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/fresh-air-plus.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40330f009e54ccd36fc867e0601af72695e5ade1f9dc01712bbbad913d7102da
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
1873855
x-cache
MISS, HIT
content-length
13427
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000144-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
MISS
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 May 2023 20:07:02 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer
S1685495903.800021,VS0,VE1
etag
"64501be6-3473"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
0, 1
embedded-plus.jpg
plus.npr.org/images/npr-images/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/embedded-plus.jpg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
132d4ca218b05f0808ef3871bf6462e84e97ab9c7a5a2d6ca2be961a9bd082e7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
2499897
x-cache
HIT, HIT
content-length
58704
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000122-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Apr 2023 17:05:44 GMT
x-timer
S1685495903.800863,VS0,VE1
etag
"643ecde8-e550"
x-frame-options
DENY
content-type
image/jpeg
accept-ranges
bytes
x-cache-hits
231, 1
its-been-a-minute-plus.jpg
plus.npr.org/images/npr-images/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/its-been-a-minute-plus.jpg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a56a5c85b900f97a9b6f1ad227e8e99cbe12f62a791685c1149ad63dc445332a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
628671
x-cache
HIT, HIT
content-length
87436
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100131-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 12 May 2023 19:07:48 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer
S1685495903.799830,VS0,VE4
etag
"645e8e84-1558c"
x-frame-options
DENY
content-type
image/jpeg
accept-ranges
bytes
x-cache-hits
257, 1
life-kit-plus.svg
plus.npr.org/images/npr-images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/life-kit-plus.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
00f4c00f8c0d490fc07da00e08974b58d451461aa375f67d01755031aa5880bb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
74287
x-cache
HIT, HIT
content-length
13905
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100129-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 May 2023 18:00:10 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer
S1685495903.800574,VS0,VE1
etag
"645a8a2a-3651"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
628, 1
npr-news-now.svg
plus.npr.org/images/npr-images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/npr-news-now.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2e6e23969c9c1dea7e5e9872739c3a286871a6be5f3d5210b9c0673666594033
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
1297536
x-cache
HIT, HIT
content-length
12678
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200179-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 13 Apr 2023 16:22:16 GMT
x-timer
S1685495903.800322,VS0,VE2
etag
"64382c38-3186"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
1202, 1
politics.svg
plus.npr.org/images/npr-images/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/politics.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eccc141fdfbf8eaf7a748d706e31ef1e9178ab184fac6f2244f3f06d712e8077
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
1229749
x-cache
HIT, HIT
content-length
87061
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100098-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Apr 2023 17:05:44 GMT
x-timer
S1685495903.799658,VS0,VE2
etag
"643ecde8-15415"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
800, 1
planet-money-plus.jpg
plus.npr.org/images/npr-images/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/planet-money-plus.jpg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6efe6ebe9d13b6315c526a9acf520b66b58c05de10cfa49fc640d9b8ae4be558
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
74287
x-cache
HIT, HIT
content-length
65321
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100148-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 May 2023 20:07:02 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer
S1685495903.800009,VS0,VE3
etag
"64501be6-ff29"
x-frame-options
DENY
content-type
image/jpeg
accept-ranges
bytes
x-cache-hits
974, 1
pop-culture-happy-hour-plus.svg
plus.npr.org/images/npr-images/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/pop-culture-happy-hour-plus.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d1bff4e9d97c15b80610234c80fb9e173d813dd63dd99ac4c4ea04a0a305c84
