www.crainsdetroit.com Open in urlscan Pro
2606:4700::6812:b93b  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

• https://crain-com.videoplayerhub.com/galleryloader.js HTTP 301
• https://btloader.com/tag?h=crain-com&upapi=true

Request Chain 52

• https://crain-com.videoplayerhub.com/galleryloader.js HTTP 301
• https://btloader.com/tag?h=crain-com&upapi=true

Request Chain 76

• https://cm.everesttech.net/cm/dd?d_uuid=47770903756863769360338570988350051557 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZlYu6gAAAIRIXQOV

Request Chain 96

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1716924138352&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1716924138352&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2832529%26time%3D1716924138352%26url%3Dhttps%253A%252F%252Fwww.crainsdetroit.com%252Fbanking-finance%252Fflagstar-bank-paid-1-million-bitcoin-ransomware-group%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1716924138352&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1716924138352&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cookiesTest=true&liSync=true&e_ipv6=AQIrYhD746igSQAAAY_Ap0aHzrd8BP7h3g85Y9Z-14uer3gaQcfhg7WaId_8b9hjivjryzIFWbZZ

215 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request flagstar-bank-paid-1-million-bitcoin-ransomware-group Show response www.crainsdetroit.com/banking-finance/	221 KB 40 KB	3010ms 2928ms	Document text/html	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2192acf11290036bb34e566ad289166b416bfa725ab58cd399eef5024ebfd11 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers cache-control public, max-age=43200 cf-cache-status MISS cf-ray 88b09cc06e132bcf-FRA content-encoding br content-language en content-type text/html; charset=UTF-8 date Tue, 28 May 2024 19:22:17 GMT expires Wed, 29 May 2024 07:22:17 GMT last-modified Tue, 28 May 2024 19:22:14 GMT server cloudflare vary Cookie,Accept-Encoding via varnish x-ah-environment prod x-cache MISS x-content-type-options nosniff x-drupal-dynamic-cache MISS x-frame-options SAMEORIGIN x-generator Drupal 9 (https://www.drupal.org) x-request-id v-971fbaa4-1d27-11ef-98b1-f7d810de6930 x-ua-compatible IE=edge
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	93 KB 29 KB	109ms 64ms	Script text/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software cafe / Resource Hash 262fe7f7cdac59101c7a8634fa08c327b4ba1919c7958c0a77096ecd4fd2005d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29936 x-xss-protection 0 server cafe etag 190 / 19871 / 31083927 / config-hash: 1855365554835811136 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 28 May 2024 19:22:17 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	191 KB 70 KB	122ms 55ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-2717831-1 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1d9e39d8aba1ce18e06672c1238c0a4bd9d2911584ab3c73b5d3026ab861343c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 71029 x-xss-protection 0 last-modified Tue, 28 May 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 28 May 2024 19:22:17 GMT
GET H2	200	chartbeat_mab.js Show response static.chartbeat.com/js/	24 KB 10 KB	141ms 32ms	Script application/x-javascript	2600:9000:237d:c00:18:1fcd:354:4b41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat_mab.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:c00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 18:33:38 GMT content-encoding gzip via 1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront) last-modified Thu, 21 Dec 2023 01:18:23 GMT server nginx x-amz-cf-pop MUC50-P2 age 2919 etag W/"6583925f-5f13" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=7200 cross-origin-resource-policy cross-origin x-amz-cf-id BPxp0r7-fxeodtMYYUHSbls2rv3rwa46CuJcDGLV_S2sukGQMGwHlg== expires Tue, 28 May 2024 20:33:38 GMT
GET H2	200	launch-ef0d5546c26e.min.js Show response assets.adobedtm.com/05852ba8023b/f33085ef03e5/	269 KB 83 KB	157ms 47ms	Script application/x-javascript	2a02:26f0:3500:592::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:592::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 24fcce4d063676374643817ec12847f4e45921ec95d36643dc825c361dcc9241 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:17 GMT content-encoding gzip last-modified Mon, 26 Feb 2024 11:48:23 GMT server AkamaiNetStorage etag "581b777219121cbe79e4869e8393f24d:1708948103.492676" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://www.crainsdetroit.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 84428 expires Tue, 28 May 2024 20:22:17 GMT
GET H2	200	css2 fonts.googleapis.com/	14 KB 1 KB	93ms 38ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,300;0,400;0,500;0,700;0,800;0,900;1,300;1,400;1,500;1,700;1,800;1,900&display=swap Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4753efaa55ec4381d4b4b320f2cec85ebce4577de533e6e24553b4fe34204022 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Tue, 28 May 2024 19:22:17 GMT content-encoding gzip x-content-type-options nosniff server ESF content-security-policy-report-only require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Tue, 28 May 2024 19:22:17 GMT
GET H2	200	css_3FF6l0njmb_bd4YkMb1Cf3pBiOFqYRKpwUArf0mRdWg.css www.crainsdetroit.com/sites/cdb_rd/files/css/	112 KB 20 KB	52ms 51ms	Stylesheet text/css	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/css/css_3FF6l0njmb_bd4YkMb1Cf3pBiOFqYRKpwUArf0mRdWg.css Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9bfb1167b9643c68d51ade6ed315ca37cb8956bca91e8b8ced28cc30adc02909 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 5 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 710652 cf-polished origSize=115428 x-cache HIT x-ah-environment prod x-request-id v-4f60cbaa-0bb0-11ef-b343-e31d6f941f27 cf-bgj minify last-modified Mon, 06 May 2024 13:55:31 GMT server cloudflare vary Accept-Encoding content-type text/css cache-control max-age=1209600 cf-ray 88b09cd2c8ab2bcf-FRA expires Thu, 30 May 2024 11:43:51 GMT
GET H2	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/	100 KB 19 KB	97ms 42ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:17 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 514983 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 18861 last-modified Fri, 01 Dec 2023 00:32:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "65692999-49ad" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0GmoSSPQy4%2B9ZyeKHYI9wsBGd5ECEOJwZpsWMde0Za6Rig6bak%2BFkjlezhiNRJR1k4t2XxkrR0M%2B7Njv4QB0IUhBWLWz1nl7JmfIY2N2raGl5quEWgtkqGoy3Cj5Dl8yyddqR1YckXHMoxTZKhiqlqSo"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 88b09cd31f2a1cab-FRA expires Sun, 18 May 2025 19:22:17 GMT
GET H2	200	css_5sAHPoi8qvpXdE2cc_zRbfD8pdsVBWWbQ6EAvYcQUgQ.css www.crainsdetroit.com/sites/cdb_rd/files/css/	193 KB 32 KB	50ms 49ms	Stylesheet text/css	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/css/css_5sAHPoi8qvpXdE2cc_zRbfD8pdsVBWWbQ6EAvYcQUgQ.css Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e581f074b59893dddf29fb35ce7427f3f4e99c2e13d104cf5f4ef4d7fb68cc61 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 6 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 1076605 cf-polished origSize=198359 x-cache HIT x-ah-environment prod x-request-id v-b6bf34ca-1359-11ef-a15e-ebedd81ca2f3 cf-bgj minify last-modified Thu, 16 May 2024 07:55:04 GMT server cloudflare vary Accept-Encoding content-type text/css cache-control max-age=1209600 cf-ray 88b09cd2c8ad2bcf-FRA expires Thu, 30 May 2024 07:55:51 GMT
GET H2	200	js_lyb0K5ITaniwcgo-uFqLgufjqgYVW6mPAkzWFQRWKOQ.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	93 KB 33 KB	67ms 67ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_lyb0K5ITaniwcgo-uFqLgufjqgYVW6mPAkzWFQRWKOQ.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d598b11113ca13e57538e85b580e0135467c25fbbf1f60f248dcadac20e86fad Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 419 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 527723 cf-polished origSize=97739 x-cache HIT x-ah-environment prod x-request-id v-ceab0148-d6d9-11ee-957a-576201cf6307 cf-bgj minify last-modified Mon, 17 Jul 2023 11:14:58 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 88b09cd3596e2bcf-FRA expires Thu, 30 May 2024 11:43:51 GMT
GET H2	200	moatheader.js Show response z.moatads.com/crainprebidheader782626518086/	273 KB 94 KB	530ms 269ms	Script application/x-javascript	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/crainprebidheader782626518086/moatheader.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software / Resource Hash 34bf08ff219b36887d4a53ab9eedf7858aff5d0d624d1ae67e475f90fe6771be Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 28 May 2024 19:22:17 GMT content-md5 UNCYPanZs4RvGIeChPezww== storage-tier Standard content-length 95605 opc-meta-btime 2024-04-22T05:24:19Z opc-meta-mtime 1713763459 last-modified Mon, 22 Apr 2024 19:37:09 GMT opc-request-id iad-1:Wk37OjWyGoar0PI15_xdU-T06TL8-shVyH0aAXHG2ZOoWKgqw71kw2bV4p83zlDG x-api-id native etag 7e2283bf-a8c3-40c1-afbd-18eaf15101b4 vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 5646b131-02d3-45e2-a2b7-6379564833c5 access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=18562 access-control-allow-credentials true accept-ranges bytes
GET H2	200	js_954lV8Ki6AP6yA3A6MvYfEsTL54ijdEl-FolfnmMi2s.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	2 KB 782 B	64ms 63ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_954lV8Ki6AP6yA3A6MvYfEsTL54ijdEl-FolfnmMi2s.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 476f3ea93ecf3d5a3d04f9ec7264d9be07c55792cae459e1e056d668fbe0eb1c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 400 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 523184 cf-polished origSize=2710 x-cache HIT x-ah-environment prod x-request-id v-01cd3242-d6dc-11ee-a045-dba128821247 cf-bgj minify last-modified Mon, 17 Jul 2023 11:14:58 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 88b09cd359712bcf-FRA expires Thu, 30 May 2024 11:43:51 GMT
GET H2	200	js_-QM9b70ms9vwfnmLPrfosaU6dnxAznojaeO3JCOcMSs.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	2 KB 783 B	56ms 56ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_-QM9b70ms9vwfnmLPrfosaU6dnxAznojaeO3JCOcMSs.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7429f8084c66cf882a7e96a4afcf207df7c77483f13a91ec7333887392dc346a Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 385 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 527723 cf-polished origSize=4073 x-cache HIT x-ah-environment prod x-request-id v-01cc83ba-d6dc-11ee-a22c-b3891c107790 cf-bgj minify last-modified Mon, 17 Jul 2023 11:14:58 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 88b09cd359742bcf-FRA expires Thu, 30 May 2024 12:38:16 GMT
GET H2	200	adobe_launch_dtm_init.js Show response www.crainsdetroit.com/modules/contrib/adobe_launch/js/	67 B 274 B	91ms 91ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/modules/contrib/adobe_launch/js/adobe_launch_dtm_init.js?sdsts9 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d986b35a59fa7cdf953a4b6e5ad899b3d9ebfed1501c01a385f67c22e3690a0a Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 5 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 37 cf-polished origSize=196 x-cache HIT x-ah-environment prod x-request-id v-3344abf6-16de-11ef-91c2-4724e49bec6c cf-bgj minify last-modified Tue, 17 May 2022 04:57:14 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control public, max-age=1209600 cf-ray 88b09cd389c82bcf-FRA expires Tue, 11 Jun 2024 19:22:17 GMT
GET H2	200	email-decode.min.js Show response www.crainsdetroit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 800 B	71ms 70ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 24 May 2024 15:04:33 GMT server cloudflare etag W/"6650ac81-4d7" vary Accept-Encoding x-frame-options DENY content-type application/javascript cache-control max-age=172800, public cf-ray 88b09cd389cb2bcf-FRA expires Thu, 30 May 2024 19:22:17 GMT
GET H2	200	index.js Show response tags.remixd.com/player/v5/	34 KB 10 KB	143ms 33ms	Script text/javascript	54.230.228.69 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.remixd.com/player/v5/index.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.69 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-69.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:08 GMT content-encoding gzip via 1.1 38f46facdae93530546676e451869f4c.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 age 16 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 10041 last-modified Tue, 31 Oct 2023 15:34:26 GMT server AmazonS3 etag "57b6f8ad4125903b7e06bb427c232d10" vary Accept-Encoding content-type text/javascript cache-control public,max-age=1800 accept-ranges bytes x-amz-cf-id kDxkDp-KiSKLLWa2hKB52YbpcklfhMjYfGUytyNfYOw2z2Hy67gTOw==
GET H2	200	js_O40j1Rj3SRByEkq45U7DZLlm2gVdyVYzPfFrl_gpJOM.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	156 KB 46 KB	92ms 91ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_O40j1Rj3SRByEkq45U7DZLlm2gVdyVYzPfFrl_gpJOM.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1fcef0716825e85fb5a12018e61d82ba24f358254c0f6ed5cb1bae3d3a920904 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 117491 cf-polished origSize=213514 x-cache MISS x-ah-environment prod x-request-id v-e4c654ac-e50a-11ee-87c0-6347e383912e cf-bgj minify last-modified Mon, 18 Mar 2024 09:35:43 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 88b09cd389cd2bcf-FRA expires Thu, 30 May 2024 12:09:47 GMT
GET H2	200	crain_pelcro_user.js Show response www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/	25 KB 7 KB	50ms 46ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/crain_pelcro_user.js?sdsts9 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9d3a057c8548067a9019fbdd104c53ef1345757324c4a54b26d0cfa1f292c85 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 4 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 36 cf-polished origSize=35846 x-cache HIT x-ah-environment prod x-request-id v-33551d42-16de-11ef-b059-43b89c9ba77a cf-bgj minify last-modified Mon, 06 May 2024 09:37:46 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control public, max-age=1209600 cf-ray 88b09cd3ea712bcf-FRA expires Tue, 11 Jun 2024 19:22:17 GMT
GET H2	200	crain_pelcro_order.js Show response www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/	1 KB 716 B	49ms 45ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/crain_pelcro_order.js?sdsts9 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c03d980fed6f86344148c1d33e311ffe17b84985ec47519e62556e3dd82d8f7f Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 4 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 36 cf-polished origSize=1938 x-cache HIT x-ah-environment prod x-request-id v-335c734e-16de-11ef-b027-7b76172feac3 cf-bgj minify last-modified Mon, 06 Mar 2023 09:00:01 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control public, max-age=1209600 cf-ray 88b09cd3ea752bcf-FRA expires Tue, 11 Jun 2024 19:22:17 GMT
GET H2	200	js_KrySmYw0DZk0t3y5LqyaNuGB12jMaXNJAJujEr-DNXQ.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	2 MB 502 KB	105ms 104ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_KrySmYw0DZk0t3y5LqyaNuGB12jMaXNJAJujEr-DNXQ.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b47d87ac601aed48d2167abbb93e81d83cad066bd4f42985324ed4fb9a0f134e Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 8 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 1076605 cf-polished origSize=2023111 x-cache HIT x-ah-environment prod x-request-id v-b5014844-1359-11ef-a6dc-17a40d55baad cf-bgj minify last-modified Thu, 16 May 2024 07:55:04 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 88b09cd389ce2bcf-FRA expires Thu, 30 May 2024 07:55:48 GMT
GET H2	200	main.min.js Show response js.pelcro.com/sdk/	305 KB 87 KB	137ms 34ms	Script text/javascript	2600:9000:26da:f600:c:b42a:3740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.pelcro.com/sdk/main.min.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:f600:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 487bcaab8332911b0f473f9ab02c4fe8a85aa61d66b6290e0526640d026374e5 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:08:13 GMT content-encoding gzip via 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 age 960 x-amz-server-side-encryption AES256 x-amz-meta-sha256 SHvKq4MykRsPRz+asCxP6Khaph1mtikOBSZkDQJjdOU= x-cache Hit from cloudfront x-amz-meta-sha384 F2eh+OHzha/HxsT43mjilliKj5gtj1mkWnTb3GaLzZ49OWoWXQfV2VoNcymaQDkd last-modified Fri, 26 Apr 2024 12:16:47 GMT server AmazonS3 etag W/"1b0c047b9cf39f0866aeda927ac384ff" vary Accept-Encoding content-type text/javascript; charset=utf-8 x-amz-meta-md5 1b0c047b9cf39f0866aeda927ac384ff x-amz-cf-id 49bL1-jXpREMq-RP3GTKtu0rUNdS6VcepEWd2HetgnCCfT5MRUc9Xw==
GET H2	200	js_1K4rVuYw6F5RGFeZqFHQWlmBE9jHnyy5wqj_uBgVzNs.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	5 KB 2 KB	95ms 95ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_1K4rVuYw6F5RGFeZqFHQWlmBE9jHnyy5wqj_uBgVzNs.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e9e04448e94d52e2a80e2ca5967f00e7ebfaaddad20c64c1e8d4c78e606e14c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 7 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 1076605 cf-polished origSize=7703 x-cache HIT x-ah-environment prod x-request-id v-b5883a84-1359-11ef-9c34-1ba329ccca5b cf-bgj minify last-modified Thu, 16 May 2024 07:55:04 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 88b09cd389cf2bcf-FRA expires Thu, 30 May 2024 07:55:49 GMT
GET H2	200	google_analytics.js Show response www.crainsdetroit.com/modules/contrib/google_analytics/js/	4 KB 1 KB	59ms 55ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/modules/contrib/google_analytics/js/google_analytics.js?v=9.5.3 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d8fb7264da35f0a328c76bea44722c24c4a12e7de9b690a2180b5f57e868f53 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 160979 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 36 cf-polished origSize=8219 x-cache HIT x-ah-environment prod x-request-id v-910ebbfe-d6d9-11ee-bd8b-4b0bd0ebdabd cf-bgj minify last-modified Thu, 28 Jul 2022 07:49:18 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control public, max-age=1209600 cf-ray 88b09cd3ea782bcf-FRA expires Tue, 11 Jun 2024 19:22:17 GMT
GET H2	200	js_ySV8cx5Xd25-JgzJg1_GgmeuXnQWMfpNooegsiNDl4c.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	309 KB 94 KB	99ms 98ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_ySV8cx5Xd25-JgzJg1_GgmeuXnQWMfpNooegsiNDl4c.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5897e8e09a85f610e1afffe64f8838900def6ecd2296dccbd2cf006de83c17d Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 114 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 440794 cf-polished origSize=330497 x-cache HIT x-ah-environment prod x-request-id v-91ca1668-e770-11ee-b6a2-ffd24d288645 cf-bgj minify last-modified Mon, 17 Jul 2023 11:15:01 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 88b09cd389d02bcf-FRA expires Thu, 30 May 2024 12:38:16 GMT
GET H2	200	js Show response maps.googleapis.com/maps/api/	211 KB 72 KB	61ms 55ms	Script text/javascript	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d895daaffee5d9e83272c59db5b520cb5f139c80eae5c1fa8536292055239a39 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:17 GMT content-encoding gzip x-content-type-options nosniff server scaffolding on HTTPServer2 vary Accept-Language, Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control public, max-age=1800 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73195 x-xss-protection 0
GET H2	200	js_x6MgcET8oDgbRU1afwk62u_-W0QNSJb4Oc6nUCha01I.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	182 KB 60 KB	96ms 96ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_x6MgcET8oDgbRU1afwk62u_-W0QNSJb4Oc6nUCha01I.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 95259d6c5ec410f47cc15f6a090eca13b8f2ec6c6982e164cd68d79a3815d45c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 2 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 725482 cf-polished origSize=271497 x-cache HIT x-ah-environment prod x-request-id v-12f7e2ac-0b8d-11ef-a0cd-bb47269f7111 cf-bgj minify last-modified Mon, 06 May 2024 09:43:15 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 88b09cd389d42bcf-FRA expires Thu, 30 May 2024 12:38:16 GMT
GET H2	200	tag Show response btloader.com/ Redirect Chain https://crain-com.videoplayerhub.com/galleryloader.js https://btloader.com/tag?h=crain-com&upapi=true	54 KB 18 KB	89ms 36ms	Script application/javascript	2606:4700:10::6816:4ad8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/tag?h=crain-com&upapi=true Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Server 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45b51118721ac1e34c9ef390ab6f48767e40c1752fd85c208df3221541eff597 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:17 GMT content-encoding gzip via 1.1 google cf-cache-status HIT last-modified Tue, 28 May 2024 19:00:11 GMT server cloudflare age 1255 etag "41749456c4015a9e98fb43409e03a8c4" vary Origin, Accept-Encoding content-type application/javascript cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 accept-ranges bytes cf-ray 88b09cd54e5803c4-FRA content-length 18388 Redirect headers date Tue, 28 May 2024 19:22:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lV1Lc6b77aecM24izlVclquGLSgAW945JF60%2BwTdfCqDNkKoPXZi6E4DzbyCdvG4PZzUDp7ZiuUC6G5pEhwoA9uqKYc%2FPxujCBpUGbFI9UCCjN6sGX56kTnc19DuRqczifH%2B0ORHlaD3vqhnOyQpLdFvQ0rYmK96ZW4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html location https://btloader.com/tag?h=crain-com&upapi=true cache-control max-age=3600 cf-ray 88b09cd48ba3bb4a-FRA content-length 167 expires Tue, 28 May 2024 20:22:17 GMT