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
33399
x-cache
HIT, HIT
content-length
33099
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100133-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 May 2023 20:07:02 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer
S1685495903.799839,VS0,VE1
etag
"64501be6-814b"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
697, 1
short-wave-plus.jpg
plus.npr.org/images/npr-images/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/short-wave-plus.jpg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d5d992942668fb5fe0bfb51edebec0fcbdc7b8e3439c735810d43e9ff312edaf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
1873854
x-cache
HIT, HIT
content-length
61974
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200112-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 May 2023 20:07:02 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer
S1685495903.799662,VS0,VE2
etag
"64501be6-f216"
x-frame-options
DENY
content-type
image/jpeg
accept-ranges
bytes
x-cache-hits
298, 1
ted-radio-hour-plus.jpg
plus.npr.org/images/npr-images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/ted-radio-hour-plus.jpg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
613aed1d93f5d0a60204b31742b75d63ddd5e3d0885303af51620a572bda5495
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
2499897
x-cache
HIT, HIT
content-length
60294
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200034-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Apr 2023 17:05:44 GMT
x-timer
S1685495903.799384,VS0,VE2
etag
"643ecde8-eb86"
x-frame-options
DENY
content-type
image/jpeg
accept-ranges
bytes
x-cache-hits
258, 1
throughline-plus.svg
plus.npr.org/images/npr-images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/throughline-plus.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3300651c20f801c69b1e7ed73e3ea32d00e9b1df14d2f13dd1c72cf28ecde8bc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
1283815
x-cache
HIT, HIT
content-length
40625
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000154-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Apr 2023 17:05:44 GMT
x-timer
S1685495903.799376,VS0,VE1
etag
"643ecde8-9eb1"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
753, 1
up-first-plus.svg
plus.npr.org/images/npr-images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/up-first-plus.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c51e8ed90aadca79be5dc5d0c68896d33bb0874e123702286a687515ae47142
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
1297536
x-cache
HIT, HIT
content-length
16596
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200026-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 May 2023 20:07:02 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer
S1685495903.799360,VS0,VE1
etag
"64501be6-40d4"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
341, 1
wait-wait-plus.svg
plus.npr.org/images/npr-images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/wait-wait-plus.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed69178bcad62774d14e1d2e1ab82d7b77f9ed1b978061ef2351d92372c510d8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
1192303
x-cache
HIT, HIT
content-length
18316
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200087-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 12 May 2023 19:07:48 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer
S1685495903.799366,VS0,VE1
etag
"645e8e84-478c"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
30, 1
spin.js
media.supportingcast.fm/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.supportingcast.fm/js/spin.js?d=1685159335
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe5f5e7e72312bcccc4cb3e07f0a4f71d2b5785d28dda708ea469549f25b3853

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230088-FRA
date
Wed, 31 May 2023 01:18:22 GMT
via
1.1 varnish
cr-x-cache
HIT
last-modified
Sat, 27 May 2023 03:38:19 GMT
age
548
x-timer
S1685495903.608179,VS0,VE1
etag
"9943f9004db8e4924549aea726b06bf9"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
content-length
3007
x-cache-hits
1
app.js
media.supportingcast.fm/js/ 		961 KB
962 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.supportingcast.fm/js/app.js?d=1685159335
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
046dbb4c7fb853485c7c6cac3bd43fb303f4fc83b0bac7853745fe44b7238859

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230088-FRA
date
Wed, 31 May 2023 01:18:22 GMT
via
1.1 varnish
cr-x-cache
HIT
last-modified
Sat, 27 May 2023 03:38:19 GMT
age
548
x-timer
S1685495903.612229,VS0,VE3
etag
"e030dea7ab5509e103fb7d9541daaeeb"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
content-length
984335
x-cache-hits
1
npr-plus.js
plus.npr.org/js/ 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plus.npr.org/js/npr-plus.js
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa83341277ae0d9736a9f90ca70bc12f3a222a852a28c11c4c443c639c20ed76
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
2642
x-cache
HIT, HIT
content-length
51885
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100130-IAD, cache-fra-eddf8230085-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 27 May 2023 03:38:04 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer
S1685495903.742564,VS0,VE1
etag
"64717b1c-caad"
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
1244, 1
gtm.js
www.googletagmanager.com/ 		199 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N6D7B5G&l=gtmDataLayer
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c346be198d185f9d697082747fefd9fa9197bbf69eacc990500c3972e870b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:18:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69261
x-xss-protection
0
last-modified
Wed, 31 May 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 May 2023 01:18:22 GMT
polyfill.min.js
polyfill.io/v3/ 		101 B
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=Object.assign%2CString.prototype.startsWith%2Cdocument.querySelector%2CURLSearchParams%2CReflect.apply%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CNumber.parseFloat%2CXMLHttpRequest%2ClocalStorage%2Chtml5shiv%2Cconsole.log%2Cconsole.error%2CSymbol.iterator%2CNodeList.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2Cfetch%2CPromise
Requested by
Host: media.supportingcast.fm
URL: https://media.supportingcast.fm/js/supportingcast_sdk.js?d=1685159335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:c00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plus.npr.org/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:18:22 GMT
age
2136986
detected-user-agent
Chrome Mobile/113.0.0
useragent_normaliser
chrome/113.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
last-modified
Wed, 03 May 2023 00:17:37 GMT
fastly_service_version
195
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/113.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
/
api.amplitude.com/ 		7 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: media.supportingcast.fm
URL: https://media.supportingcast.fm/js/app.js?d=1685159335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.154.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-154-210.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://plus.npr.org/
Cross-Origin-Resource-Policy
cross-origin
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 31 May 2023 01:18:23 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-6476a05f-35313c546cd7a9fc73c042a6
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
/
api.amplitude.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.154.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-154-210.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
cross-origin-resource-policy
Access-Control-Request-Method
POST
Origin
https://plus.npr.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
cross-origin-resource-policy
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Wed, 31 May 2023 01:18:23 GMT
strict-transport-security
max-age=15768000
tinypass.min.js
cdn.piano.io/api/ 		341 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.piano.io/api/tinypass.min.js
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9729562695af7fd056637e720fe603dd9f836935baca0b30995e07b2bf1f5a1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:18:23 GMT
x-amz-version-id
i0kPfeY5lNTQ34sZIY1poWehgnfGX3HS
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
8QM6J7J656HPM67C
age
9358
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8YaqGjXCiw6H8bQeY8yGzfTqd823lgxNL4APwqlN3BzXC1Hn54TyMroJO2ex40LC9+2ns1F6/kU=
last-modified
Fri, 26 May 2023 06:06:23 GMT
server
cloudflare
etag
W/"8932fa51b14748193e060eae58027bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7cfb61f239cfd93b-HEL
expires
Wed, 31 May 2023 05:18:23 GMT
recommendations
api.npr.org/stationfinder/v3/stations/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.npr.org/stationfinder/v3/stations/recommendations?nprPlusBundle=true
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
216.35.221.71 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://plus.npr.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Headers
origin, accept, content-type, authorization, x-http-method-override, x-pingother, x-requested-with, if-match, if-modified-since, if-none-match, if-unmodified-since