GET H2	200	sitetotal.js Show response static.chartbeat.com/js/sitewidgets/	54 KB 22 KB	149ms 42ms	Script application/x-javascript	2600:9000:237d:c00:18:1fcd:354:4b41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/sitewidgets/sitetotal.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:c00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 879f8ac93353fa4011fb96c803114599fccc3bdf068c906fc2ea35b9e9715d79 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 03:37:39 GMT content-encoding gzip via 1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront) last-modified Fri, 12 Apr 2013 15:40:22 GMT server nginx x-amz-cf-pop MUC50-P2 age 56678 etag W/"51682ae6-d6df" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=86400 cross-origin-resource-policy cross-origin x-amz-cf-id _DJuGYZPU1XucaylvMK60Z4iJHNa_wI9zO9FtlPtLZpmC5K1rP9VaQ== expires Wed, 29 May 2024 03:37:39 GMT
GET H2	200	dashboard.js Show response www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/chartbeat/js/build/	2 KB 856 B	60ms 57ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/chartbeat/js/build/dashboard.js?sdsts9 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 694d8d308661f0a9835c8ba2c50f848dd8effa27fbea6938d0bbd95b9f9ee571 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 4 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 36 cf-polished origSize=2340 x-cache HIT x-ah-environment prod x-request-id v-335cb8b8-16de-11ef-82fc-37c9d7adfad7 cf-bgj minify last-modified Thu, 02 Feb 2023 06:14:38 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control public, max-age=1209600 cf-ray 88b09cd3ea7c2bcf-FRA expires Tue, 11 Jun 2024 19:22:17 GMT
GET H2	200	js_1Xgn3JgypPxP_pEz15qBRVHXdQBnbok_BeKD5idDv4g.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	48 KB 12 KB	90ms 90ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_1Xgn3JgypPxP_pEz15qBRVHXdQBnbok_BeKD5idDv4g.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b96f3ef1f0613b003f3a2c90ad363b1a22444fee0b77785ca59d2b25ce0385b Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 4 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 1070379 cf-polished origSize=67670 x-cache HIT x-ah-environment prod x-request-id v-581fcf04-136a-11ef-8c5d-9ffa383d8e88 cf-bgj minify last-modified Thu, 16 May 2024 08:34:22 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 88b09cd389d62bcf-FRA expires Thu, 30 May 2024 09:54:53 GMT
GET H2	200	crain_pelcro_user_status.js Show response www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/	3 KB 1 KB	61ms 57ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/crain_pelcro_user_status.js?sdsts9 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6e1bca811af848f4ad930170f9bc77edcd142fc90badc0218cd8c6dc57f36ed Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 4 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 36 cf-polished origSize=4140 x-cache HIT x-ah-environment prod x-request-id v-335d2384-16de-11ef-af17-87cfb891e85b cf-bgj minify last-modified Mon, 05 Feb 2024 10:35:34 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control public, max-age=1209600 cf-ray 88b09cd3ea7d2bcf-FRA expires Tue, 11 Jun 2024 19:22:17 GMT
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/	453 KB 142 KB	26ms 24ms	Script text/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software cafe / Resource Hash 28d67e38e786f668fd2626102d56948a804d96d7e7da9fab7a7cedbde80adcf4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 11:40:13 GMT content-encoding br x-content-type-options nosniff age 27724 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 144883 x-xss-protection 0 server cafe etag 4044733500222243164 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Wed, 28 May 2025 11:40:13 GMT
GET H2	200	icons.svg www.crainsdetroit.com/themes/custom/citybook_rd/dist/	20 KB 7 KB	68ms 65ms	Other image/svg+xml	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/themes/custom/citybook_rd/dist/icons.svg Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0c72f4dff7cebbfb793dee88030ddb9dc7441dc9b5acf793a3de9d6a6fd6a06 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 20 date Tue, 28 May 2024 19:22:17 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 36 x-cache HIT x-ah-environment prod x-request-id v-02c5d712-f39c-11ee-87e3-d718c4de636b last-modified Thu, 21 Mar 2024 07:34:38 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=1209600 cf-ray 88b09cd3ea7f2bcf-FRA expires Tue, 11 Jun 2024 19:22:17 GMT
GET DATA	200 OK	truncated /	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Type image/gif
GET H2	200	ijwRs572Xtc6ZYQws9YVwnNGfJ7QwOk1.woff2 fonts.gstatic.com/s/publicsans/v15/	26 KB 26 KB	105ms 24ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ7QwOk1.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,300;0,400;0,500;0,700;0,800;0,900;1,300;1,400;1,500;1,700;1,800;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8458e4b4a54eacfd1b843411542fb3c450c0b9cf9552297bfca73fc718a258ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.crainsdetroit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 14:48:54 GMT x-content-type-options nosniff age 16403 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26160 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:51:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 28 May 2025 14:48:54 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	90ms 22ms	Script text/javascript	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-2717831-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 28 May 2024 18:29:08 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3189 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 28 May 2024 20:29:08 GMT
GET H3	200	logger-1.min.js Show response cdn.lr-intake.com/	844 KB 167 KB	141ms 57ms	Script text/javascript	172.67.135.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.lr-intake.com/logger-1.min.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_KrySmYw0DZk0t3y5LqyaNuGB12jMaXNJAJujEr-DNXQ.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5dbbdd3c2b95125eb50369186b4d28f5b35fb42d08d3ba7538b4ead197b63c89 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:17 GMT strict-transport-security max-age=31556926 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 71 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230122-FRA last-modified Tue, 28 May 2024 17:36:03 GMT server cloudflare x-timer S1716917973.265411,VS0,VE2 etag W/"f3d87bc0cd40f615abe4f38667123615a677e6b2757b374eccfcf894ead09fcc-br" vary x-fh-requested-host, accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qbIdJqma6ADhuyfKsFfc%2B5qC3TrwdCFkcpXvp6%2BfICxI3OzEVH4Q1kwrhSckQ8u9b3aLFvzNkQ1q59i8Enk7EcG4k1XqK3vKbM2EntK9VPCDPjdJQTFFogvHCmet2kpw05jXSQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 88b09cd62ce74dcd-FRA x-cache-hits 1
GET H2	200	v3 Show response js.stripe.com/	604 KB 148 KB	170ms 36ms	Script text/javascript	18.66.192.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_KrySmYw0DZk0t3y5LqyaNuGB12jMaXNJAJujEr-DNXQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-5.muc50.r.cloudfront.net Software Cloudfront / Resource Hash 4b9d8501d18b7d7d15f37dd0a24393985bf0983998f9a0233bf7bb1f0a153f58 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:21:46 GMT content-encoding br via 1.1 66ce4848bcf993e3c57b596461cd0b82.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 38 x-amz-cf-pop MUC50-P1 x-cache Hit from cloudfront last-modified Tue, 28 May 2024 17:51:08 GMT server Cloudfront etag W/"24824babf8a0fadb9de8e039eb9a48e1" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id R0nIjRFEQPF69JlOhCVKowNvgyxbCfrxJUz4RNmrNleE5fmLT4-FPQ==
GET H2	403	crainsdetroit.com Show response pubcast-files.remixd.com/player-configs/	111 B 497 B	200ms 130ms	Fetch application/xml	35.190.38.143 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubcast-files.remixd.com/player-configs/crainsdetroit.com Requested by Host: tags.remixd.com URL: https://tags.remixd.com/player/v5/index.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 143.38.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash 08142330655deb1526dcc56795c92eb5c13012f75b599d5ac68db4027953ed80 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT server UploadServer x-guploader-uploadid ABPtcPqemSZnkZ-NfHNHIhdF7JpWe5HE-BQ_4hfG_H5eT0kk8EjkQnwFtzRES_-ChH-58GKmmBmQkbdcOQ content-type application/xml; charset=UTF-8 access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Length, Content-Type, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control private, max-age=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111 expires Tue, 28 May 2024 19:22:18 GMT
GET H2	200	/ Show response mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/	235 B 528 B	220ms 129ms	XHR application/json	2a04:4e42:600::714 FASTLY
General Check archive.org Show headers Download Go to Full URL https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=crainsdetroit.com&domain=crainsdetroit.com&path=%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group Requested by Host: static.chartbeat.com URL: https://static.chartbeat.com/js/chartbeat_mab.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 192574e33506cbc2db0a4a31e24e7a72abe1bd1fc08f10da2e1e0d789bbed5fe Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 0 date Tue, 28 May 2024 19:22:18 GMT content-encoding gzip via 1.1 varnish (Varnish/6.0), 1.1 varnish age 0 x-cache MISS cross-origin-resource-policy cross-origin content-length 170 x-served-by cache-fra-etou8220147-FRA x-timer S1716924138.042833,VS0,VE106 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type application/json access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 accept-ranges bytes expires Sun, 26 May 2024 19:22:18 GMT
GET H3	200	gen_204 Show response maps.googleapis.com/maps/api/mapsjs/	3 B 45 B	100ms 31ms	XHR application/json	172.217.18.10 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.10 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f10.1e100.net Software scaffolding on HTTPServer2 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-encoding gzip x-content-type-options nosniff server scaffolding on HTTPServer2 vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://www.crainsdetroit.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23 x-xss-protection 0
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 211 B	35ms 34ms	XHR text/plain	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1753722988&t=pageview&_s=1&dl=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&ul=de-de&de=UTF-8&dt=Flagstar%20bank%20paid%20%241%20million%20in%20bitcoin%20to%20a%20ransomware%20group%20%7C%20Crain%27s%20Detroit%20Business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1932420982&gjid=587458929&cid=2061948632.1716924138&tid=UA-2717831-1&_gid=604465270.1716924138&_r=1&gtm=457e45m0za200&gcd=13l3l3l2l3&dma_cps=sypham&dma=1&did=dMDhkMT&gdid=dMDhkMT&npa=1&z=1410462315 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Content-Type text/plain Response headers pragma no-cache date Tue, 28 May 2024 19:22:17 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.crainsdetroit.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	218 KB 59 KB	147ms 26ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 28 May 2024 19:22:18 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57845 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=23, rtx=0, c=12, mss=1294, tbw=2786, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug yy2I0VGmmwzgyBEYVCD7CN2xLCzollwvbgK/GzoALY8Zz39oFW+/3vbkQPXU/tB+jNNj+Lh9EQwXVHHzVpnC1w== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	173ms 38ms	Script application/javascript	146.75.120.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-encoding gzip last-modified Fri, 22 Mar 2024 21:07:24 GMT x-amz-server-side-encryption AES256 etag "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15412 x-served-by cache-iad-kiad7000168-IAD, cache-fra-etou8220132-FRA
GET H2	200	id Show response dpm.demdex.net/	375 B 926 B	178ms 49ms	XHR application/json	54.76.80.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=138FFF2554E6E7220A4C98C6%40AdobeOrg&d_nsid=0&ts=1716924137997 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.76.80.14 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-80-14.eu-west-1.compute.amazonaws.com Software / Resource Hash 6643fbe05c585757f4cd1a17756ec52036defa3e3d91e2822f20bf5f3bd85f86 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Content-Type application/x-www-form-urlencoded Response headers dcs dcs-prod-irl1-2-v061-06759cdcc.edge-irl1.demdex.com 2 ms pragma no-cache date Tue, 28 May 2024 19:22:18 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-tid PkE4jOnKTcg= vary Origin content-type application/json;charset=utf-8 p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" access-control-allow-origin https://www.crainsdetroit.com cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private access-control-allow-credentials true content-length 316 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	js Show response www.googletagmanager.com/gtag/	221 KB 80 KB	113ms 86ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-593664384&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-2717831-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3d0bf74dc6d39fc96951f557c2b675593ae5d0e774abd82018d4a1ad8cab895b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 82034 x-xss-protection 0 last-modified Tue, 28 May 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 28 May 2024 19:22:18 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	263 KB 92 KB	106ms 80ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-R975N3VDSQ&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-2717831-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d439e644d4c953823841cda3b1dcfe16863087337f6adf60fcb60309aeaae3da Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93597 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 28 May 2024 19:22:18 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	263 KB 92 KB	106ms 80ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-R975N3VDSQ&l=dataLayer Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6d4e8cb41cacd479cc3becf22fbc8644332201fa373c151275f3a8cddabf0d4c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93628 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 28 May 2024 19:22:18 GMT
GET H2	200	tag.aspx Show response ml314.com/	33 KB 11 KB	139ms 27ms	Script application/javascript	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ml314.com/tag.aspx?284 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash b65f414221cf068135ffc1d6b5a814da1b1a363325b451698c52a4064303a5bb Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 18:51:27 GMT via 1.1 google content-encoding br age 1851 x-guploader-uploadid ABPtcPqawNwcjBHxCovos8rNeGkB3DVVSwbjIn1_AD8kkDMVaFMWqM-ZSL7V8roQhGwiveXqpec x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10611 last-modified Tue, 07 May 2024 22:27:04 GMT server UploadServer vary Accept-Encoding x-goog-generation 1715120823907330 x-goog-hash crc32c=10AurQ==, md5=zLoLKAsL6lcopoHLyCZEiw== content-type application/javascript cache-id FRA-fa985ced cache-control public,max-age=3600 x-cache-hit hit x-goog-stored-content-length 34184 accept-ranges bytes
GET H2	200	get Show response vi.ml314.com/	843 B 712 B	167ms 57ms	Script application/javascript	35.201.104.135 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://vi.ml314.com/get?eid=69120&tk=weP6qvbwC4vTzjKxXoXB2fkYVMrqAXGxMEdSJ6g2fHRUg3d&fp= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 135.104.201.35.bc.googleusercontent.com Software Google Frontend / Resource Hash 417218f9d21abfed0cfdb67a55c3fbdbdb4d3ae2a97d10665f0dfe49a252e981 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=2592000 content-encoding br via 1.1 google date Tue, 28 May 2024 19:22:18 GMT server Google Frontend vary Accept-Encoding content-type application/javascript cache-control private,max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	LogRocket.min.js Show response cdn.lr-ingest.com/	112 KB 30 KB	154ms 47ms	Script text/javascript	172.67.153.27 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.lr-ingest.com/LogRocket.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.153.27 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2dd12f6fc487e0239f54f24401e7b7820d5296e797c5e8bb21378c546251afab Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://www.crainsdetroit.com/ Origin https://www.crainsdetroit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT strict-transport-security max-age=31556926 content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230033-FRA last-modified Tue, 28 May 2024 17:36:03 GMT server cloudflare x-timer S1716919938.909817,VS0,VE2 etag W/"d4892bc8f4ef0daf9c9181e7ad091067c8faa7588c08d0466c8f5ed17203cc6e-br" vary x-fh-requested-host, accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vS%2FbXENUgHkZ%2FemP7eOmfx%2FOe1BN6ZaDP9%2FIvYtFwKxRvW%2BNTVWe0pjQ3UjsKtJCMDNpDGcsmkcQB1EOeR7dVVnCKc%2F5RxutySGFv9jnDvG5JQ3bEvt6DSG0cRIrxR%2FYk0D4gg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 88b09cd74fa11c15-FRA x-cache-hits 1
GET H2	200	notice Show response consent.trustarc.com/	36 KB 11 KB	181ms 74ms	Script text/javascript	108.138.36.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://consent.trustarc.com/notice?domain=crain.com&c=teconsent&text=true&pcookie=true&cdn=1&gtm=true&js=bb&noticeType=bb&privacypolicylink=%2Fprivacy-policy&cookieLink=%2Fprivacy-policy Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-50.muc50.r.cloudfront.net Software / Resource Hash c283594bb7accb6f234bacc5bcfc0942380a8b943bc56f351b6d92e94d10f54b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.crainsdetroit.com/ Origin https://www.crainsdetroit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-encoding gzip via 1.1 210c8ad3e752d602af05a2de06eb2ff8.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop MUC50-P2 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript; charset=UTF-8 access-control-allow-origin * access-control-expose-headers * cache-control max-age=3600 x-amz-cf-id Tbnj5gO0Fa9gYmYDDc0JtzE7i20_we_T0oJ82rNIUAY-_MKKsKUvSA==
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 350 B	120ms 32ms	XHR text/plain	2a00:1450:400c:c06::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2717831-1&cid=2061948632.1716924138&jid=1932420982&gjid=587458929&_gid=604465270.1716924138&npa=1&_u=YEBAAUAAAAAAACAAI~&z=396043407 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 28 May 2024 19:22:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.crainsdetroit.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tag btloader.com/ Redirect Chain https://crain-com.videoplayerhub.com/galleryloader.js https://btloader.com/tag?h=crain-com&upapi=true	54 KB 64 B	37ms 35ms	Other application/javascript	2606:4700:10::6816:4ad8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/tag?h=crain-com&upapi=true Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Server 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45b51118721ac1e34c9ef390ab6f48767e40c1752fd85c208df3221541eff597 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT via 1.1 google content-encoding gzip cf-cache-status HIT last-modified Tue, 28 May 2024 19:00:11 GMT server cloudflare age 1256 etag "41749456c4015a9e98fb43409e03a8c4" vary Origin, Accept-Encoding content-type application/javascript cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 accept-ranges bytes cf-ray 88b09cd7899f03c4-FRA content-length 18388 Redirect headers date Tue, 28 May 2024 19:22:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lV1Lc6b77aecM24izlVclquGLSgAW945JF60%2BwTdfCqDNkKoPXZi6E4DzbyCdvG4PZzUDp7ZiuUC6G5pEhwoA9uqKYc%2FPxujCBpUGbFI9UCCjN6sGX56kTnc19DuRqczifH%2B0ORHlaD3vqhnOyQpLdFvQ0rYmK96ZW4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html location https://btloader.com/tag?h=crain-com&upapi=true cache-control max-age=3600 cf-ray 88b09cd48ba3bb4a-FRA content-length 167 expires Tue, 28 May 2024 20:22:17 GMT
GET H2	200	websiteconfig Show response btloader.com/	743 B 646 B	310ms 152ms	Fetch application/json	2606:4700:10::6816:4ad8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/websiteconfig?bt_env=prod&o=5764463032532992&w=crainsdetroit.com Requested by Host: crain-com.videoplayerhub.com URL: https://crain-com.videoplayerhub.com/galleryloader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa502f63aab9e29c9c9c741f41f406631e27c33ed3f66c74478f23e459e704d0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-encoding gzip via 1.1 google cf-cache-status DYNAMIC last-modified Tue, 28 May 2024 19:20:30 GMT server cloudflare etag "f6c2b6f35d469ff0ecc6499a0d8403f9" vary Origin content-type application/json access-control-allow-origin * cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 cf-ray 88b09cd7b8014dac-FRA content-length 383
GET H2	204	state Show response api.btloader.com/mw/	0 101 B	459ms 140ms	Fetch	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/mw/state?bt_env=prod Requested by Host: crain-com.videoplayerhub.com URL: https://crain-com.videoplayerhub.com/galleryloader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-origin * date Tue, 28 May 2024 19:22:18 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
GET H2	200	px.gif ad-delivery.net/	43 B 920 B	144ms 42ms	Image image/gif	2606:4700:20::681a:246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=2 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2247476 x-guploader-uploadid ABPtcPrFopxpETV_VgTINWFPQ6T7PuKJ5v-fsjgOAXNEYKyeY6je4FtZiOmg6fznPvZChSmUT1k x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=159WZd6BgAR0ibikGBtmEYKgquesxB3ii1pBgG5wPCrv08ej%2F5dWKdxvF6adL9N9pDv8lFn8rE4CYzKeSNg9Eui%2Fi%2FLX6JuIJKOvmK%2BZVaenNbkyqZlUrG%2FM1%2BQ28ZLlWh3rjocjg%2F6VLIvEBA%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 88b09cd7680f5d88-FRA expires Thu, 02 May 2024 19:56:54 GMT
GET H3	200	favicon.ico ad.doubleclick.net/	1 KB 130 B	96ms 26ms	Image image/x-icon	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 14:34:38 GMT content-encoding gzip x-content-type-options nosniff age 17260 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 104 x-xss-protection 0 last-modified Tue, 08 May 2012 13:08:06 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/x-icon access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 29 May 2024 14:34:38 GMT