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
tag, link, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes
Cache-Control
max-age=0
Connection
Keep-Alive
Content-Length
0
Content-Type
text/plain;;charset=UTF-8
Date
Wed, 31 May 2023 01:18:23 GMT
Expires
Wed, 31 May 2023 01:18:23 GMT
Keep-Alive
timeout=5, max=4736
Server
Apache/2.4.25 (Debian)
X-Frame-Options
DENY
X-Powered-By
PHP/7.4.14
X-Robots-Tag
noindex
X-Served-By
prod-web-42
recommendations
api.npr.org/stationfinder/v3/stations/ 		303 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.npr.org/stationfinder/v3/stations/recommendations?nprPlusBundle=true
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/js/npr-plus.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
216.35.221.71 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
baea8197f255cf37931f59903a7d2005f05d5388e8f5a7055dd1976e2483d4cb
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://plus.npr.org/
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

X-Served-By
prod-web-44
Date
Wed, 31 May 2023 01:18:23 GMT
Server
Apache/2.4.25 (Debian)
X-Powered-By
PHP/7.4.14
X-Frame-Options
DENY
Content-Type
application/json;
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
Keep-Alive
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=4111
Content-Length
303
Expires
Wed, 31 May 2023 01:18:23 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6D7B5G&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 31 May 2023 01:04:54 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
809
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 31 May 2023 03:04:54 GMT
gtm.js
www.googletagmanager.com/ 		199 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHZ4W3X&l=gtmDataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6D7B5G&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1304678b7dff7df30c2c9101d6bab9909d07f82c96c1fdd9ab72a6ca9a32c488
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:18:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72675
x-xss-protection
0
last-modified
Wed, 31 May 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 May 2023 01:18:23 GMT
gtm.js
www.googletagmanager.com/ 		198 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSR2B4H&l=gtmDataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6D7B5G&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e54183501f571c696350cbcb0d1d2662ed91ebf7cf9f6215f2f0042b21cbb2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:18:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68844
x-xss-protection
0
last-modified
Wed, 31 May 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 May 2023 01:18:23 GMT
ping.min.js
cdn.pdst.fm/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 00:26:22 GMT
content-encoding
gzip
age
3121
x-guploader-uploadid
ADPycdsFC7YNlSm0Q_RccsQCQmfnFHWHt5GfCJAisDCEA1tsaumxegtrR_HV3y3xzoMCRYqYVesDUc9LLAEEPSTbV8nvYA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5774
last-modified
Fri, 28 May 2021 20:34:03 GMT
server
UploadServer
etag
"d001d1c9f5a942fa5524eeacb047e819"
vary
Accept-Encoding
x-goog-generation
1622234043862937
x-goog-hash
crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5774
accept-ranges
bytes
content-type
application/javascript;
expires
Wed, 31 May 2023 01:26:22 GMT
js
www.googletagmanager.com/gtag/ 		189 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XK44GJHVBE&l=gtmDataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6D7B5G&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b267635d4369d19c24857d2f72df33c3b9a3b7ceef9ece8407a1cb20357cc071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:18:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
70949
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 May 2023 01:18:23 GMT
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.piano.io
URL: https://cdn.piano.io/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a1::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 31 May 2023 01:18:23 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Oct 2022 14:05:13 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5959
Expires
Wed, 31 May 2023 02:18:23 GMT
execute
c2.piano.io/xbuilder/experience/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=9ENxKQ58pu
Requested by
Host: cdn.piano.io
URL: https://cdn.piano.io/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6367a434b91875019ca20883870316b44db288601a0d3b20ee1579c2b9002ed
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://plus.npr.org/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 May 2023 01:18:23 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
e72qau9fw0