GET H2	200	px.gif ad-delivery.net/	43 B 336 B	40ms 38ms	Image image/gif	2606:4700:20::681a:246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=1&e=0.49516436740871317 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2247476 x-guploader-uploadid ABPtcPrFopxpETV_VgTINWFPQ6T7PuKJ5v-fsjgOAXNEYKyeY6je4FtZiOmg6fznPvZChSmUT1k x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3MwBppRdUXXPpg%2FwzMkacDHOoIGlYEWZRUjtYp29O1310VU8O9n%2BvdhPgFEhL4pA5Co2t8cWxCwKSLyeTLsFuw4Asl3Jat9vsrXr9lWZk3juJdvbHRv89yMqSDvb0c1etKKGjlyp5i7Scchj4g%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 88b09cd788375d88-FRA expires Thu, 02 May 2024 19:56:54 GMT
GET H2	200	chartbeat.js Show response static.chartbeat.com/js/	38 KB 15 KB	34ms 33ms	Script application/x-javascript	2600:9000:237d:c00:18:1fcd:354:4b41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/chartbeat/js/build/dashboard.js?sdsts9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:c00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 3d107b341b2356549974efad9aa65c0d321c5627a0e9bc8681223e8f69688d80 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 18:16:51 GMT content-encoding gzip via 1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront) last-modified Thu, 11 Apr 2024 00:12:34 GMT server nginx x-amz-cf-pop MUC50-P2 age 3927 etag W/"66172af2-9889" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=7200 cross-origin-resource-policy cross-origin x-amz-cf-id rG5up73n8uxzPTY3nlKrodeBizoHNWyXe1xc8qlnzgyRhIbR7m37Fw== expires Tue, 28 May 2024 20:16:51 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	47 KB 17 KB	167ms 59ms	Script application/javascript	2a02:26f0:3500:16::215:149b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 06 May 2024 17:20:18 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=44963 accept-ranges bytes content-length 16683
GET H2	200	RCa1ef3faa49e84abf89a7410820c6c505-source.min.js Show response assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/	377 B 508 B	48ms 47ms	Script application/x-javascript	2a02:26f0:3500:592::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/RCa1ef3faa49e84abf89a7410820c6c505-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:592::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash b4910ab351d6b75afc3397714f5d0ede5809dfd642fbc43ef390e44519c2b4d6 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-encoding gzip last-modified Mon, 26 Feb 2024 11:48:25 GMT server AkamaiNetStorage etag "2802d3aea24d254dd967b5eff9bf953e:1708948105.733511" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://www.crainsdetroit.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 247 expires Tue, 28 May 2024 20:22:18 GMT
GET H2	200	RC78c47e69cfbf44d8bcc4b5ba97685ba4-source.min.js Show response assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/	401 B 515 B	49ms 49ms	Script application/x-javascript	2a02:26f0:3500:592::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/RC78c47e69cfbf44d8bcc4b5ba97685ba4-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:592::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 2658d58658e760341eb4e0233a076241d20647c97b71e1b64c57c3ca263578bd Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-encoding gzip last-modified Mon, 26 Feb 2024 11:48:25 GMT server AkamaiNetStorage etag "2802d3aea24d254dd967b5eff9bf953e:1708948105.733511" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://www.crainsdetroit.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 254 expires Tue, 28 May 2024 20:22:18 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	127ms 55ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Tue, 28 May 2024 19:22:17 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: B75DEC5DDB5A4FE29F4C8C21E95AE9C7 Ref B: FRAEDGE1315 Ref C: 2024-05-28T19:22:18Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	spm.v1.min.js Show response ak.sail-horizon.com/spm/	103 KB 34 KB	132ms 35ms	Script application/javascript	18.173.187.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ak.sail-horizon.com/spm/spm.v1.min.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_1K4rVuYw6F5RGFeZqFHQWlmBE9jHnyy5wqj_uBgVzNs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.80 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-80.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:16:48 GMT content-encoding gzip via 1.1 de8b46af7190cc021fd8b12be6996a2e.cloudfront.net (CloudFront) last-modified Tue, 20 Feb 2024 06:45:39 GMT server AmazonS3 x-amz-cf-pop MUC50-P4 age 331 x-amz-server-side-encryption AES256 etag W/"6a90e37d3f128291a2aab5a6b31ac0a6" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=600; must-revalidate x-amz-cf-id DMvddcKbtVYNLUX8ZFqFNbppXWuEK1fz9Y38hmG6NaieYgM2P_v_sQ==
GET H3	200	ebx.js Show response applets.ebxcdn.com/	464 B 992 B	76ms 36ms	Script application/javascript	172.67.212.172 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://applets.ebxcdn.com/ebx.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_lyb0K5ITaniwcgo-uFqLgufjqgYVW6mPAkzWFQRWKOQ.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.212.172 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-encoding br x-amzn-remapped-content-length 464 cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 81 x-amzn-requestid 8b7961e9-7332-43c3-9eef-a61a96047407 x-amz-apigw-id Yfw3_FvmjoEEAuw= alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed Aug 30 13:25:09 GMT 2023 server cloudflare x-amzn-trace-id Root=1-66562e99-689536483a07bbfe294cd09b;Parent=1a73271d6bf8e522;Sampled=0;lineage=7936cbcf:0 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Af60bf2%2BOzw%2FabZUJ5kX%2BhuJqP%2FovRQiXP61reC6N%2B0uQ%2F4xYJvN32Y%2Bxva1RhCQjaCvVggHPUQC9NF3292JDj36DUjn8%2BCoBkdi02SE1WK4bW4f75rhj8ASnL74Mf4tYkVklk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=7200 cf-ray 88b09cd7fbd23734-FRA
OPTIONS H2	204	site www.pelcro.com/api/v1/sdk/ Frame	0 0	780ms 696ms	Preflight	2606:4700:10::6816:858 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/site?site_id=5070&language=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers cache-control,x-pelcro-sdk-version Access-Control-Request-Method GET Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers cache-control,x-pelcro-sdk-version access-control-allow-methods GET access-control-allow-origin * access-control-max-age 0 cache-control max-age=0 cf-cache-status DYNAMIC cf-ray 88b09cd7fe2d3aa0-FRA date Tue, 28 May 2024 19:22:18 GMT expires Tue, 28 May 2024 19:22:18 GMT referrer-policy strict-origin-when-cross-origin server cloudflare vary Access-Control-Request-Method, Access-Control-Request-Headers x-content-type-options nosniff
GET H2	200	site Show response www.pelcro.com/api/v1/sdk/	11 KB 2 KB	164ms 164ms	XHR application/json	2606:4700:10::6816:858 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/site?site_id=5070&language=en Requested by Host: js.pelcro.com URL: https://js.pelcro.com/sdk/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42a5cf957cd4ef3d5f7dc4e73b6692f8bb589113a49986f4c68b8fdb64d8a330 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json Cache-Control max-age=0 Referer https://www.crainsdetroit.com/ X-Pelcro-Sdk-Version 2.17.0 Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Tue, 28 May 2024 19:13:22 GMT server cloudflare vary Accept-Encoding content-language en access-control-allow-origin * content-type application/json; charset=utf-8 cache-control max-age=0 cf-ray 88b09cdc4ce03aa0-FRA expires Tue, 28 May 2024 19:13:22 GMT
GET H2	200	micro-logo.svg www.crainsdetroit.com/themes/custom/citybook_rd/images/cdb/	4 KB 1 KB	418ms 417ms	Image image/svg+xml	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.crainsdetroit.com/themes/custom/citybook_rd/images/cdb/micro-logo.svg Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb947a7f8ed92bb31038d96a8e36f2f844bb8c8c925ea96183a0d647748cd5c9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 10 date Tue, 28 May 2024 19:22:18 GMT via varnish x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding br x-cache HIT x-ah-environment prod x-request-id v-0fbb780a-f39c-11ee-85e9-3341b37fc536 last-modified Mon, 13 Feb 2023 08:12:37 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=1209600 cf-ray 88b09cd76ffc2bcf-FRA expires Tue, 11 Jun 2024 19:22:18 GMT
GET H2	200	2JEN3RX.jpg s3-rd-prod.crainsdetroit.com/styles/1024x512/s3/	36 KB 36 KB	609ms 527ms	Image image/jpeg	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s3-rd-prod.crainsdetroit.com/styles/1024x512/s3/2JEN3RX.jpg Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b4f22f30d39cb4bcedecf40d500aa953c8d891970f73e0b9b61d97c4666330b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT cf-cache-status MISS last-modified Wed, 13 Mar 2024 14:52:32 GMT server cloudflare x-amz-request-id MBJNQGY07V26GKYH etag "068ae438ea24e57c10b4d16a64680f4a" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type image/jpeg cache-control public, max-age=3600 accept-ranges bytes cf-ray 88b09cd84fba39d4-FRA content-length 36920 x-amz-id-2 5bMiAzkJV/GPJe99BH0LTrTWDu1D//2qJT1929sPUU63+FP38UWLQYqKtanKb0SkJ4PRmGfwAXo= expires Tue, 28 May 2024 20:22:18 GMT
OPTIONS H2	204	authorization www.pelcro.com/api/v1/sdk/members/ip/ Frame	0 0	814ms 738ms	Preflight	2606:4700:10::6816:858 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers cache-control,x-pelcro-sdk-version Access-Control-Request-Method GET Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers cache-control,x-pelcro-sdk-version access-control-allow-methods GET access-control-allow-origin * access-control-max-age 0 cache-control max-age=0 cf-cache-status DYNAMIC cf-ray 88b09cd7fe303aa0-FRA date Tue, 28 May 2024 19:22:18 GMT expires Tue, 28 May 2024 19:22:18 GMT referrer-policy strict-origin-when-cross-origin server cloudflare vary Access-Control-Request-Method, Access-Control-Request-Headers x-content-type-options nosniff
OPTIONS H2	204	country www.pelcro.com/api/v1/sdk/geo/ Frame	0 0	781ms 705ms	Preflight	2606:4700:10::6816:858 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/geo/country?site_id=5070&language=en&locale=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers cache-control,x-pelcro-sdk-version Access-Control-Request-Method GET Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers cache-control,x-pelcro-sdk-version access-control-allow-methods GET access-control-allow-origin * access-control-max-age 0 cache-control max-age=0 cf-cache-status DYNAMIC cf-ray 88b09cd7fe343aa0-FRA date Tue, 28 May 2024 19:22:18 GMT expires Tue, 28 May 2024 19:22:18 GMT referrer-policy strict-origin-when-cross-origin server cloudflare vary Access-Control-Request-Method, Access-Control-Request-Headers x-content-type-options nosniff
GET H2	404	authorization Show response www.pelcro.com/api/v1/sdk/members/ip/	76 B 161 B	441ms 441ms	XHR application/json	2606:4700:10::6816:858 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en Requested by Host: js.pelcro.com URL: https://js.pelcro.com/sdk/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee2057b29ca580da0aab4aa5c20f0cf9204c5e80025bbcaa343ecefbf0b0f420 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json Cache-Control max-age=0 Referer https://www.crainsdetroit.com/ X-Pelcro-Sdk-Version 2.17.0 Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-language en access-control-allow-origin * content-type application/json; charset=utf-8 cache-control no-cache, private cf-ray 88b09cdc8d4a3aa0-FRA
GET H2	200	country Show response www.pelcro.com/api/v1/sdk/geo/	5 KB 3 KB	347ms 346ms	XHR application/json	2606:4700:10::6816:858 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/geo/country?site_id=5070&language=en&locale=en Requested by Host: js.pelcro.com URL: https://js.pelcro.com/sdk/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ba5484f689481b134a0ddf78b337af0f276a33c1c4019f9d088aa6b96f2b7de Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json Cache-Control max-age=0 Referer https://www.crainsdetroit.com/ X-Pelcro-Sdk-Version 2.17.0 Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-language en access-control-allow-origin * content-type application/json; charset=utf-8 cache-control max-age=0 cf-ray 88b09cdc5d013aa0-FRA expires Tue, 28 May 2024 19:22:19 GMT
GET BLOB	200 OK	91edb47c-d122-43e0-85e3-695d76a03e58 https://www.crainsdetroit.com/	471 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://www.crainsdetroit.com/91edb47c-d122-43e0-85e3-695d76a03e58 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 54f823e7e1dd61227526f6af66dc2e6ce6a0828d23f729aa16d66990eb519f86 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Length 482075 Content-Type
GET H2	200	ping ping.chartbeat.net/	43 B 201 B	384ms 116ms	Image image/gif	44.196.156.25 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=crainsdetroit.com&p=%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&u=DYQofBDxCJ-TBh_nF-&d=crainsdetroit.com&g=25465&g0=No%20Section&g1=Anna%20Fifelski&n=1&f=00001&c=0&x=0&m=0&y=4727&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&b=3854&t=CPW2SVCrKSjVD6GDouDsfevlCdTW1E&V=145&i=Flagstar%20bank%20paid%20%241%20million%20in%20bitcoin%20to%20a%20ransomware%20group%20%7C%20Crain%27s%20Detroit%20Business&tz=-120&_acct=anon&sn=1&sv=DnPoCLCMdvAWCbgHxXDgRaOWBg4b5z&sr=external&sd=1&im=067b0fff&_ Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.196.156.25 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-196-156-25.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers content-type image/gif pragma no-cache date Tue, 28 May 2024 19:22:18 GMT cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-length 43 expires 0
GET H2	200	dest5.html craommunications.demdex.net/ Frame 6D5F	0 0	178ms 51ms	Document text/html	54.76.80.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://craommunications.demdex.net/dest5.html?d_nsid=0 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.76.80.14 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-80-14.eu-west-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding gzip content-type text/html;charset=UTF-8 date Tue, 28 May 2024 19:22:18 GMT dcs dcs-prod-irl1-2-v061-019f98eea.edge-irl1.demdex.com 0 ms expires Thu, 01 Jan 1970 00:00:00 UTC last-modified Thu, 9 May 2024 12:26:23 GMT p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" pragma no-cache strict-transport-security max-age=31536000; includeSubDomains vary accept-encoding x-tid 6PktdR3cR54=
GET H2	200	ibs:dpid=411&dpuuid=ZlYu6gAAAIRIXQOV dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=47770903756863769360338570988350051557 https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZlYu6gAAAIRIXQOV	42 B 718 B	52ms 52ms	Image image/gif	54.76.80.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZlYu6gAAAIRIXQOV Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Server 54.76.80.14 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-80-14.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers dcs dcs-prod-irl1-2-v061-0b1e3d3ac.edge-irl1.demdex.com 4 ms pragma no-cache date Tue, 28 May 2024 19:22:18 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid FnHcsjFlRCY= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZlYu6gAAAIRIXQOV Date Tue, 28 May 2024 19:22:18 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
POST H2	200	delivery Show response craommunications.tt.omtrdc.net/rest/v1/	359 B 855 B	188ms 62ms	XHR application/json	66.235.152.156 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://craommunications.tt.omtrdc.net/rest/v1/delivery?client=craommunications&sessionId=51676f3e7a3b4d05ad9a075034e6b426&version=2.10.2 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.235.152.156 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-66-235-152-156.data.adobedc.net Software jag / Resource Hash d3138b288b6890934c21194eca4569f419f053a1ff5e241e8e5e1512758c4b7e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Content-Type text/plain Response headers date Tue, 28 May 2024 19:22:18 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31536000; includeSubDomains accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List server jag x-content-type-options nosniff vary origin,access-control-request-method,access-control-request-headers,accept-encoding content-type application/json;charset=UTF-8 access-control-allow-origin https://www.crainsdetroit.com cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block x-request-id 209cb80d-4fa9-45fa-91c1-d61b5da5d81a
GET H2	200	utsync.ashx Show response ml314.com/	62 B 245 B	53ms 52ms	Script application/javascript	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=69120&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&pv=1716924138258_r788zjrhj&bl=de-de&cb=6561843&return=&ht=&d=&dc=&si=1716924138258_r788zjrhj&cid=&s=1600x1200&rp=&v=2.7.2.162 Requested by Host: ml314.com URL: https://ml314.com/tag.aspx?284 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Tue, 28 May 2024 19:22:18 GMT via 1.1 google, 1.1 google server Google Frontend content-type application/javascript p3p CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0
GET H2	200	adsct t.co/i/	43 B 376 B	598ms 515ms	Image image/gif	93.184.221.165 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=2497feff-12fb-482a-9ac2-5e7206857298&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=29460e78-b310-4349-8266-bf38a83df1bf&tw_document_href=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4r93&type=javascript&version=2.3.30 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-response-time 109 date Tue, 28 May 2024 19:22:18 GMT strict-transport-security max-age=0 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id e0062bf1dc6440e1 cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash 68e7ea12664618169a9964898aff93dcf641df912cb26654eee851577f5b0ee3 content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 393 B	272ms 210ms	Image image/gif	104.244.42.131 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=2497feff-12fb-482a-9ac2-5e7206857298&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=29460e78-b310-4349-8266-bf38a83df1bf&tw_document_href=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4r93&type=javascript&version=2.3.30 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.131 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-response-time 186 date Tue, 28 May 2024 19:22:17 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 834cfaa61dd1ce3c cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash ef2c3e033a99025ce6baa67acb74c1b3e815c56af768c0db60660be61093aee2 content-length 43
GET H2	200	637988649571323 Show response connect.facebook.net/signals/config/	66 KB 14 KB	30ms 29ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/637988649571323?v=2.9.156&r=stable&domain=www.crainsdetroit.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c9f4f16aaf1e977084d9641dac07d9670f4df6820929ed2c51159b4ee4e114f2 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 28 May 2024 19:22:18 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 13789 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=24, rtx=0, c=63, mss=1294, tbw=63370, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug /EZxQpVig0oPOAhh+8JUQdpXPQ2nNkX+PTyuxjD0afLHYyToJwr/sj+TWDCr2PrvQyGhW1I1kPGzil8AyNmgjw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	logger-1.min.js Show response cdn.lr-ingest.com/	844 KB 167 KB	88ms 52ms	Script text/javascript	172.67.153.27 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.lr-ingest.com/logger-1.min.js Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.153.27 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5dbbdd3c2b95125eb50369186b4d28f5b35fb42d08d3ba7538b4ead197b63c89 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT strict-transport-security max-age=31556926 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 283 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230040-FRA last-modified Tue, 28 May 2024 17:36:03 GMT server cloudflare x-timer S1716917868.713508,VS0,VE2 etag W/"f3d87bc0cd40f615abe4f38667123615a677e6b2757b374eccfcf894ead09fcc-br" vary x-fh-requested-host, accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wS06iWYh9lgOFhON0ccHvj2WTHf6anf10kKQk7DPPKjdCPTHpC5tBIqDUaaVvDUVbWsyV5lki9TuHjHeoY4VWcyejYrBRuASG9zvdLjBTCwIyKlxYmerqy2%2FQZV9Ex%2F0CELtkQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 88b09cd889982bcf-FRA x-cache-hits 1
GET H2	200	quant.js Show response secure.quantserve.com/	23 KB 9 KB	100ms 31ms	Script application/javascript	2620:116:800d:21:ef75:8280:f209:5ba1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-encoding gzip etag "bvEECQq4Zy6gU9J/qv1O6Q==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Tue, 04 Jun 2024 19:22:18 GMT
GET H2	200	hotjar-1906609.js Show response static.hotjar.com/c/	9 KB 4 KB	154ms 68ms	Script application/javascript	18.66.192.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1906609.js?sv=6 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-117.muc50.r.cloudfront.net Software / Resource Hash d9823bb468c270aa7f0056e34281856598807b744ec249456086f9fee1309f96 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Tue, 28 May 2024 19:22:18 GMT via 1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 etag W/e2dec59290d643bdcadde60bc5fb112f vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id GMUNnX8llUQZyO-diDtudRtm6i7LLPSCvhUy2KD2osy9UXpvAgq_CA==
GET H2	200	zcpt.js Show response js-tag.zemanta.com/	8 KB 3 KB	119ms 52ms	Script application/javascript	2606:4700:10::ac43:247d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-tag.zemanta.com/zcpt.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 18 Apr 2023 08:53:31 GMT server cloudflare x-amz-request-id D9G4SV32Y4YE5TJK age 4921 etag W/"6376a488d713d6cf8cf3d1ebfb5e6361" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript cache-control max-age=14400 cf-ray 88b09cd8fe80a5ff-FRA x-amz-id-2 ayBLhEjJfv6Ff90KGcFek3cSqJijXLjn5zk8g8UT2LmsGhntjnAhEqhQci5mrtu8CV9daP7dBR4=
GET H/1.1	200 OK	cci-firstTouchCookie.js Show response crain-global.s3.amazonaws.com/global/js/	3 KB 4 KB	351ms 125ms	Script application/javascript	52.217.174.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://crain-global.s3.amazonaws.com/global/js/cci-firstTouchCookie.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.217.174.57 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash a52bf805948390e3ecf0ee9bf232f1563a9d8cae24a20152845730f355adedbb Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Date Tue, 28 May 2024 19:22:19 GMT Last-Modified Tue, 26 Sep 2023 14:12:59 GMT Server AmazonS3 x-amz-request-id MBJMX6G45ZCKYNHY ETag "b79b890f95a91ffbf5a1e0c99ee5eeed" x-amz-server-side-encryption AES256 Content-Type application/javascript Accept-Ranges bytes Content-Length 3185 x-amz-id-2 O/5NXfFWEwM1aNptKBMuLRwPjRURenGlXxh7ULo7WutTwvoivmnTEJcJ2u2D9pZJ1qnAO8M4koE=
GET H2	200	controller-with-preconnect-3fbc0ed655160d55aad08c8859fde6be.html js.stripe.com/v3/ Frame 349E	0 0	88ms 31ms	Document text/html	18.66.192.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-with-preconnect-3fbc0ed655160d55aad08c8859fde6be.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-70.muc50.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes access-control-allow-origin * age 36 cache-control max-age=60, stale-while-revalidate=900 content-length 391 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 28 May 2024 19:21:43 GMT etag "3fbc0ed655160d55aad08c8859fde6be" last-modified Tue, 28 May 2024 17:04:30 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 3ddbbcaacc1ba68ddfab04ef45c3ca98.cloudfront.net (CloudFront) x-amz-cf-id t0qIiCKnhdKoBnZuK_EfztDn8eXRqk0AhTByaMRrhYXhZa-6mPWdBA== x-amz-cf-pop MUC50-P1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	v1.7-518 Show response consent.trustarc.com/asset/notice.js/v/	93 KB 27 KB	45ms 33ms	Script text/javascript	108.138.36.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://consent.trustarc.com/asset/notice.js/v/v1.7-518 Requested by Host: consent.trustarc.com URL: https://consent.trustarc.com/notice?domain=crain.com&c=teconsent&text=true&pcookie=true&cdn=1&gtm=true&js=bb&noticeType=bb&privacypolicylink=%2Fprivacy-policy&cookieLink=%2Fprivacy-policy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-50.muc50.r.cloudfront.net Software / Resource Hash 3ff80193262277c622c6aca0b7e948f6820649d50bc83fe6414eedb1b38fdddd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.crainsdetroit.com/ Origin https://www.crainsdetroit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma public date Tue, 28 May 2024 18:43:18 GMT content-encoding gzip via 1.1 210c8ad3e752d602af05a2de06eb2ff8.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 16 May 2024 02:51:23 GMT x-amz-cf-pop MUC50-P2 age 2340 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript access-control-allow-origin * access-control-expose-headers * cache-control max-age=2592000 x-amz-cf-id d4w2iIZZkjZsuRfqEuBjlDXGm2ZTAP2cmhqROiSE8hZMHuPhII6Bgg==
GET H2	200	log consent.trustarc.com/	43 B 1 KB	126ms 67ms	Image image/gif	108.138.36.50 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://consent.trustarc.com/log?domain=crain.com&country=de&state=&behavior=implied&session=6c61dc46-6811-44fe-b7ac-10625b9d893e&userType=NEW&c=8ee4 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-50.muc50.r.cloudfront.net Software / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-security-policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains via 1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop MUC50-P2 cross-origin-embedder-policy unsafe-none x-cache Miss from cloudfront cross-origin-resource-policy cross-origin content-length 43 x-xss-protection 1; mode=block pragma no-cache referrer-policy strict-origin-when-cross-origin cross-origin-opener-policy cross-origin expect-ct enforce, max-age=60 x-frame-options SAMEORIGIN vary Origin content-type image/gif cache-control private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy geolocation=(), camera=(), speaker=(), microphone=(), vibrate=() x-amz-cf-id h4ja8XpWqCpIGepGAVKyKXbSUJhh_K4XkYNYeD96Cta4R8_V-Y84Gw== expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3	200	scripts.js Show response applets.ebxcdn.com/applets/www.crainsdetroit.com/	2 KB 2 KB	230ms 203ms	XHR text/javascript	172.67.212.172 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://applets.ebxcdn.com/applets/www.crainsdetroit.com/scripts.js Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.212.172 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30cc81680ac73a0ed5dd4570067c32dc4867a4879e3003e695a672315d3f1a24 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amzn-requestid 0e51870d-cb92-4db0-9819-cd47ff125fae x-amz-apigw-id YfxErFa7DoEEKpw= content-length 1572 alt-svc h3=":443"; ma=86400 last-modified Wed, 10 Jan 2024 12:58:56 GMT server cloudflare etag aV3RLxUawR+XrKqGWhCg3g== x-amzn-trace-id Root=1-66562eea-52d29aa617bbaa8d142088ce;Parent=6f18b414ab0ca0b5;Sampled=0;lineage=388d0713:0 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sXpaYBRGxf6qKwYsEWlGiHswKZk3z3wr3SJwDWAO7shO9%2Bb3dIDSh0aroozthLI3PgEvTPn6bvHUcy4IM2oVGp7NYG1uPwYpyt859zxTCjyHyPVB3WdgK4TdGJSOxh1sSdAIaHE%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=300, no-transform accept-ranges bytes cf-ray 88b09cd8cccc925b-FRA
GET H2	200	187044856.js Show response bat.bing.com/p/action/	1 KB 850 B	47ms 46ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/187044856.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7a14a0fe551572acdc43f34050492d8bd9ffb0e9e312532308fed7b8322c2903 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Tue, 28 May 2024 19:22:17 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 9D02E9D7FB21420E8474B706B5876499 Ref B: FRAEDGE1315 Ref C: 2024-05-28T19:22:18Z vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 cache-control private,max-age=60
GET H2	204	0 bat.bing.com/action/	0 287 B	69ms 68ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=187044856&tm=al001&Ver=2&mid=cc4c01e8-9799-4df8-9ffa-0459274923e2&sid=993a98a01d2711ef9e43598ab14b5160&vid=993a7b401d2711ef9286751f8833e274&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Flagstar%20bank%20paid%20%241%20million%20in%20bitcoin%20to%20a%20ransomware%20group%20%7C%20Crain%27s%20Detroit%20Business&p=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&r=&lt=3681&pt=1716924134371,,,,,0,25,25,25,82,48,83,3011,3102,3014,3657,3659,3681,,,&pn=0,0&evt=pageLoad&sv=1&rn=374212 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 28 May 2024 19:22:17 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 1CF5D512DDF94F5CBB3D1AB4BE818BD9 Ref B: FRAEDGE1315 Ref C: 2024-05-28T19:22:18Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	140ms 29ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=637988649571323&ev=PageView&dl=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&rl=&if=false&ts=1716924138351&sw=1600&sh=1200&v=2.9.156&r=stable&a=adobe_launch&ec=0&o=4126&fbp=fb.1.1716924138350.2121383529&cs_est=true&ler=empty&cdl=API_unavailable&it=1716924138276&coo=false&rqm=GET Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1294, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Tue, 28 May 2024 19:22:18 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	116ms 60ms	Image image/png	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=637988649571323&ev=PageView&dl=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&rl=&if=false&ts=1716924138351&sw=1600&sh=1200&v=2.9.156&r=stable&a=adobe_launch&ec=0&o=4126&fbp=fb.1.1716924138350.2121383529&cs_est=true&ler=empty&cdl=API_unavailable&it=1716924138276&coo=false&rqm=FGET Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Tue, 28 May 2024 19:22:18 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1294, tbw=3109, tp=-1, tpl=-1, uplat=35, ullat=0 pragma no-cache x-fb-debug 6htAUkQDQHKhphkEvJhzP78oxgFd4zjIKcZ/ycYxOWpOHsZ18kBMP2xmngOobWV0maFh5Q5sHgPY9+cEYonxig== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 813 B	262ms 127ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=2832529&time=1716924138352&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Accept * Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-encoding gzip x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 6CAFB059D9F44582826352547D74DA07 Ref B: FRAEDGE1917 Ref C: 2024-05-28T19:22:18Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-lva1 access-control-allow-origin * x-cache CONFIG_NOCACHE content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYZiI1iYcPRjZHK7te7MQ== x-fs-uuid 000619888d6261c3d18d91caeed7bb31
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1716924138352&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1716924138352&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cooki... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2832529%26time%3D1716924138352%26url%3Dhttps%253A%252F%252Fwww.crainsdetroit.com%... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1716924138352&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cooki... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1716924138352&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cook...	0 265 B	247ms 173ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1716924138352&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cookiesTest=true&liSync=true&e_ipv6=AQIrYhD746igSQAAAY_Ap0aHzrd8BP7h3g85Y9Z-14uer3gaQcfhg7WaId_8b9hjivjryzIFWbZZ Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 9E016E2151B04EEEBB402A90388CBD65 Ref B: FRAEDGE1910 Ref C: 2024-05-28T19:22:19Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAYZiI1vJcHOHHIufJyJXw== Redirect headers date Tue, 28 May 2024 19:22:19 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 3B8DDABF0D1A4DC4985D9FFEBEF9B969 Ref B: DUS30EDGE0308 Ref C: 2024-05-28T19:22:19Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1716924138352&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cookiesTest=true&liSync=true&e_ipv6=AQIrYhD746igSQAAAY_Ap0aHzrd8BP7h3g85Y9Z-14uer3gaQcfhg7WaId_8b9hjivjryzIFWbZZ x-li-proto http/2 content-length 0 x-li-uuid AAYZiI1rX56u1h4bFD3eBw==
GET H2	200	get consent.trustarc.com/	127 KB 77 KB	36ms 34ms	Font font/ttf	108.138.36.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://consent.trustarc.com/get?name=OpenSansRegular.ttf Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-50.muc50.r.cloudfront.net Software / Resource Hash a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.crainsdetroit.com/ Origin https://www.crainsdetroit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma public date Tue, 28 May 2024 18:50:08 GMT content-encoding gzip via 1.1 210c8ad3e752d602af05a2de06eb2ff8.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop MUC50-P2 age 1930 vary Accept-Encoding x-cache Hit from cloudfront content-type font/ttf access-control-allow-origin * access-control-expose-headers * cache-control max-age=2592000 x-amz-cf-id PEYIukFLYzi1MwAhAXuFVkcolNkKvimF_SFOjzCm4goSBzFLkkX3jg==
GET H2	200	get consent.trustarc.com/	127 KB 75 KB	41ms 40ms	Font font/ttf	108.138.36.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://consent.trustarc.com/get?name=OpenSansBold.ttf Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-50.muc50.r.cloudfront.net Software / Resource Hash 914b98c4be37d22289a09667dc5083f7c625d972fea66a049d73decad7f1df72 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.crainsdetroit.com/ Origin https://www.crainsdetroit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma public date Tue, 28 May 2024 19:03:02 GMT content-encoding gzip via 1.1 210c8ad3e752d602af05a2de06eb2ff8.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop MUC50-P2 age 1156 vary Accept-Encoding x-cache Hit from cloudfront content-type font/ttf access-control-allow-origin * access-control-expose-headers * cache-control max-age=2592000 x-amz-cf-id 5ubzFtVURENd-FOUSdgB_iWxoBeqjQy5Fl2Lbd8Ts_cdDr-ZFhciRg==
GET H2	200	bannermsg consent.trustarc.com/	43 B 1 KB	73ms 71ms	Image image/gif	108.138.36.50 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://consent.trustarc.com/bannermsg?action=views&domain=crain.com&behavior=implied&country=de&language=de&rand=0.09839728332963249&session=6c61dc46-6811-44fe-b7ac-10625b9d893e&userType=NEW Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-50.muc50.r.cloudfront.net Software / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT content-security-policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains via 1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop MUC50-P2 cross-origin-embedder-policy unsafe-none x-cache Miss from cloudfront cross-origin-resource-policy cross-origin content-length 43 x-xss-protection 1; mode=block pragma no-cache referrer-policy strict-origin-when-cross-origin cross-origin-opener-policy cross-origin expect-ct enforce, max-age=60 x-frame-options SAMEORIGIN vary Origin content-type image/gif cache-control private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy geolocation=(), camera=(), speaker=(), microphone=(), vibrate=() x-amz-cf-id HPW63oKpL0jU_Wj8cMEsutc2rK0TBuZr7COaRGjEOtZxOFwBMw0EOA== expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	rules-p-J_kXLtyWmukpz.js Show response rules.quantcount.com/	160 B 640 B	119ms 45ms	Script application/javascript	2600:9000:20ae:2400:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-J_kXLtyWmukpz.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ae:2400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b022a884114de14db9cefdd4d2554c1f281ae12820f33976f3c7e768f7998fbc Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT via 1.1 8a0110b64ead65f0aff7193e350b2c52.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 age 2183 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 160 last-modified Fri, 14 Oct 2022 00:30:53 GMT server AmazonS3 etag "599ac3fe3327eee0bd61b8e478fad20a" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-cf-id idPnJ7Do6DnVwlD9V4_O0YyVztWm9ATyyFcbW-6dlpdE4QoK9s8P0Q==
GET H2	200	187044856 Show response bat.bing.com/p/insights/t/	712 B 885 B	121ms 120ms	Script application/x-javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/insights/t/187044856 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/187044856.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash f9fda30efcfe16712a97e8da10bc61b0cce085ea9169e652d5ea8d1322f58bac Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers expires -1 strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Tue, 28 May 2024 19:22:18 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: D87CB3BF542D40EBADC4ED555B072BC9 Ref B: FRAEDGE1315 Ref C: 2024-05-28T19:22:18Z vary Accept-Encoding x-azure-ref 20240528T192218Z-16659bfbf7fgmf7kb8e43k64f0000000049g000000013k6b content-type application/x-javascript x-cache CONFIG_NOCACHE cache-control no-cache, no-store accept-ranges bytes content-length 604 request-context appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
GET H2	200	simple Show response api.sail-personalize.com/v1/personalize/	288 B 497 B	120ms 119ms	Fetch application/json	75.2.40.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=1&okv=%7B%7D Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.40.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS aa7557bb34ea5624b.awsglobalaccelerator.com Software / Resource Hash d89535cde08bd9fa99366300490b6095331fd6d88ffb077bb74a45aa4a839ba9 Request headers x-lib-version v1.0.1 Accept-Language de-DE,de;q=0.9;q=0.9 authorization Bearer 9e4ef7ae863f721d8ef0aa6f15b0ac85 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 content-type application/json accept application/json Referer https://www.crainsdetroit.com/ x-referring-url https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Response headers pragma no-cache date Tue, 28 May 2024 19:22:18 GMT content-encoding gzip allowedorigins * vary Accept-Encoding content-type application/json access-control-allow-origin * allowedmethods GET,OPTIONS cache-control no-store access-control-allow-credentials true allowedheaders Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin content-length 196 expires -1
OPTIONS H2	200	simple api.sail-personalize.com/v1/personalize/ Frame	0 0	367ms 116ms	Preflight text/plain	75.2.40.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=1&okv=%7B%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.40.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS aa7557bb34ea5624b.awsglobalaccelerator.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,x-lib-version,x-referring-url Access-Control-Request-Method GET Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL access-control-allow-methods OPTIONS,GET,POST,PUT,DELETE access-control-allow-origin https://www.crainsdetroit.com access-control-max-age 1800 allow HEAD,GET,OPTIONS content-length 18 content-type text/plain date Tue, 28 May 2024 19:22:18 GMT
GET H2	200	v2 Show response mb.moatads.com/yi/	606 B 683 B	225ms 101ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7Ra.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-9gXoISVmV3kntWlJc0eSG1yyh6GCg89RvnZMBb6MgPbjt6bn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-5u6rgEk%2F07YACQ%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=160&qd=160&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&pcode=crainprebidheader782626518086&rx=182752347224&callback=MoatNadoAllJsonpRequest_44283287 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash d7d9c14aba95c1157dbe8450f6b80a79c5a91324fef531787a39a1cdd8276569 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT server istio-envoy etag "10c152a2f7ced80df7a31a4d5f77bd5f673bbbcd" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 51 timing-allow-origin * content-length 606
GET H2	200	n.js Show response mb.moatads.com/	86 B 264 B	178ms 69ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7Ra.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-9gXoISVmV3kntWlJc0eSG1yyh6GCg89RvnZMBb6MgPbjt6bn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-5u6rgEk%2F07YACQ%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=160&qd=160&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&i=CRAIN_PREBID_HEADER1&hp=1&wf=1&pxm=3&sgs=3&vb=0&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1716924138445&de=64570306413&rx=182752347224&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=1&cb=1&cu=1716924138445&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3312%3A3312%3A0%3A3657&fs=208210&na=2060536912&cs=0&callback=MoatDataJsonpRequest_44283287 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash d3eb9cb68f2594b551fdfc4a6b1b45ff43d15f245fc9d35238c2e7f5c5174aa5 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT server istio-envoy etag "85a937a1322fba6ff0c7c8740133e6d77725f2f1" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 16 timing-allow-origin * content-length 86
GET H2	200	iframe.html z.moatads.com/hd09824092/ Frame FE31	0 0	519ms 281ms	Document text/html	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/hd09824092/iframe.html Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes access-control-allow-credentials true access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=1931 content-encoding gzip content-length 803 content-md5 Spy8LlvBZDE9rOQqWL7xQQ== content-type text/html date Tue, 28 May 2024 19:22:19 GMT etag 0d341092-8e0f-4735-ae34-f388ff501eed last-modified Thu, 21 Mar 2024 17:22:14 GMT opc-meta-btime 2021-01-26T22:41:39Z opc-meta-mtime 1611700899 opc-request-id iad-1:lP0D2_Fo_4yoffwVy0kR5rNG87zUeLm_pkph8qwWUK39aGnCXrd67qHKjT8RBqMa storage-tier Standard strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding version-id 5af5eb63-417c-4960-9068-358f7e3e1642 x-api-id native x-content-type-options nosniff
GET H2	200	/ p1.zemanta.com/v2/p/js/38076/PAGE_VIEW/	26 B 145 B	155ms 138ms	Image image/gif	2606:4700:10::ac43:247d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://p1.zemanta.com/v2/p/js/38076/PAGE_VIEW/?bust=05390116619645475&optOut=false Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC server cloudflare content-type image/gif x-robots-tag none cf-ray 88b09cda4853a5ff-FRA content-length 26
GET H2	200	country Show response api.btloader.com/	37 B 162 B	141ms 138ms	Fetch application/json	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/country?o=5764463032532992 Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:18 GMT via 1.1 google vary Origin content-type application/json access-control-allow-origin * cache-control private, max-age=300, stale-while-revalidate=600, stale-if-error=600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37
GET BLOB	200 OK	6480a1d2-a3ac-4857-94a2-e770b36aaf06 https://www.crainsdetroit.com/	471 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://www.crainsdetroit.com/6480a1d2-a3ac-4857-94a2-e770b36aaf06 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 54f823e7e1dd61227526f6af66dc2e6ce6a0828d23f729aa16d66990eb519f86 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Length 482075 Content-Type
GET H2	200	modules.7b6d7646601d8cd7fb5f.js Show response script.hotjar.com/	222 KB 55 KB	100ms 32ms	Script application/javascript	54.230.228.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.7b6d7646601d8cd7fb5f.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1906609.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-40.muc50.r.cloudfront.net Software / Resource Hash 0f38a63a4786988c8739a89b8ce5e8599ddef3c3d283eff939be3008cbeef0f8 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 12:31:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 c357e4a7404abfefc6d5fb1647246a74.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 age 24672 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 56114 last-modified Tue, 28 May 2024 12:30:49 GMT etag "ee291f5775291ceb078ff8007ea3aad3" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id bKLAc4rDsMPBLzGBPxZyBgO1XbeGnu80L_8tzgbxL9RdlyvoWBrKlQ==