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://plus.npr.org
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7cfb61f33b7cd93b-HEL
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by
Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
application/json
Referer
https://plus.npr.org/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 May 2023 01:18:23 GMT
server
Google Frontend
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by
Express
access-control-allow-methods
GET, POST
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
0f659a695c31a2c8bbfce89dddbede69
function-execution-id
ztoutvly9l7a
access-control-allow-headers
Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://plus.npr.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
gzip
content-length
22
content-type
text/html; charset=utf-8
date
Wed, 31 May 2023 01:18:23 GMT
etag
W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id
16ee7sh7fijj
server
Google Frontend
x-cloud-trace-context
56212cdb376bb7a9fdf7a1963d3b9c2e
x-powered-by
Express
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
64d713537c6a5e114e01efb5143507e2617ed78662d1b119cd0c693731dc374e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 May 2023 01:18:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27502
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
pj/oC1sPcS+1rAcm7dUxpziJqBbobHepv/Cav5DrubxpJZFX0cOPcv209Rw5ZCPrskdByQy1sD6nYuSD1NB9HA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		0
0
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XK44GJHVBE&cid=1070020912.1685495903&gtm=45je35o0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XK44GJHVBE&l=gtmDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 May 2023 01:18:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plus.npr.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fi/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XK44GJHVBE&cid=1070020912.1685495903&gtm=45je35o0&aip=1&z=1802595978
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 May 2023 01:18:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHZ4W3X&l=gtmDataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 31 May 2023 01:18:23 GMT
last-modified
Thu, 11 May 2023 18:08:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A0BF15395D9C4B73AD65712E52ECF78F Ref B: FRAEDGE1412 Ref C: 2023-05-31T01:18:23Z
etag
"80df77953384d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12183
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/805131419/ 		0
0
collect
stats.g.doubleclick.net/j/ 		4 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-5828686-4&cid=1070020912.1685495903&jid=98532449&gjid=1353681175&_gid=1511314659.1685495903&_u=YCDAgEABAAAAAEAAI~&z=950880475
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plus.npr.org/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 31 May 2023 01:18:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plus.npr.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=294405936&t=pageview&_s=1&dl=https%3A%2F%2Fplus.npr.org%2F&ul=en-us&de=UTF-8&dt=NPR%20Plus%20%7C%20Membership&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAAI~&jid=98532449&gjid=1353681175&cid=1070020912.1685495903&tid=UA-5828686-4&_gid=1511314659.1685495903&gtm=45He35o0n81N6D7B5G&z=1874419615
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 May 2023 00:44:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2009
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cx.js
cdn.cxense.com/ 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a1::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
53c22f3f957e967106559723fa6b59d25b8ec8753b7edc2cb9694d41b3f3085a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 31 May 2023 01:18:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 13:28:50 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34531
Expires
Wed, 31 May 2023 02:18:23 GMT
448121793258601
connect.facebook.net/signals/config/ 		300 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/448121793258601?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e346347af868086722530315141c352bdb4f8ec808e34d24b3a673842c05cbe6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 May 2023 01:18:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
YKSZ0wMNZL903MgvZYheGO7tP9Gesg5X5sok51cai5uHMke/9jJx7n3ipZyB4ywh4QZZZKc9UaIAcfMy0LbIvw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5828686-4&cid=1070020912.1685495903&jid=98532449&_u=YCDAgEABAAAAAEAAI~&z=766787979
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 May 2023 01:18:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fi/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5828686-4&cid=1070020912.1685495903&jid=98532449&_u=YCDAgEABAAAAAEAAI~&z=766787979