GET H2	200	0.7.32 Show response bat.bing.com/p/insights/s/	35 KB 15 KB	49ms 48ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/insights/s/0.7.32 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/insights/t/187044856 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ad367e536c20c594229b6d90ac4097730886eac4f8e11b07e908e584a62b1268 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Tue, 28 May 2024 19:22:18 GMT x-cache CONFIG_NOCACHE x-fd-int-roxy-purgeid 51562430 content-length 14999 last-modified Fri, 10 May 2024 17:30:37 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 9A3715D81E224615A3499DAF6337C2F9 Ref B: FRAEDGE1315 Ref C: 2024-05-28T19:22:18Z etag W/"0x8DC7116E7C400CE" vary Accept-Encoding x-azure-ref 20240528T192218Z-16659bfbf7fkh4bx2zeue8bdn8000000088g00000000z74e content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id 8e078710-a01e-003d-216c-ac58c0000000 cache-control public, max-age=86400 x-ms-version 2018-03-28
GET H3	204	pv Show response api.btloader.com/	0 12 B	133ms 132ms	XHR text/plain	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/pv?tid=7C3kKzBok5&w=5661028241113088&o=5764463032532992&cv=2.1.45-3-gc22fd9c&widget=false&checksum=c9d711a6&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&sid=chidNiZB&pm=false&upapi=true Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-origin * date Tue, 28 May 2024 19:22:18 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
GET H2	200	pixel;r=2023122294;rf=0;a=p-J_kXLtyWmukpz;url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group;uht=2;fpan=1;fpa=P0-1809959261-1716924138... pixel.quantserve.com/	35 B 408 B	28ms 26ms	Image image/gif	2620:116:800d:21:ef75:8280:f209:5ba1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=2023122294;rf=0;a=p-J_kXLtyWmukpz;url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group;uht=2;fpan=1;fpa=P0-1809959261-1716924138386;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=pai;gdpr=0;ref=;d=crainsdetroit.com;dst=1;et=1716924138638;tzo=-120;ogl=site_name.Crain's%20Detroit%20Business%2Ctype.article%2Curl.https%3A%2F%2Fwww%252Ecrainsdetroit%252Ecom%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitco%2Ctitle.Flagstar%20paid%20%241M%20bitcoin%20ransom%20after%20cyberattack%20in%202021%252C%20court%20filings%20show%2Cimage.https%3A%2F%2Fs3-rd-prod%252Ecrainsdetroit%252Ecom%2Fstyles%2F1200x630%2Fs3%2F2JEN3RX%252Ejpg%2Cimage%3Aurl.https%3A%2F%2Fs3-rd-prod%252Ecrainsdetroit%252Ecom%2Fstyles%2F1200x630%2Fs3%2F2JEN3RX%252Ejpg%2Cupdated_time.2024-03-13T12%3A21%3A03-04%3A00;ses=b9b5f854-473b-4cc6-b408-a761fed1405d;mdl= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Tue, 28 May 2024 19:22:18 GMT attribution-reporting-register-trigger {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]} p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	browser-perf.8417c6bba72228fa2e29.js Show response script.hotjar.com/	5 KB 2 KB	28ms 28ms	Script application/javascript	54.230.228.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.7b6d7646601d8cd7fb5f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-40.muc50.r.cloudfront.net Software / Resource Hash 70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Wed, 24 Jan 2024 14:32:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 c357e4a7404abfefc6d5fb1647246a74.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 age 10817411 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 1782 last-modified Wed, 24 Jan 2024 14:31:37 GMT etag "b83b61bc5871e9a23a0434e2c539f4f3" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id 5-qjftTAakVkEksNHir0gUf2pVzU3I_hbsj-VgHx_Cfzf3OSnIarvQ==
POST H2	204	w Show response bat.bing.com/p/insights/c/	0 212 B	118ms 118ms	XHR text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/insights/c/w Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept application/x-webinsights-gzip Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 28 May 2024 19:22:18 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: B420EFC004E44402A29AAE76845E928B Ref B: FRAEDGE1315 Ref C: 2024-05-28T19:22:18Z vary Origin x-cache CONFIG_NOCACHE access-control-allow-origin https://www.crainsdetroit.com access-control-allow-credentials true request-context appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/	480 KB 95 KB	451ms 367ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=4095736903276742&correlator=2595206247328631&eid=31083927%2C31083261%2C95331446%2C31078668&output=ldjh&gdfp_req=1&vrg=202405210101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=105554924%2Ccdb%2Cbanking-finance%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%2C1200x250%7C970x90%7C970x250%7C728x90%2C1x1%2C970x90%7C728x90%2C300x250%2C300x250%7C300x600%2C300x250%2C320x50%2C300x250%2C970x90%7C970x250%7C728x90&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0&ifi=1&sfv=1-0-40&ists=640&eri=33&sc=1&abxe=1&dt=1716924138809&lmt=1716924134&adxs=0%2C0%2C740%2C255%2C1120%2C1120%2C1120%2C1120%2C1120%2C160&adys=0%2C112%2C2046%2C2213%2C283%2C933%2C933%2C933%2C933%2C3828&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C0%7C0%7C0%7C0%7C0%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&vis=1&psz=1600x0%7C1600x0%7C0x0%7C970x0%7C320x0%7C320x0%7C320x0%7C320x0%7C320x0%7C1280x0&msz=1600x0%7C1600x0%7C0x0%7C970x0%7C320x0%7C320x0%7C320x0%7C320x0%7C320x0%7C1280x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&nt=1&dlt=1716924137385&idt=397&prev_scp=m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3Dinterstitial%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_gv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26pos%3DLB_01%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DINREAD%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DLB_02%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DREC_01%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DREC_02%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DREC_03%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DNTV_01%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DREC_04%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DLB_03%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle&cust_params=bmb%3Dind_98%252Cre_6%252Csz_6%252CMEDTREAT%252CSUSTOPIC%252CENGGEN%252CANNEWS%252CWINT1%252CBANKING%252CFORPS%252CANEA%252CBNKS%252CWINT%252CENTT%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&adks=59737077%2C1159355602%2C2297379000%2C532088068%2C3084722940%2C1384827673%2C3652568468%2C688067601%2C1829427587%2C133816351&frm=20&eoidce=1 Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 29878f843babdc2843abfa7b84cc80f5b018ee3277e2eb8e329d469f564a90e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2,-2,-2,-2,-2,-2,-2,-2 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 97083 x-xss-protection 0 google-lineitem-id -2,6442451746,-2,6603666671,6727407095,6727446918,6354644058,6602858563,6354644058,6603666671 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,138473339032,-2,138476592334,138475860923,138477027511,138442311334,138476488847,138441589527,138475874478 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.crainsdetroit.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 2297e1af7e2185241bf3108fb1d9e2d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8825	0 0	108ms 29ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2297e1af7e2185241bf3108fb1d9e2d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 28 May 2024 19:22:18 GMT expires Wed, 28 May 2025 19:22:18 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	location Show response www.pelcro.com/api/v1/sdk/	66 B 164 B	44ms 43ms	XHR application/json	2606:4700:10::6816:858 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/location Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d92dc4ef46f39dae0b2908c18f8f0623acfd88bc861da9378e7d2393f092228 Request headers Accept application/json Cache-Control max-age=0 Referer https://www.crainsdetroit.com/ X-Pelcro-Sdk-Version 2.17.0 Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-origin * date Tue, 28 May 2024 19:22:19 GMT content-encoding gzip server cloudflare cf-ray 88b09cddbf113aa0-FRA vary Accept-Encoding content-type application/json; charset=UTF-8
OPTIONS H2	200	location www.pelcro.com/api/v1/sdk/ Frame	0 0	57ms 47ms	Preflight	2606:4700:10::6816:858 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/location Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers cache-control,x-pelcro-sdk-version Access-Control-Request-Method GET Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers cache-control,x-pelcro-sdk-version access-control-allow-methods GET access-control-allow-origin * cf-ray 88b09cdd6e973aa0-FRA content-length 0 date Tue, 28 May 2024 19:22:19 GMT server cloudflare vary Accept-Encoding
OPTIONS H2	204	5070 www.pelcro.com/api/v1/sdk/ecommerce/products/site/ Frame	0 0	449ms 449ms	Preflight	2606:4700:10::6816:858 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/ecommerce/products/site/5070 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers cache-control,x-pelcro-sdk-version Access-Control-Request-Method GET Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers cache-control,x-pelcro-sdk-version access-control-allow-methods GET access-control-allow-origin * access-control-max-age 0 cache-control max-age=0 cf-cache-status DYNAMIC cf-ray 88b09cddff7c3aa0-FRA date Tue, 28 May 2024 19:22:19 GMT expires Tue, 28 May 2024 19:22:19 GMT referrer-policy strict-origin-when-cross-origin server cloudflare vary Access-Control-Request-Method, Access-Control-Request-Headers x-content-type-options nosniff
GET H2	200	5070 Show response www.pelcro.com/api/v1/sdk/ecommerce/products/site/	17 KB 2 KB	165ms 165ms	XHR application/json	2606:4700:10::6816:858 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/ecommerce/products/site/5070 Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10b07d55930d94113ddcfdf5b34e837c4d92d6d6e759af2fe2a4fc571a02a37e Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json Cache-Control max-age=0 Referer https://www.crainsdetroit.com/ X-Pelcro-Sdk-Version 2.17.0 Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Tue, 28 May 2024 19:16:14 GMT server cloudflare vary Accept-Encoding content-language en access-control-allow-origin * content-type application/json; charset=utf-8 cache-control max-age=0 cf-ray 88b09ce0cbb23aa0-FRA expires Tue, 28 May 2024 19:16:14 GMT
GET H2	200	main.min.js Show response js.pelcro.com/ui/plugin/crain-detroit-business/	1 MB 337 KB	47ms 47ms	Script text/javascript	2600:9000:26da:f600:c:b42a:3740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.pelcro.com/ui/plugin/crain-detroit-business/main.min.js Requested by Host: js.pelcro.com URL: https://js.pelcro.com/sdk/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:f600:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 638297b75f75befe7efeb3ab8ef5f20d99e7f32919f68053ead445e50c903e73 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 05:12:14 GMT content-encoding gzip via 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront) last-modified Wed, 01 May 2024 09:33:00 GMT server AmazonS3 x-amz-cf-pop MUC50-P4 age 51006 x-amz-server-side-encryption AES256 etag W/"27a72262018ce16b0f6881c85dbf49be" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 x-amz-cf-id sS7sNwbhNqDYsuXAFp-QsGzQXveS1VFy0AeHtfDXR5CleZkb_245dA==
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/ Frame 7FFF	23 KB 9 KB	57ms 24ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 36ea295580b6ae83e3e1d6b4bdf7564af630736a9d46e3a7e8b7aacaf96b1dcd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 17:35:11 GMT content-encoding br x-content-type-options nosniff age 6428 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9129 x-xss-protection 0 server cafe etag 17088485272571348730 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jun 2024 17:35:11 GMT
GET H3	200	window_focus_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/client/ Frame 7FFF	3 KB 1 KB	97ms 64ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 17:35:11 GMT content-encoding br x-content-type-options nosniff age 6428 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jun 2024 17:35:11 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7FFF	214 KB 65 KB	59ms 26ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 42bbd0012a46493c1ca8e228b118806d03bb60bb93ecb05d40413dc0401722f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 18:24:43 GMT content-encoding br x-content-type-options nosniff age 3456 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66456 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 28 May 2024 19:24:43 GMT
GET H2	200	moatad.js Show response z.moatads.com/craindfp44917164363/ Frame 7FFF	10 KB 5 KB	861ms 860ms	Script application/x-javascript	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/craindfp44917164363/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software / Resource Hash 759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 28 May 2024 19:22:20 GMT content-md5 vhllMQq6aHL0wqgkGTf5Aw== storage-tier Standard content-length 3856 opc-meta-btime 2024-04-22T05:24:19Z opc-meta-mtime 1713763459 last-modified Mon, 22 Apr 2024 19:37:07 GMT opc-request-id iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m x-api-id native etag 001ba0e4-6408-48ba-b7a3-18af31904bce vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 438c0f49-c157-4286-81f2-36c01f2a344f access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=18473 access-control-allow-credentials true accept-ranges bytes
GET H2	200	7731188010037395134 tpc.googlesyndication.com/simgad/ Frame 7FFF	71 KB 72 KB	99ms 27ms	Image image/gif	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/7731188010037395134 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4ff839e511ae129b3721981f440119835662e5364f8cd19661b58ec2bee747ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers expires Wed, 28 May 2025 18:12:06 GMT date Tue, 28 May 2024 18:12:06 GMT x-content-type-options nosniff age 4213 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73150 x-xss-protection 0 last-modified Tue, 23 Apr 2024 16:37:20 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H3	200	abg_lite_fy2021.js pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/ Frame A4EE	9 KB 0	54ms 54ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 17:35:11 GMT content-encoding br x-content-type-options nosniff age 6428 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9129 x-xss-protection 0 server cafe etag 17088485272571348730 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jun 2024 17:35:11 GMT
GET		omrhp_fy2021.js pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/elements/html/ Frame A4EE	0 0
GET		Q12zgMmT.js tpc.googlesyndication.com/sodar/ Frame A4EE	0 0
GET		ufs_web_display.js pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A4EE	0 0
GET		moatad.js z.moatads.com/craindfp44917164363/ Frame A4EE	0 0
GET		4929237300474079845 s0.2mdn.net/simgad/ Frame A4EE	0 0
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/ Frame 860D	23 KB 0	48ms 48ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 36ea295580b6ae83e3e1d6b4bdf7564af630736a9d46e3a7e8b7aacaf96b1dcd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 17:35:11 GMT content-encoding br x-content-type-options nosniff age 6428 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9129 x-xss-protection 0 server cafe etag 17088485272571348730 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jun 2024 17:35:11 GMT
GET H3	200	window_focus_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/client/ Frame 860D	3 KB 0	91ms 91ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 17:35:11 GMT content-encoding br x-content-type-options nosniff age 6428 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jun 2024 17:35:11 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 860D	214 KB 0	52ms 52ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 42bbd0012a46493c1ca8e228b118806d03bb60bb93ecb05d40413dc0401722f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 18:24:43 GMT content-encoding br x-content-type-options nosniff age 3456 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66456 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 28 May 2024 19:24:43 GMT
GET H2	200	moatad.js Show response z.moatads.com/craindfp44917164363/ Frame 860D	10 KB 0	849ms 849ms	Script application/x-javascript	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/craindfp44917164363/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software / Resource Hash 759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:20 GMT content-encoding gzip x-content-type-options nosniff content-md5 vhllMQq6aHL0wqgkGTf5Aw== storage-tier Standard content-length 3856 opc-meta-btime 2024-04-22T05:24:19Z opc-meta-mtime 1713763459 last-modified Mon, 22 Apr 2024 19:37:07 GMT opc-request-id iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m x-api-id native etag 001ba0e4-6408-48ba-b7a3-18af31904bce vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 438c0f49-c157-4286-81f2-36c01f2a344f access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=18473 access-control-allow-credentials true accept-ranges bytes
GET H2	200	2584665622217372887 tpc.googlesyndication.com/simgad/ Frame 860D	70 KB 70 KB	127ms 68ms	Image image/jpeg	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2584665622217372887 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 94980ab27548b58d3d671b35b947cf63329f6004e6ea44127356ac6dba1c4059 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers expires Wed, 28 May 2025 15:07:22 GMT date Tue, 28 May 2024 15:07:22 GMT x-content-type-options nosniff age 15297 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 71728 x-xss-protection 0 last-modified Fri, 17 May 2024 17:48:17 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/ Frame 1578	23 KB 0	46ms 46ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 36ea295580b6ae83e3e1d6b4bdf7564af630736a9d46e3a7e8b7aacaf96b1dcd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 17:35:11 GMT content-encoding br x-content-type-options nosniff age 6428 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9129 x-xss-protection 0 server cafe etag 17088485272571348730 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jun 2024 17:35:11 GMT
GET H3	200	window_focus_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/client/ Frame 1578	3 KB 0	89ms 89ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 17:35:11 GMT content-encoding br x-content-type-options nosniff age 6428 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jun 2024 17:35:11 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1578	214 KB 0	51ms 51ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 42bbd0012a46493c1ca8e228b118806d03bb60bb93ecb05d40413dc0401722f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 18:24:43 GMT content-encoding br x-content-type-options nosniff age 3456 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66456 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 28 May 2024 19:24:43 GMT
GET H2	200	moatad.js Show response z.moatads.com/craindfp44917164363/ Frame 1578	10 KB 0	845ms 845ms	Script application/x-javascript	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/craindfp44917164363/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software / Resource Hash 759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:20 GMT content-encoding gzip x-content-type-options nosniff content-md5 vhllMQq6aHL0wqgkGTf5Aw== storage-tier Standard content-length 3856 opc-meta-btime 2024-04-22T05:24:19Z opc-meta-mtime 1713763459 last-modified Mon, 22 Apr 2024 19:37:07 GMT opc-request-id iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m x-api-id native etag 001ba0e4-6408-48ba-b7a3-18af31904bce vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 438c0f49-c157-4286-81f2-36c01f2a344f access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=18473 access-control-allow-credentials true accept-ranges bytes
GET H2	200	11827990674726863668 tpc.googlesyndication.com/simgad/ Frame 1578	28 KB 29 KB	107ms 52ms	Image image/jpeg	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/11827990674726863668 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2006664e9dfdf5a5a39f8b5aab32cd5bb818db32484f23663a7d34d5ae676638 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers expires Wed, 28 May 2025 11:16:01 GMT date Tue, 28 May 2024 11:16:01 GMT x-content-type-options nosniff age 29178 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29095 x-xss-protection 0 last-modified Thu, 23 May 2024 14:56:25 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/ Frame E178	23 KB 0	45ms 45ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 36ea295580b6ae83e3e1d6b4bdf7564af630736a9d46e3a7e8b7aacaf96b1dcd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 17:35:11 GMT content-encoding br x-content-type-options nosniff age 6428 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9129 x-xss-protection 0 server cafe etag 17088485272571348730 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jun 2024 17:35:11 GMT
GET H3	200	window_focus_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/client/ Frame E178	3 KB 0	93ms 93ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 17:35:11 GMT content-encoding br x-content-type-options nosniff age 6428 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jun 2024 17:35:11 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E178	214 KB 0	49ms 49ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 42bbd0012a46493c1ca8e228b118806d03bb60bb93ecb05d40413dc0401722f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 18:24:43 GMT content-encoding br x-content-type-options nosniff age 3456 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66456 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 28 May 2024 19:24:43 GMT
GET H2	200	moatad.js Show response z.moatads.com/craindfp44917164363/ Frame E178	10 KB 0	840ms 840ms	Script application/x-javascript	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/craindfp44917164363/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software / Resource Hash 759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:20 GMT content-encoding gzip x-content-type-options nosniff content-md5 vhllMQq6aHL0wqgkGTf5Aw== storage-tier Standard content-length 3856 opc-meta-btime 2024-04-22T05:24:19Z opc-meta-mtime 1713763459 last-modified Mon, 22 Apr 2024 19:37:07 GMT opc-request-id iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m x-api-id native etag 001ba0e4-6408-48ba-b7a3-18af31904bce vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 438c0f49-c157-4286-81f2-36c01f2a344f access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=18473 access-control-allow-credentials true accept-ranges bytes
GET H2	200	12328937770629736648 tpc.googlesyndication.com/simgad/ Frame E178	51 B 167 B	143ms 92ms	Image image/gif	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12328937770629736648 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a926196a97d8e400c8c714bcc663de7e30e226928ed7432e3c8f03ba9183eab3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers expires Wed, 28 May 2025 09:36:26 GMT date Tue, 28 May 2024 09:36:26 GMT x-content-type-options nosniff age 35153 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51 x-xss-protection 0 last-modified Wed, 13 Apr 2016 17:30:40 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H2	200	container.html 2297e1af7e2185241bf3108fb1d9e2d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0050	0 0	0ms 0ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2297e1af7e2185241bf3108fb1d9e2d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 28 May 2024 19:22:18 GMT expires Wed, 28 May 2025 19:22:18 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	12328937770629736648 tpc.googlesyndication.com/simgad/ Frame 605B	51 B 0	131ms 131ms	Image image/gif	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12328937770629736648 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a926196a97d8e400c8c714bcc663de7e30e226928ed7432e3c8f03ba9183eab3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers expires Wed, 28 May 2025 09:36:26 GMT date Tue, 28 May 2024 09:36:26 GMT x-content-type-options nosniff age 35153 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51 x-xss-protection 0 last-modified Wed, 13 Apr 2016 17:30:40 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/ Frame 605B	23 KB 0	33ms 33ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 36ea295580b6ae83e3e1d6b4bdf7564af630736a9d46e3a7e8b7aacaf96b1dcd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 17:35:11 GMT content-encoding br x-content-type-options nosniff age 6428 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9129 x-xss-protection 0 server cafe etag 17088485272571348730 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jun 2024 17:35:11 GMT
GET H3	200	window_focus_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/client/ Frame 605B	3 KB 0	80ms 80ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 17:35:11 GMT content-encoding br x-content-type-options nosniff age 6428 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jun 2024 17:35:11 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 605B	214 KB 0	37ms 37ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 42bbd0012a46493c1ca8e228b118806d03bb60bb93ecb05d40413dc0401722f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 18:24:43 GMT content-encoding br x-content-type-options nosniff age 3456 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66456 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 28 May 2024 19:24:43 GMT
GET H2	200	moatad.js Show response z.moatads.com/craindfp44917164363/ Frame 605B	10 KB 0	826ms 826ms	Script application/x-javascript	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/craindfp44917164363/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software / Resource Hash 759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:20 GMT content-encoding gzip x-content-type-options nosniff content-md5 vhllMQq6aHL0wqgkGTf5Aw== storage-tier Standard content-length 3856 opc-meta-btime 2024-04-22T05:24:19Z opc-meta-mtime 1713763459 last-modified Mon, 22 Apr 2024 19:37:07 GMT opc-request-id iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m x-api-id native etag 001ba0e4-6408-48ba-b7a3-18af31904bce vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 438c0f49-c157-4286-81f2-36c01f2a344f access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=18473 access-control-allow-credentials true accept-ranges bytes
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/ Frame 0F6D	23 KB 0	30ms 30ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 36ea295580b6ae83e3e1d6b4bdf7564af630736a9d46e3a7e8b7aacaf96b1dcd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 17:35:11 GMT content-encoding br x-content-type-options nosniff age 6428 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9129 x-xss-protection 0 server cafe etag 17088485272571348730 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jun 2024 17:35:11 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/elements/html/ Frame 0F6D	8 KB 0	54ms 54ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/elements/html/omrhp_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 58dae867314ea620ca0cc09fc92e623ed546faa6d35a84800b7305f56947954a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Mon, 27 May 2024 19:32:17 GMT content-encoding br x-content-type-options nosniff age 85802 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3204 x-xss-protection 0 server cafe etag 1338840573371551575 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 10 Jun 2024 19:32:17 GMT
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 0F6D	41 KB 0	2ms 2ms	Script text/javascript	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Mon, 27 May 2024 17:19:42 GMT content-encoding br x-content-type-options nosniff age 93757 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 27 May 2025 17:19:42 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0F6D	214 KB 0	29ms 29ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 42bbd0012a46493c1ca8e228b118806d03bb60bb93ecb05d40413dc0401722f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 18:24:43 GMT content-encoding br x-content-type-options nosniff age 3456 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66456 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 28 May 2024 19:24:43 GMT
GET H2	200	moatad.js Show response z.moatads.com/craindfp44917164363/ Frame 0F6D	10 KB 0	817ms 817ms	Script application/x-javascript	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/craindfp44917164363/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software / Resource Hash 759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:20 GMT content-encoding gzip x-content-type-options nosniff content-md5 vhllMQq6aHL0wqgkGTf5Aw== storage-tier Standard content-length 3856 opc-meta-btime 2024-04-22T05:24:19Z opc-meta-mtime 1713763459 last-modified Mon, 22 Apr 2024 19:37:07 GMT opc-request-id iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m x-api-id native etag 001ba0e4-6408-48ba-b7a3-18af31904bce vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 438c0f49-c157-4286-81f2-36c01f2a344f access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=18473 access-control-allow-credentials true accept-ranges bytes
GET H2	200	2316839238945372199 s0.2mdn.net/simgad/ Frame 0F6D	89 KB 90 KB	52ms 24ms	Image image/gif	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/2316839238945372199 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js?cb=31083927 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6ea85b8007181e225da55ca65dd39a2e49c3fd623abaae9d6c9753e24f9a3fe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers expires Tue, 27 May 2025 16:22:44 GMT date Mon, 27 May 2024 16:22:44 GMT x-content-type-options nosniff age 97175 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 91588 x-xss-protection 0 last-modified Fri, 08 Mar 2024 06:57:22 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" allow-fenced-frame-automatic-beacons true
GET H3	200	utsync.ashx ml314.com/ Frame 7FFF	43 B 59 B	58ms 58ms	Image image/gif	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/utsync.ashx?eid=69120&et=0&dc=CDO_Oswald&cb=95029095&gdpr=&gdpr_consent= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Tue, 28 May 2024 19:22:19 GMT via 1.1 google, 1.1 google server Google Frontend content-type image/gif p3p CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0,Wed, 29 May 2024 19:22:19 GMT
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 7FFF	0 26 B	61ms 60ms	Image image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstRfGD_GrpyyT9lNa7KMWDYbjWqNit5NCSojviSPYYxFvQKZA337Bra8WL6FHyUjVdnFUjEjPS6f40WL3RxSNeS7bXwrf8IJah_X9ng1bih37Cwe2Hlki583XVTW6tBZP0ajsAW_z-VC5LwmD8D9nnCQCvpWupD61Qy3hKqOtS1QPei0-T8-udSWHlhkA8Upm8ecHqrTouPK-RhEEh2vSiLLvFLTEOzcMNhZRVK8cWZBzTzMWC9YC6TI5_28zveQ2uYftgpkwP4uliv3kJbVFEPXcODYuPVDhBo9KNgr2v-woI_WAVEaaKUml5wdSyG48sM6Agg1zvH9f6EEzcZsz_0d0fgu6Irkj5_RxQFiYN9EklVJLBJta_wl7MG9bRBKt2PKqqhcTYBxrUB&sig=Cg0ArKJSzLDxKVZqdB8cEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET		view pagead2.googlesyndication.com/pcs/ Frame A4EE	0 0
GET		pixel.gif tracker.samplicio.us/tracker/ed17fd30-11c8-4cd6-bf4d-4fe79ea3fce3/ Frame A4EE	0 0
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 860D	0 26 B	67ms 66ms	Image image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsso_cVarmss4TKdoTt5USgjmd5RaXBamKHEK0bwiud2s6FpjUkozpRx9C9niv7ZwQ4iB2RjUX0s6ckZOtGnf2WOqdGvbctir9wCkAOK72uYUnrLosbEuladhfe84w7QSrja3vBsKGjxInCm0CMHFHTmmeCbdrc1UYT4l1UE9s1jDE_aaRK6EAAXUGK83BzvRikiD7n8kQEfj1_uHFzv7a4gFmUfN6PvpihJ0zaEH558oJXFIBL-YXJH-QyFdvT2766Kamy8or8MXbRWeWikCgWYlv1SO6sprrzfn9TIZNDaWct5SqGtZbmGwklo8R_nStGOXAPeKPXl5Tp71KCbsuTE-bttDUUSsnnCultCO_HLyCtuQlNuRT8Ejc1_StgZcB1L6JlJFyM&sig=Cg0ArKJSzNSG7je1qD60EAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 1578	0 26 B	67ms 66ms	Image image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsunU_UJeDZJvTTd7kue-MZYnkZrGy6d0zkQutR5b_6U6u4osh9xfva2tYnpjjxmAx1YsSfi62ai_4AL0qo_-e8U1N5O4TcSimWMgbIJJFgB7VxJEz4updVO1PQxujCXTVuAGsPjEHFEa_Uqf92KyVpIfKbrjn_IZjdXz-LEYPd-X229lKd82HGwkzxhcIl1QpMC62QSngXb4n1TKXqmdI1D_Jk4eWV9cHu81EiyBtZXG8YpUGtl7qzqe984cIBW1MIQpoZiAQCK-kl_jBR6s6-7eaHUrcX8sS08MUViilMlVw5v7yN7o-5FNfaaLdL8LF54l-OIEn8ivazF04mjTwU-07-vcmGIfLBKz9lLqd9B_TrKrMqSbWXU00cgjHntAm6QzCWICNMsuS8N&sig=Cg0ArKJSzOREvJ_0uEDaEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame E178	0 26 B	66ms 65ms	Image image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuMe_-WPem9k2ZmoZvudI-oHkChMsprnoc13AmplZqyFvKvqsC-d6sSCHMXhYpOJTMXyX8GGK0A35MA-jloU8F6N2uzwLlbde2s5Z2NWvCTeH2eAspiirG5bK9YST6GNeHmc3Aj5HYQKiBySReNyCTmZHZxawjv5Ir3eHvqNDLMzVbRSu-u37vpCc86uvZ0W44dO5E1ZMlcTe5D3TBwJfk_lgIdKM4DJOC6vKdfDlWySMwFwqmbyfO0vR93yocx-XuvOV_pgjSAxfA9_huOCwPfKESPo7kz5lHR0rCQ-MUtdE04OJ3sthz4AzXTEEq-QMaaF8FOVwiLGHkB8qclDlMYgk9S0XbWlHsGs_B-OvxOv1f4jno5H-bw22xP7A9ilgbFsGbBimw&sig=Cg0ArKJSzA-a3raYwCrUEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 605B	0 26 B	67ms 66ms	Image image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu-5XZNoIhdjVafZkOBhdXcfEEmvH0tQZ8yXyQXLqCn_EpvCpqUJcG1hdMk558kn120QQjsjw6C8RZReI7CelLHUPKaBrzLTrP1S3pg2EiOluluhWDza6A7INfRecFFAWEHV1Se9xHfaDygr_BZaWlSpQ9pVy7vbMf9F_ElNI8_S2pXeV0uT2IH8eHBwck9E6JiLzoHQrpO64NZJ0IBwl5EayMrihG2Q9qhB7c5ZyEIYf1OCTK_esqHFxElBs8QZ8Ifdh7gV39qELSff8OcX60ouNC6jd_2ouMpn-ondaTeOU1KcIOiP-q-MGUO5QLRfdV1DZEfVCA8hwI1eQl-W6d7hQ3j0F6lit57iQM4ReCLUPrGe6_DBGma2QL9H2neNH-wih8XddI&sig=Cg0ArKJSzHLUXlBlk-5sEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 0F6D	0 26 B	67ms 67ms	Image image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss0Rhf6vaIXJcu1g2XqbFnom2kIGGTelXoRdhAPy1nIZYRQyZt2WVicSmdaaNjzvJt84yJlXjHvDwYCZTCUsUGmLXIZ4SX-cFiqKMYyTmT_YoVQb5-3iDNruH2Ph2U6Z5J9z874JpkAM6DDVNm1dTk5TLIFoJJHvAJpW_Xbo1NXEj1BkDkm3VErn9HeRhem9JVTX-S4BQ9aVREpVdIpRvJipo9RJk5uTfL5pYRAmwkt8O1PQ_3gEvlOQK468nVhAdbCsGVfSlC1YcJQ6WvW0xJrkDYdiHazHA0Ut6W5hsKjDYVYd78nVL6uauStV9czGVPcMU3Lmv-Ws2f-_uXVt0polX0Lmj7zpzff8fyCgDT9G91lfgw4PFiDAFMo24WsC_bU4HWHb9mgoZwSd-MVBut0nR-9nrMiUaSQTKwSnJY4_Onph8i13g8INvFY1lfW&sig=Cg0ArKJSzDztdRUlDwNQEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	pixel.gif tracker.samplicio.us/tracker/ed17fd30-11c8-4cd6-bf4d-4fe79ea3fce3/ Frame 0F6D	35 B 340 B	166ms 108ms	Image image/gif	52.29.57.157 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tracker.samplicio.us/tracker/ed17fd30-11c8-4cd6-bf4d-4fe79ea3fce3/pixel.gif?sid=9383020&pid=390230532&crid=212245767&device_id=0&cachebuster=1576394395&gdpr=&gdpr_consent=&gdpr_pd= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.29.57.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-29-57-157.eu-central-1.compute.amazonaws.com Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT strict-transport-security max-age=604800 x-ratelimit-remaining 0 x-tyk-trace-id 713bd9a3365f9f5cb61d3508a75bcca6 content-type image/gif x-ratelimit-reset 0 x-ratelimit-limit 0 content-length 35
GET DATA	200 OK	truncated / Frame 7FFF	555 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 490c33222cefe755ffa596f6f647a7e1beb77e11b9093534fdae078c46b46047 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 860D	547 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f5397ec27270b3a50c252f42e795bac0f3df6d3a8944ce3215d34e7b3d18086a Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 1578	544 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3f6eeea2f5ff6183d476fd088d80aa95c9d79e86c24fb1837453844b51f568ca Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame E178	365 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 70d586a477356672510a100e5b804e308efe1fd486461a10793aef46425009ea Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 605B	362 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8c6bcb28b1e1f2892453bcb0494cc64d71a1fa2959cfad7fa47dbb7cd6b0336a Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
OPTIONS H2	204	authorization www.pelcro.com/api/v1/sdk/members/ip/ Frame	0 0	448ms 443ms	Preflight	2606:4700:10::6816:858 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers cache-control,x-pelcro-sdk-version Access-Control-Request-Method GET Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers cache-control,x-pelcro-sdk-version access-control-allow-methods GET access-control-allow-origin * access-control-max-age 0 cache-control max-age=0 cf-cache-status DYNAMIC cf-ray 88b09cdfda213aa0-FRA date Tue, 28 May 2024 19:22:19 GMT expires Tue, 28 May 2024 19:22:19 GMT referrer-policy strict-origin-when-cross-origin server cloudflare vary Access-Control-Request-Method, Access-Control-Request-Headers x-content-type-options nosniff
GET H/1.1	200 OK	apple-pay-sdk.js Show response applepay.cdn-apple.com/jsapi/v1/	162 KB 49 KB	123ms 22ms	Script application/javascript	2a01:b740:a30:f100::210 APPLE-AUSTIN
General Check archive.org Show headers Download Go to Full URL https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js Requested by Host: js.pelcro.com URL: https://js.pelcro.com/sdk/main.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a01:b740:a30:f100::210 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN, US), Reverse DNS Software Apple / Resource Hash afd584eb5736dd0208473226960ee2d03ca960465d28b21bf9e3a610c70899e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Date Tue, 28 May 2024 12:09:18 GMT strict-transport-security max-age=31536000; includeSubdomains x-content-type-options nosniff content-encoding gzip Age 25981 Via http/1.1 defra1-edge-lx-003.ts.apple.com (acdn/153.14426), http/1.1 defra1-edge-bx-028.ts.apple.com (acdn/153.14426) X-Cache hit-fresh, hit-fresh CDNUUID f8f7ba21-5bdd-48d0-b94d-91a741802d50-27004756418 edge-control cache-maxage=7d x-envoy-upstream-service-time 6 Connection keep-alive Content-Length 48790 x-xss-protection 1; mode=block apple-tk false Server Apple apple-seq 0 x-conversation-id 34ef0852-bfab-19bc-ba94-83851ab79ec4 etag "836f40c1160e2cc053e0fd945a62cca3--gzip" apple-originating-system wp-content-server-prod1-use1 vary Accept-Encoding Content-Type application/javascript access-control-allow-origin * cache-control public, max-age=86401, stale-while-revalidate=86400 access-control-allow-credentials false
GET H2	404	authorization Show response www.pelcro.com/api/v1/sdk/members/ip/	76 B 171 B	424ms 424ms	XHR application/json	2606:4700:10::6816:858 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee2057b29ca580da0aab4aa5c20f0cf9204c5e80025bbcaa343ecefbf0b0f420 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json Cache-Control max-age=0 Referer https://www.crainsdetroit.com/ X-Pelcro-Sdk-Version 2.17.0 Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:20 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-language en access-control-allow-origin * content-type application/json; charset=utf-8 cache-control no-cache, private cf-ray 88b09ce29ed63aa0-FRA
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 200 B	610ms 607ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept * Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 28 May 2024 19:22:19 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 1E7AED618364486AAE6840A15128DF06 Ref B: DUS30EDGE0308 Ref C: 2024-05-28T19:22:19Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 access-control-allow-origin https://www.crainsdetroit.com x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYZiI147vZU/3VjZ7cP/w==
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 860D	0 0	57ms 56ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvc04KDtK2RT7KhC9cJWUe1oYm1I-PbVgcudznh1fyzXe6XVRlF3u5qQGC6SUTiFxQR3UHv76IiHktwhCD9XfcwlnRzw6YYLJ6vBfEhp1Vu22J1TdcmyarMhe2Of-lomhhUixA0BnbNlSqzLOYPYJZWAir_BGlUkdfVtJtOW3RfsnuEAXwyd8vFcUOL8HPHcD8BnVnSpPfLotNu4-kuUvvFtuRmuM4cF537j-7B0ewfyRDpElWnwTd9dD_1t9wrgAA6yrMUyFMZCIrktZVu3rDOrsfVTAzvr-wz9XG8Oe04_u9kc7rUQz3GwC8R2wovrL28sfu3DCjkFk2vAJTRkbIvxvKqJq_jEDw6KhICyWid2oHL2z-2S0lEI7ZeJmt7dp3b8TFOrEIM_w&sig=Cg0ArKJSzLx9t4EQAm_7EAE&uach_m=%5BUACH%5D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 860D	0 0	53ms 53ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 605B	0 0	93ms 54ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E178	0 0	137ms 54ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 1578	0 0	60ms 60ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuZmy9CnbckUe94cvotzOgPyrDGe-Iqs5hO5jZicHzJZRvW2KiOU_FzAUrC-XM3qv0AVOuIHgcMtMqAV3R7QLV_67Xtgq7piquAUkv_R5uaQzq0YRpZZTAhs1-oXSnNPVPjnG9XI2Sa8hddjSoiic7EOIc3ev8PGrElCr-fkd7ns9w2bXY6eTrFSzq7ibt0uL_HD2OtWE4Ypwqy61pNfb0E19oKA2JbQNmdJrMlUaVINTUjU1HKrGQoDa0Jx51-5274H4id6Bd2fFdBZs4WC19a7JWfv0YSc6-7YSbNNIuRNob3VBNNazKbk3zbmUojlMifqcfHapODDytwcGXoGW_dmGG0KEERP33Mn5a3DCeY-UhvE-7KuzP0t6iME3hgKTGwTuSwT4AA0uK1Vyk&sig=Cg0ArKJSzOO08p90nPubEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1578	0 0	178ms 53ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 0F6D	0 0	56ms 56ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvNEG27TJBfwIkQ8-4HA0mliJS6ilBfGhK4OSTpaIVf-Vl8WABCRoJzt5Rtl1ThnMbsItRJDaC6OPfXJVQxypDKlgzjuRpb9TE01CxDOoknH8AFObQcFI-a9BbMfitkLLvr5tOAbrSkLU_z_UF5sVtg0RVfuhq_4rM88daUjIhuhPHpnD5yhBUMiFucKtsEEnh3lJI2ZndqMWu5RXAvB4u0p_8hVeO7IhKFbv0NOliPJWdz88iF0XvMM6kMBVdsUkZKMZxtATHq3-hIjHueO1uji2uS7pCMXkhXQLRFLRR0xVodtxZHpc6viZjv1a4sZ5UGtxWee35p8EonApAoBFVKrynoj4OrVvymyg0vJNE0rrEzz1586Rafa4QTkF-niciGK3c7pTjsAw&sig=Cg0ArKJSzHwg1wUL8OE8EAE&uach_m=%5BUACH%5D&urlfix=1&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0F6D	0 0	221ms 54ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 7FFF	0 0	56ms 56ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsttdDvoevm6STbGVhMyIdvjkqqF3d79l2XXyEqUqMn7hQiNX7JSzeUxjz9VJlCM2mbbmKpGyO0UZbbix2blKTrpAqYthSfGeYZCA8Dt3pPPpfz91mjnMr1kqkVqZbHd3b6lYhNX5JZOjsAdrkP0_AUBzjOKm9gy2AjyHBnUK3Fh4SKU_48Jt5W6A7YZ4C-MLwGlVgpXnOuSkW92QsXpLe5WWwCdCcHqX1Cjh2WejDZiecokiTRDhZ4W-PPastRcMyojns4ClgiFnc0GqJMRkTXsDg24FLOHOE-HvPg8uM7R4XVM99yHyrjbdfhaLUwrAoIfeIugG6GJeIM9zTboh2o2G3znCOOkc2aKhBKh412o6pNY4A-t5skOIEwvG7L0I0YlWdQMIaw7BEPdVp8&sig=Cg0ArKJSzNHjKDsUnyBwEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7FFF	0 0	263ms 54ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	tag.aspx Show response ml314.com/	33 KB 10 KB	27ms 26ms	Script application/javascript	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ml314.com/tag.aspx?2842024 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash b65f414221cf068135ffc1d6b5a814da1b1a363325b451698c52a4064303a5bb Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 18:27:01 GMT via 1.1 google content-encoding br age 3318 x-guploader-uploadid ABPtcPrOHvj7gag_-yZ5t8ZXdaF2EBO9mySigqU1dHXCC_wsdKmirkXo0VLA3I2gie_rSkQcxRM x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10611 last-modified Tue, 07 May 2024 22:27:04 GMT server UploadServer vary Accept-Encoding x-goog-generation 1715120823907330 x-goog-hash crc32c=10AurQ==, md5=zLoLKAsL6lcopoHLyCZEiw== content-type application/javascript cache-id FRA-1209ea83 cache-control public,max-age=3600 x-cache-hit hit x-goog-stored-content-length 34184 accept-ranges bytes
GET H2	200	pixel.gif px.moatads.com/	43 B 265 B	590ms 589ms	Image image/gif	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1716924138445&de=770573771764&rx=182752347224&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=2&cb=1&cu=1716924138445&ll=2&lm=0&ln=0&em=0&en=0&d=5309427804%3A3443801031%3A6602858563%3A138476488847&zMoatMMV_MAX=slotNoSlotData&zMoatPS=NTV_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=0x0&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3312%3A3312%3A0%3A3657&tz=NTV_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=980735172&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers unused62 8096267 pragma no-cache date Tue, 28 May 2024 19:22:20 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Tue, 28 May 2024 19:22:20 GMT
GET DATA	200 OK	truncated / Frame 0F6D	554 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4a4af68771d1926e279c1869bf8745f1261a7c2c00913dc505867ba33e81de50 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