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 May 2023 01:18:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
149007383.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/149007383.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4f3382555e3e31317df6cb3c1e9932fb38e4b3ad9618ff0812b2f104c5bd9c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 31 May 2023 01:18:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BE713618BDE74EF5A083727AA6B58833 Ref B: FRAEDGE1412 Ref C: 2023-05-31T01:18:23Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
content-length
1498
0
bat.bing.com/action/ 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=149007383&tm=gtm002&Ver=2&mid=4c8853c6-b146-4f57-a097-c6c99ee1d615&sid=098f5290ff5111ed806f5d3e7541a188&vid=098f8a60ff5111eda9d75370c4f7f1cd&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=NPR%20Plus%20%7C%20Membership&p=https%3A%2F%2Fplus.npr.org%2F&r=&lt=2020&evt=pageLoad&sv=1&rn=977488
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 31 May 2023 01:18:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ED45D4DD19124061817CD7D73AB45A30 Ref B: FRAEDGE1412 Ref C: 2023-05-31T01:18:23Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
149007383
www.clarity.ms/tag/uet/ 		0
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448121793258601&ev=PageView&dl=https%3A%2F%2Fplus.npr.org%2F&rl=&if=false&ts=1685495903836&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1685495903834.1407745767&it=1685495903587&coo=false&exp=a0&rqm=GET
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 31 May 2023 01:18:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448121793258601&ev=Microdata&dl=https%3A%2F%2Fplus.npr.org%2F&rl=&if=false&ts=1685495904340&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NPR%20Plus%20%7C%20Membership%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fplus.npr.org%22%2C%22og%3Atitle%22%3A%22NPR%20Plus%20%7C%20Membership%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.supportingcast.fm%2Fcontent%2F401b41b3-4f8a-4ede-82fa-0093c467a809.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1685495903834.1407745767&it=1685495903587&coo=false&es=automatic&tm=3&exp=a0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 31 May 2023 01:18:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		64 B
421 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=9ENxKQ58pu&user_provider=piano_id_lite&user_token=&callApiJsonp=true&callback=jsonp6420
Requested by
Host: cdn.piano.io
URL: https://cdn.piano.io/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae8940acee67e416f42528efd813451d8cb21d400e69542591bfeb8d2851bc2
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:18:26 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
MISS
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mqy0ivrw5uF
wn
prod-dash-10-0-129-29
last-modified
Wed, 31 May 2023 01:18:26 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
server-time
0.001
cache-control
public, max-age=86400
cf-ray
7cfb6207aee8d943-HEL
expires
Thu, 01 Jun 2023 01:18:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.tiktok.com
URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF8PBLJC77U9H3ERNJCG&lib=ttq
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805131419/?random=1685495903364&cv=11&fst=1685495903364&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplus.npr.org%2F&hn=www.googleadservices.com&frm=0&tiba=NPR%20Plus%20%7C%20Membership&auid=1734069270.1685495903&uamb=0&uaw=0&rfmt=3&fmt=4
Domain
www.clarity.ms
URL
https://www.clarity.ms/tag/uet/149007383

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| gtmDataLayer function| SupportingCastSDK function| SupportingCastPaymentForm function| StripeElements object| webpackChunk object| __core-js_shared__ object| core function| ImageUploader object| intlTelInputGlobals number| uidEvent object| flash object| tabs function| axios function| Vue object| scApp object| __AMPLITUDE__ object| amplitude object| amplitudeEventHandler object| SupportingCastApi object| ScSlugHandler object| SupportingCastS3Uploader object| spin object| amplitude_instance object| analyticsConnectorInstances object| nprApi object| nav object| pdl object| tp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| pdst function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG object| googletag function| ___tp function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq object| gaGlobal object| GooglebQhCsO object| gaplugins object| gaData object| PianoESPConfig object| cX function| cxCCE_callQueueExecute object| cxTest object| ari function| UET function| UET_init function| UET_push object| ueto_d06d725459 object| uetq