POST H2	200	s46439357404471 Show response crain.112.2o7.net/b/ss/craindetroit/1/JS-2.20.0/	43 B 392 B	112ms 37ms	XHR image/gif	63.140.62.17 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://crain.112.2o7.net/b/ss/craindetroit/1/JS-2.20.0/s46439357404471 Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.62.17 , United States, ASN15224 (OMNITURE, US), Reverse DNS ip-63-140-62-17.data.adobedc.net Software jag / Resource Hash 55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 28 May 2024 19:22:19 GMT x-content-type-options nosniff last-modified Wed, 29 May 2024 19:22:19 GMT server jag etag 3687066514063458304-4618607301929218768 vary * p3p CP="This is not a P3P policy" access-control-allow-origin https://www.crainsdetroit.com content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 27 May 2024 19:22:19 GMT
GET H2	200	62bHydCX.html tpc.googlesyndication.com/sodar/ Frame 7F9B	0 0	22ms 22ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes age 15281 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 28 May 2024 15:07:38 GMT expires Wed, 28 May 2025 15:07:38 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ii.js Show response mb.moatads.com/	134 B 234 B	57ms 57ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/ii.js?lineItemId=6602858563&callback=lineItemInfo6602858563Callback_44283287 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash b44c8e1446fa2321d1de15fd1f1fdd6327dca2e5aee9430dd6f58ff58fdd6ce3 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:20 GMT server istio-envoy etag "bffcf9d6f97837dfadc647b1c4d17042ec6dc95a" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 7 timing-allow-origin * content-length 134
GET H2	200	ii.js Show response mb.moatads.com/	134 B 210 B	59ms 59ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/ii.js?lineItemId=6442451746&callback=lineItemInfo6442451746Callback_44283287 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash 89f6aca5c531663599224ccb800b3d426700f8809192b166a5abf9ac16d64017 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:20 GMT server istio-envoy etag "485e87b7e61b37c5aa80c420fb6a77b1023a145d" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 8 timing-allow-origin * content-length 134
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 605B	0 0	57ms 56ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss3rxijYO3IDD3_l7B23g3sVgdPukfM88XPn4ZtodMSUSN-CWXtayEmFx0dpeJtHNZoNqaab-RqRu5uR7_DY5QtcIzpAq1qHi-5mKkv-X8u-BeDS2otPnTqIrFHT276fU3ibOa0ZEDqAdmGf-JFg1lqvU_eHUc5EwSJe5FLv9O5n6ATWmZqhmajgrQ3Q8fCeqMXexqBZv7YBUZW-gnyd5VDjrdA0uX0d7moYkOIgnNAfUdAbJ7mec11c7zZL9dxlPn65V_wBKMp76BR2FTsVYtqtrduWP9uIewIdOpK2nZpMt4HJVr-4L18ZxsIuj382F2BTsP16g0oasRP3BJZmjQumjqD6Wi5APaN1GCWn8a1wazRJSV8azJwb6-qYbR-rBvOalkSVXyo_g&sig=Cg0ArKJSzCErElB-6M1gEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:20 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	pixel.gif px.moatads.com/	43 B 265 B	120ms 120ms	Image image/gif	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.crainsdetroit.com%2F%2Fbanking-finance%2FIFRAME&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7Ra.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-9gXoISVmV3kntWlJc0eSG1yyh6GCg89RvnZMBb6MgPbjt6bn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-5u6rgEk%2F07YACQ%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=160&qd=160&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=0&h=214&w=320&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1120&gp=1835.671875&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1716924138445&de=770573771764&rx=182752347224&cu=1716924138445&m=1753&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1835.671875&lb=4013&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3312%3A3312%3A0%3A3657&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=71&cd=0&ah=71&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5309427804%3A3443801031%3A6602858563%3A138476488847&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=NTV_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=0x0&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=NTV_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=2022494034&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers unused62 8096267 pragma no-cache date Tue, 28 May 2024 19:22:20 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Tue, 28 May 2024 19:22:20 GMT
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame E178	0 0	55ms 55ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvX5vZUb2RS0uwq2JhYsk1_2U854hNvZS_d5Hk4cAB9Sn9gANqjPR-Y6CkOlxPyIHd2BJ0L92Hf7uWvK2xNW6zchietHKbe75ek9REWCuvO_a2ltAo2X5H1AwQbPI7kVo3bdorCe7c1YhDiqiH-_525LXIxfpMQ--QONAwiGtOZBHXLEE0JqL4DtvrRtqfThzRwT8Ru688oIUc_r5dXRuywWR3uDF3oI_24F9zajUXxjgRtQYqpWzcc_vGMuoEYMbTgyRv0nDID2CsO_QaZ9YayjwSeszxqjdVG4Vur5jjgFAhAw8t45SBud4xfQwm6zIxNAYEwN5dtuHRgs2j1lFO1I5K8ZkiBSUcXd5HpEn_oYwhLaSPFUFG1xzhfu6hdt29YICznvvJ2KA&sig=Cg0ArKJSzDW120bxq_8YEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:20 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	ii.js Show response mb.moatads.com/	134 B 211 B	62ms 62ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/ii.js?lineItemId=6603666671&callback=lineItemInfo6603666671Callback_44283287 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash e853aa68d9778f9647bc792f5d9bab914649f01b18ee4884e5fb603cc359a0fa Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:20 GMT server istio-envoy etag "9ec64de2bc381e61e24e7450615d56ca38e4d69a" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 13 timing-allow-origin * content-length 134
GET H2	200	ii.js Show response mb.moatads.com/	134 B 211 B	60ms 60ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/ii.js?lineItemId=6727446918&callback=lineItemInfo6727446918Callback_44283287 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash 1366369def11b004647b32aca6906cd4c2fa707fb50fdaf4422cc34c9fbe15c7 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:20 GMT server istio-envoy etag "e78ed61e96b45e562e47df1d7226fe6751f2df78" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 10 timing-allow-origin * content-length 134
GET H2	200	ii.js Show response mb.moatads.com/	128 B 204 B	71ms 71ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/ii.js?lineItemId=6727407095&callback=lineItemInfo6727407095Callback_44283287 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash 68ff2bba6d992d531e2f03262cb28bfdc6c6668952863cfbc2c3c2f627b7d461 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:20 GMT server istio-envoy etag "9045b353b7aac45403aadbf2e176a64f9d8a93d9" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 22 timing-allow-origin * content-length 128
GET H2	200	pixel.gif px.moatads.com/	43 B 265 B	121ms 121ms	Image image/gif	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1716924138445&de=530221403620&rx=182752347224&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=3&cb=1&cu=1716924138445&ll=2&lm=0&ln=0&em=0&en=0&d=5131014612%3A3290675473%3A6442451746%3A138473339032&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3312%3A3312%3A0%3A3657&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&fs=208210&na=686364920&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers unused62 8096267 pragma no-cache date Tue, 28 May 2024 19:22:20 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Tue, 28 May 2024 19:22:20 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 265 B	121ms 121ms	Image image/gif	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.crainsdetroit.com%2F%2Fbanking-finance%2F-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7Ra.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-9gXoISVmV3kntWlJc0eSG1yyh6GCg89RvnZMBb6MgPbjt6bn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-5u6rgEk%2F07YACQ%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=160&qd=160&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=0&h=250&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=112&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1716924138445&de=530221403620&rx=182752347224&cu=1716924138445&m=1841&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=112&lb=4013&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3312%3A3312%3A0%3A3657&as=0&ag=45&an=0&gf=45&gg=0&ix=45&ic=45&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=45&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=90&cd=0&ah=90&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5131014612%3A3290675473%3A6442451746%3A138473339032&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=DOMSEARCH&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=208210&na=1445252142&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers unused62 8096267 pragma no-cache date Tue, 28 May 2024 19:22:20 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Tue, 28 May 2024 19:22:20 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 265 B	120ms 120ms	Image image/gif	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1716924138445&de=614682097459&rx=182752347224&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=4&cb=1&cu=1716924138445&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A418459684%3A6354644058%3A138441589527&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_04&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=1x1&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3312%3A3312%3A0%3A3657&tz=REC_04&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=682952083&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers unused62 8096267 pragma no-cache date Tue, 28 May 2024 19:22:20 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Tue, 28 May 2024 19:22:20 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 860D	42 B 65 B	56ms 56ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssm99UP-zhv4848j4VZwiXrPUmniwgu8XFJ13cX-72kTwdK5GwVHf3_rfyucWiaTW83PhWF2hOttv2lp_13RWDnNhJhXRT0e8k2v-8YSNmDKcaxAqlhAxrYMD7eStJo3hcEXQp0sl12N8J1Lc8Kyg5FAJwls0n4N7QdOWO5o7Y_5sM&sig=Cg0ArKJSzN8_Rrav-5QyEAE&id=lidar2&mcvt=1000&p=564,1130,814,1430&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240522&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3084722940&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1285693900&rst=1716924139424&rpt=200&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Tue, 28 May 2024 19:22:20 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 7FFF	42 B 65 B	57ms 56ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYFpM87T2NTGI0I00ae3pP25EflWrLCeaq9bCdXtQL8Vl-dv3BEB5trMNEC2iMQLF82-0xUhlqlUbAiLvb4izw8j_b5-JGS2yZO7UaVErQGeV-f9BnOp-Wq9KHJWrU1H2s5hO2kV3Bya1l9K6jLvYFDoRseTMdDiPHZRnmhzU0zr0&sig=Cg0ArKJSzEQm1jrecgUMEAE&id=lidar2&mcvt=1002&p=112,200,362,1400&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240522&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1159355602&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1285693900&rst=1716924139409&rpt=279&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Tue, 28 May 2024 19:22:20 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 265 B	482ms 482ms	Image image/gif	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1716924138445&de=630233208479&rx=182752347224&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=5&cb=1&cu=1716924138445&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A418459684%3A6354644058%3A138442311334&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_03&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=1x1&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3312%3A3312%3A0%3A3657&tz=REC_03&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=1555016312&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers unused62 8096267 pragma no-cache date Tue, 28 May 2024 19:22:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Tue, 28 May 2024 19:22:21 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 265 B	120ms 120ms	Image image/gif	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1716924138445&de=336206666136&rx=182752347224&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=6&cb=1&cu=1716924138445&ll=2&lm=0&ln=0&em=0&en=0&d=5309427804%3A3443801031%3A6603666671%3A138475874478&zMoatMMV_MAX=slotNoSlotData&zMoatPS=LB_03&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=970x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3312%3A3312%3A0%3A3657&tz=LB_03&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=1547640576&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers unused62 8096267 pragma no-cache date Tue, 28 May 2024 19:22:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Tue, 28 May 2024 19:22:21 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 265 B	121ms 120ms	Image image/gif	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsimgad%2F2316839238945372199&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7Ra.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-9gXoISVmV3kntWlJc0eSG1yyh6GCg89RvnZMBb6MgPbjt6bn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-5u6rgEk%2F07YACQ%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=160&qd=160&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=0&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1716924138445&de=336206666136&rx=182752347224&cu=1716924138445&m=1856&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4013&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3312%3A3312%3A0%3A3657&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15&cd=0&ah=15&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5309427804%3A3443801031%3A6603666671%3A138475874478&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=LB_03&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=970x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_03&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=1249472990&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers unused62 8096267 pragma no-cache date Tue, 28 May 2024 19:22:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Tue, 28 May 2024 19:22:21 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 265 B	349ms 348ms	Image image/gif	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1716924138445&de=943471882631&rx=182752347224&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=7&cb=1&cu=1716924138445&ll=2&lm=0&ln=0&em=0&en=0&d=5629749291%3A3551793099%3A6727446918%3A138477027511&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_02&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3312%3A3312%3A0%3A3657&tz=REC_02&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=939562121&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers unused62 8096267 pragma no-cache date Tue, 28 May 2024 19:22:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Tue, 28 May 2024 19:22:21 GMT
OPTIONS H2	204	i r.lr-ingest.com/ Frame	0 0	538ms 133ms	Preflight	104.198.23.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r.lr-ingest.com/i?a=wlb5gx%2Fdrupal-sites&r=5-d37bb24e-6333-4d7d-9e86-34150285f46c&t=c66f1421-6428-431b-a787-df2c56224c4d&s=0&rs=0%2Cu&u=24d24968-cddc-42e5-b12c-eeac8ac472f2&is=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 205.23.198.104.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers x-logrocket-relay-version Access-Control-Request-Method POST Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-credentials true access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS access-control-allow-origin * access-control-max-age 1728000 content-length 0 date Tue, 28 May 2024 19:22:22 GMT strict-transport-security max-age=31536000; includeSubDomains
POST H2	201	i Show response r.lr-ingest.com/	30 KB 30 KB	1099ms 298ms	XHR application/json	104.198.23.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r.lr-ingest.com/i?a=wlb5gx%2Fdrupal-sites&r=5-d37bb24e-6333-4d7d-9e86-34150285f46c&t=c66f1421-6428-431b-a787-df2c56224c4d&s=0&rs=0%2Cu&u=24d24968-cddc-42e5-b12c-eeac8ac472f2&is=1 Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/logger-1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 205.23.198.104.bc.googleusercontent.com Software / Express Resource Hash 34395fc4d3c3b3f508240e4d71c390c357f96556bdd478613610cbb2d33fe86e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.crainsdetroit.com/ X-LogRocket-Relay-Version 2023.12.0 Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 19:22:23 GMT strict-transport-security max-age=31536000; includeSubDomains etag W/"7633-hPI2MzlxRN3djvgXyZGGoPVO87Y" x-powered-by Express access-control-max-age 1728000 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version content-length 30259
GET H2	200	pixel.gif px.moatads.com/	43 B 265 B	288ms 287ms	Image image/gif	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F11827990674726863668&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7Ra.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-9gXoISVmV3kntWlJc0eSG1yyh6GCg89RvnZMBb6MgPbjt6bn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-5u6rgEk%2F07YACQ%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=160&qd=160&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1716924138445&de=943471882631&rx=182752347224&cu=1716924138445&m=1859&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4013&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3312%3A3312%3A0%3A3657&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5629749291%3A3551793099%3A6727446918%3A138477027511&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_02&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_02&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=144443889&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers unused62 8096267 pragma no-cache date Tue, 28 May 2024 19:22:22 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Tue, 28 May 2024 19:22:22 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 265 B	518ms 518ms	Image image/gif	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1716924138445&de=919731263457&rx=182752347224&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=8&cb=1&cu=1716924138445&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6727407095%3A138475860923&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3312%3A3312%3A0%3A3657&tz=REC_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=852966542&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers unused62 8096267 pragma no-cache date Tue, 28 May 2024 19:22:22 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Tue, 28 May 2024 19:22:22 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 265 B	124ms 124ms	Image image/gif	23.213.165.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F2584665622217372887&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7Ra.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-9gXoISVmV3kntWlJc0eSG1yyh6GCg89RvnZMBb6MgPbjt6bn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-5u6rgEk%2F07YACQ%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=160&qd=160&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1716924138445&de=919731263457&rx=182752347224&cu=1716924138445&m=1862&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4013&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3312%3A3312%3A0%3A3657&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=2&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6727407095%3A138475860923&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=1920892761&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-236.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers unused62 8096267 pragma no-cache date Tue, 28 May 2024 19:22:22 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Tue, 28 May 2024 19:22:22 GMT
GET		pixel.gif px.moatads.com/	0 0
GET H2	200	common.js Show response maps.googleapis.com/maps-api-v3/api/js/57/2/intl/de_ALL/	257 KB 57 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/57/2/intl/de_ALL/common.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bf503c42e2520af1a077b355bcb5f0b73b86f10e14e6cbb5eb0cc5ccbb9d73af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 14:30:55 GMT content-encoding br x-content-type-options nosniff age 17487 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57694 x-xss-protection 0 last-modified Sat, 25 May 2024 02:57:17 GMT server sffe cross-origin-opener-policy same-origin; report-to="maps-api-js" vary Accept-Encoding, Origin report-to {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 28 May 2025 14:30:55 GMT
GET H2	200	util.js Show response maps.googleapis.com/maps-api-v3/api/js/57/2/intl/de_ALL/	182 KB 56 KB	37ms 37ms	Script text/javascript	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/57/2/intl/de_ALL/util.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 681c03d800960540e5f98ae5a5f14ce3a8b55d53797c6c2aa235d8db6c9cc853 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 28 May 2024 14:30:55 GMT content-encoding br x-content-type-options nosniff age 17487 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57185 x-xss-protection 0 last-modified Sat, 25 May 2024 02:57:17 GMT server sffe cross-origin-opener-policy same-origin; report-to="maps-api-js" vary Accept-Encoding, Origin report-to {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 28 May 2025 14:30:55 GMT
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html js.stripe.com/v3/ Frame 2241	0 0	35ms 34ms	Document text/html	18.66.192.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-70.muc50.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes access-control-allow-origin * age 2640 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 28 May 2024 18:38:24 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Fri, 24 May 2024 23:49:19 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 3ddbbcaacc1ba68ddfab04ef45c3ca98.cloudfront.net (CloudFront) x-amz-cf-id s6Rdohl0cYxHM0er5Z60ULIYyzXrwUZEGPleOns6GUjMYm8uPrB0bw== x-amz-cf-pop MUC50-P1 x-cache Hit from cloudfront x-content-type-options nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/js/r20240523/r20110914/elements/html/omrhp_fy2021.js