14 Cookies

Domain/Path Name / Value
plus.npr.org/ Name: XSRF-TOKEN
Value: eyJpdiI6IkVRK0N5TXh4ZHQxVGpLT3FTMmkzdkE9PSIsInZhbHVlIjoidGkxQktYa2cwTjlMYVRXUkdYa2Q4ZFdUL05qMnZWVjUxQ0FSdjdJL0NTNjYxNVk1bTVKU1BocjViaU5FZUJxNzRKN2ZRUDRvUC9YTndVcXRkOEp0eHpLb1NrTVMydmVRZFJCbWxNcUp6TWprRFF2MkN3MDl2R3hGNy9rSXQ0VkEiLCJtYWMiOiJiNTU3ODAwMDIzNTAzM2RlOTJlM2FjYmRmNDUwNDVjYmZlNjg0ODEzZDlhNjNhMzE1MTg5N2VkNDRhZDRiYzIxIiwidGFnIjoiIn0%3D
plus.npr.org/ Name: laravel_session
Value: eyJpdiI6IksxeXJMeG5mdnMvaUs0d1ZIcGRyZUE9PSIsInZhbHVlIjoiUFVINFFyck9LeDFTOWp1N1puV0ZpQW16WGJNaEtJUkg2SzBuclNyYlpIODkwaU55YlllTzRxZjBUSW03ZHhZMHVkWlYxZHhzZ0pUcHpWV0ovaWJna1BYdGVWSkhaOUxWeW16ajZlalRVZ0tIaHZpQW95TDhnb0llTXh0NTRHbksiLCJtYWMiOiJmNmEwYjk1NDZlMDdkNmI5NzdjOTI1MjE2YjRmNWQ4NzMzYjlhMzM1MzJjM2E0NjkwMzEyYzdhMmIyYmRlOTYyIiwidGFnIjoiIn0%3D
.npr.org/ Name: amp_6045bd
Value: _V2CELw8QH5p_QSOAuRHiz...1h1nm4snm.1h1nm4snp.1.0.1
.piano.io/ Name: __cf_bm
Value: 5Gpb4h7Tyz_y1Tx7oavvyod_mKfgWWduqI2.TMGnOXc-1685495903-0-AVjWUCs/uaP6gXeeTH8Ffc1KedMetXJ4aiTWrykO3sfBNsrKZ6nv23X6InP+EvNrmF09R+E68knZyG/2lxNscIc=
plus.npr.org/ Name: __pdst
Value: d9e23382a6da4a99980bc213311e262c
.npr.org/ Name: _gcl_au
Value: 1.1.1734069270.1685495903
.npr.org/ Name: _ga_XK44GJHVBE
Value: GS1.1.1685495903.1.0.1685495903.60.0.0
.npr.org/ Name: _ga
Value: GA1.2.1070020912.1685495903
.npr.org/ Name: _gid
Value: GA1.2.1511314659.1685495903
.npr.org/ Name: _dc_gtm_UA-5828686-4
Value: 1
.npr.org/ Name: _uetsid
Value: 098f5290ff5111ed806f5d3e7541a188
.npr.org/ Name: _uetvid
Value: 098f8a60ff5111eda9d75370c4f7f1cd
.bing.com/ Name: MUID
Value: 3A3E326326476ABD0A692141272C6B77
.npr.org/ Name: _fbp
Value: fb.1.1685495903834.1407745767

9 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: geolocation. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
javascript warning URL: https://media.supportingcast.fm/js/supportingcast_sdk.js?d=1685159335(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://polyfill.io/v3/polyfill.min.js?features=Object.assign%2CString.prototype.startsWith%2Cdocument.querySelector%2CURLSearchParams%2CReflect.apply%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CNumber.parseFloat%2CXMLHttpRequest%2ClocalStorage%2Chtml5shiv%2Cconsole.log%2Cconsole.error%2CSymbol.iterator%2CNodeList.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2Cfetch%2CPromise, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://media.supportingcast.fm/js/supportingcast_sdk.js?d=1685159335(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://polyfill.io/v3/polyfill.min.js?features=Object.assign%2CString.prototype.startsWith%2Cdocument.querySelector%2CURLSearchParams%2CReflect.apply%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CNumber.parseFloat%2CXMLHttpRequest%2ClocalStorage%2Chtml5shiv%2Cconsole.log%2Cconsole.error%2CSymbol.iterator%2CNodeList.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2Cfetch%2CPromise, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error (Line 1)
Message:
Refused to load the script 'https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF8PBLJC77U9H3ERNJCG&lib=ttq' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-XK44GJHVBE&l=gtmDataLayer&cx=c(Line 93)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-XK44GJHVBE&gtm=45je35o0&_p=294405936&_gaz=1&cid=1070020912.1685495903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685495903&sct=1&seg=0&dl=https%3A%2F%2Fplus.npr.org%2F&dt=NPR%20Plus%20%7C%20Membership&en=page_view&_fv=1&_nsi=1&_ss=1' because it violates the following Content Security Policy directive: "connect-src 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com".
security error URL: https://www.googletagmanager.com/
Message:
Refused to frame 'https://11390690.fls.doubleclick.net/' because it violates the following Content Security Policy directive: "frame-src docs.google.com *.stripe.com www.google.com cdn.cxense.com".
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHZ4W3X&l=gtmDataLayer(Line 69)
Message:
Refused to load the script 'https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805131419/?random=1685495903364&cv=11&fst=1685495903364&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplus.npr.org%2F&hn=www.googleadservices.com&frm=0&tiba=NPR%20Plus%20%7C%20Membership&auid=1734069270.1685495903&uamb=0&uaw=0&rfmt=3&fmt=4' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bat.bing.com/p/action/149007383.js(Line 30)
Message:
Refused to load the script 'https://www.clarity.ms/tag/uet/149007383' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com data:;form-action *.supportingcast.fm plus.npr.org docs.google.com connect.stripe.com *.supportingcast.fm;img-src * data:;media-src * data:;connect-src 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;style-src 'unsafe-inline' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.piano.io cdn.cxense.com buy.tinypass.com cdn.cookielaw.org geolocation.onetrust.com cdn.cxense.com comcluster.cxense.com privacyportal.onetrust.com *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;frame-src docs.google.com *.stripe.com www.google.com cdn.cxense.com;frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.amplitude.com
api.npr.org
bat.bing.com
buy.tinypass.com
c2.piano.io
cdn.cxense.com
cdn.pdst.fm
cdn.piano.io
connect.facebook.net
googleads.g.doubleclick.net
media.supportingcast.fm
plus.npr.org
polyfill.io
s3.amazonaws.com
stats.g.doubleclick.net
us-central1-adaptive-growth.cloudfunctions.net
use.fontawesome.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fi
www.googletagmanager.com
analytics.tiktok.com
googleads.g.doubleclick.net
www.clarity.ms
151.101.130.133
151.101.2.133
151.101.66.217
2001:4860:4802:36::36
216.35.221.71
2606:4700::6810:2a41
2606:4700::6811:bab1
2606:4700:e2::ac40:850f
2620:1ec:c11::200
2a00:1450:4001:828::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9b
2a02:26f0:6c00:1a1::268b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:c00::282
35.244.142.80
44.241.154.210
52.216.177.133
00f4c00f8c0d490fc07da00e08974b58d451461aa375f67d01755031aa5880bb
046dbb4c7fb853485c7c6cac3bd43fb303f4fc83b0bac7853745fe44b7238859
06dd4182eba8ec8d27a11a9854cf50a92e743c09f4524fd8b0fa8d2214a8680d
0c51e8ed90aadca79be5dc5d0c68896d33bb0874e123702286a687515ae47142
1304678b7dff7df30c2c9101d6bab9909d07f82c96c1fdd9ab72a6ca9a32c488
132d4ca218b05f0808ef3871bf6462e84e97ab9c7a5a2d6ca2be961a9bd082e7
21cc8dcc72ed316a038fc267308fbb3b75581600876f59019e05afdae6d14c15
21dc690c0425157582fa108407ff628954398305ee35acbb6f17b35aceb4ae94
2243bb9603448bf2afec4a22fbe21f7951daf2abc080207743c62aab7da3ad59
26acc7255f577a53c63eb69f2efe25c47ce6b3c53a8b87835dc0aa013799254b
2e6e23969c9c1dea7e5e9872739c3a286871a6be5f3d5210b9c0673666594033
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
3300651c20f801c69b1e7ed73e3ea32d00e9b1df14d2f13dd1c72cf28ecde8bc
3ae8940acee67e416f42528efd813451d8cb21d400e69542591bfeb8d2851bc2
40330f009e54ccd36fc867e0601af72695e5ade1f9dc01712bbbad913d7102da
53c22f3f957e967106559723fa6b59d25b8ec8753b7edc2cb9694d41b3f3085a
5924ae8d6b1620b7e637f43c64f546da193cae58fe2b6d932169ee80cd754842
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b
5c346be198d185f9d697082747fefd9fa9197bbf69eacc990500c3972e870b6b
613aed1d93f5d0a60204b31742b75d63ddd5e3d0885303af51620a572bda5495
64d713537c6a5e114e01efb5143507e2617ed78662d1b119cd0c693731dc374e
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6efe6ebe9d13b6315c526a9acf520b66b58c05de10cfa49fc640d9b8ae4be558
766b4d697256f585a498b337c32930707c9df4f2e3ec9eea02dd60a87285d102
76ec799209058566b88410e0a6ee331f4a1dabbcad92c9092b516015607ea1ca
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9d1bff4e9d97c15b80610234c80fb9e173d813dd63dd99ac4c4ea04a0a305c84
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9e54183501f571c696350cbcb0d1d2662ed91ebf7cf9f6215f2f0042b21cbb2a
a01538fdb25dc6fc93fda7912dabf7d9591c41693df6e6a36e2c71271990da96
a56a5c85b900f97a9b6f1ad227e8e99cbe12f62a791685c1149ad63dc445332a
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b267635d4369d19c24857d2f72df33c3b9a3b7ceef9ece8407a1cb20357cc071
b3b5519e7a63f6d8ce7c5abed5b3d753c3e58c4e349ce0ff58b1ed67f3776b7e
baea8197f255cf37931f59903a7d2005f05d5388e8f5a7055dd1976e2483d4cb
bbef37ff761dac2a1fa9959b29ce5f890c8822e487a18c65dbcdc1a6a7414ff4
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
d5d992942668fb5fe0bfb51edebec0fcbdc7b8e3439c735810d43e9ff312edaf
d6367a434b91875019ca20883870316b44db288601a0d3b20ee1579c2b9002ed
d7417fb9ac2bcfe34cef46801b9531caee261d3b9ffc799e110a86a36cd89adf
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
da81666807eee6bef59283c22568c46119e0603e4664c1c3dccfa2d73f1179fe
e346347af868086722530315141c352bdb4f8ec808e34d24b3a673842c05cbe6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eccc141fdfbf8eaf7a748d706e31ef1e9178ab184fac6f2244f3f06d712e8077
ed69178bcad62774d14e1d2e1ab82d7b77f9ed1b978061ef2351d92372c510d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4f3382555e3e31317df6cb3c1e9932fb38e4b3ad9618ff0812b2f104c5bd9c0
f9729562695af7fd056637e720fe603dd9f836935baca0b30995e07b2bf1f5a1
f9a41c03171e54f4a360fff5dcff90e0b1c8a9c56f02bd435a87da3699dbedc9
fa83341277ae0d9736a9f90ca70bc12f3a222a852a28c11c4c443c639c20ed76
fe5f5e7e72312bcccc4cb3e07f0a4f71d2b5785d28dda708ea469549f25b3853