Domain

tpc.googlesyndication.com

URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Domain

z.moatads.com

URL

https://z.moatads.com/craindfp44917164363/moatad.js

Domain

s0.2mdn.net

URL

https://s0.2mdn.net/simgad/4929237300474079845

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuhw_9G_fNZVtGoRyp3rUjHz_vIFIjqs6CBSyoen2iiz9MX_ftft_8hJw_VNwgToeX5elwaDsfQKbh9BU35F3HfiJS58gJyUsosgCrSv1a4GKfCK-R4fvr4oXjr4L_2ITfZVB0HJfZH3fPFvTPuBF5xj-RRGC4NZWAyN8kDOdJSVg4bj5hN_LAIfVKofxxMi7eFcjxToxboiFZZxIAZ_40PG5aKWcpVmwOfUyCca8wbi5Xf5xW-2zJ0vUVL4ZQH4sUXzUZAds5cxb2cbNIaotLnUT1-1P25wX8OI617BHz9d7EMo1FN5yVUpjtBkdd4HYXq8fWXH5dDxPt-BNivuff1fFozO_ql3djDj09DS7u2OL0MLjF2bNNG-edrUfkE2SmTkFlOb-srkIzOtbnXYTEMCSf5Lrg8JEN-mJj49brPEt9451UPH-f0enYHu3mx&sig=Cg0ArKJSzBrLrG9lZwEMEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Domain

tracker.samplicio.us

URL

https://tracker.samplicio.us/tracker/ed17fd30-11c8-4cd6-bf4d-4fe79ea3fce3/pixel.gif?sid=9383020&pid=390230607&crid=211748630&device_id=0&cachebuster=2066694529&gdpr=&gdpr_consent=&gdpr_pd=

Domain

px.moatads.com

URL

https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7Ra.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-9gXoISVmV3kntWlJc0eSG1yyh6GCg89RvnZMBb6MgPbjt6bn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-5u6rgEk%2F07YACQ%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=160&qd=160&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&h=250&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=112&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1716924138445&de=530221403620&rx=182752347224&cu=1716924138445&m=2886&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=112&lb=4013&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3312%3A3312%3A0%3A3657&as=1&ag=1090&an=45&gi=1&gf=1090&gg=45&ix=1090&ic=1090&ez=1&ck=1090&kw=935&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1090&bx=45&ci=1090&jz=935&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=935&cd=90&ah=935&am=90&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5131014612%3A3290675473%3A6442451746%3A138473339032&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-CrainMulti&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=208210&na=1204204531&cs=0