www.crainsdetroit.com Open in urlscan Pro
2606:4700::6812:b93b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Submission: On March 18 via api (March 18th 2024, 11:55:43 pm UTC) from LU — Scanned from DE

Summary HTTP 231 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 59 IPs in 5 countries across 45 domains to perform 231 HTTP transactions. The main IP is 2606:4700::6812:b93b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.crainsdetroit.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2023. Valid for: a year.

This is the only time www.crainsdetroit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700::68... 2606:4700::6812:b93b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:264... 2600:9000:2646:ba00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:310... 2a02:26f0:3100:787::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2.19.107.55 2.19.107.55	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.122.52 18.66.122.52	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:2240:5400:c:b42a:3740:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::ac43:4acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:4ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:6a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1	35.190.38.143 35.190.38.143	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
14	2606:4700:10:... 2606:4700:10::ac43:1a0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
8	130.162.160.243 130.162.160.243	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
3	176.34.167.98 176.34.167.98	16509 (AMAZON-02) (AMAZON-02)
3	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.201.104.135 35.201.104.135	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:303... 2606:4700:3034::ac43:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	13.224.189.87 13.224.189.87	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:780... 2a02:26f0:780::210:a40a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.112.84 18.66.112.84	16509 (AMAZON-02) (AMAZON-02)
1	44.194.189.235 44.194.189.235	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::ac43:247d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.5.31.150 3.5.31.150	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 1	52.17.54.105 52.17.54.105	16509 (AMAZON-02) (AMAZON-02)
1	66.235.152.225 66.235.152.225	16509 (AMAZON-02) (AMAZON-02)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
41	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:9600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	99.83.154.140 99.83.154.140	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
1	2a01:b740:a10... 2a01:b740:a10:f000::209	6185 (APPLE-AUSTIN) (APPLE-AUSTIN)
1	63.140.62.222 63.140.62.222	16509 (AMAZON-02) (AMAZON-02)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	35.82.187.64 35.82.187.64	16509 (AMAZON-02) (AMAZON-02)
2	104.198.23.205 104.198.23.205	15169 (GOOGLE) (GOOGLE)
231	59

23 2606:4700::6812:b93b (United States)

ASN13335 (CLOUDFLARENET, US)

www.crainsdetroit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3-rd-prod.crainsdetroit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2646:ba00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3100:787::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2.19.107.55 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-107-55.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-52.fra60.r.cloudfront.net

tags.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2240:5400:c:b42a:3740:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4acf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

crain-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:6a4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-intake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.38.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.38.190.35.bc.googleusercontent.com

pubcast-files.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:10::ac43:1a0b (United States)

ASN13335 (CLOUDFLARENET, US)

www.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 130.211.23.194 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 130.162.160.243 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 176.34.167.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-167-98.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
craommunications.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com

vi.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:991b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-ingest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.189.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-87.fra2.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a40a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-84.fra56.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.189.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-189-235.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:247d (United States)

ASN13335 (CLOUDFLARENET, US)

js-tag.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.31.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

crain-global.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.54.105 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-54-105.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-225.data.adobedc.net

craommunications.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3c31de4bed55da245a04c91b99e87e1c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:9600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:b740:a10:f000::209 (Frankfurt am Main, Germany)

ASN6185 (APPLE-AUSTIN, US)

applepay.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net

crain.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.82.187.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-187-64.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.23.205 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 205.23.198.104.bc.googleusercontent.com

r.lr-ingest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 3c31de4bed55da245a04c91b99e87e1c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 204	903 KB
39	moatads.com z.moatads.com — Cisco Umbrella Rank: 1013 mb.moatads.com — Cisco Umbrella Rank: 1188 px.moatads.com — Cisco Umbrella Rank: 829	132 KB
23	crainsdetroit.com www.crainsdetroit.com s3-rd-prod.crainsdetroit.com	1003 KB
16	pelcro.com js.pelcro.com — Cisco Umbrella Rank: 140826 www.pelcro.com — Cisco Umbrella Rank: 123777	433 KB
12	stripe.com js.stripe.com — Cisco Umbrella Rank: 2499 r.stripe.com — Cisco Umbrella Rank: 4705 m.stripe.com — Cisco Umbrella Rank: 2405	488 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 734 www.linkedin.com — Cisco Umbrella Rank: 882 px4.ads.linkedin.com — Cisco Umbrella Rank: 7517	3 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 643	30 KB
6	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 4595	295 KB
6	btloader.com 1 redirects btloader.com — Cisco Umbrella Rank: 1644 api.btloader.com — Cisco Umbrella Rank: 1743	19 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 maps.googleapis.com — Cisco Umbrella Rank: 654	178 KB
4	lr-ingest.com cdn.lr-ingest.com — Cisco Umbrella Rank: 48627 r.lr-ingest.com — Cisco Umbrella Rank: 44609	221 KB
4	ml314.com ml314.com — Cisco Umbrella Rank: 3252 vi.ml314.com — Cisco Umbrella Rank: 12860	22 KB
4	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2376 mab.chartbeat.com — Cisco Umbrella Rank: 3799	47 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	308 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 275 stats.g.doubleclick.net — Cisco Umbrella Rank: 195 ad.doubleclick.net — Cisco Umbrella Rank: 189	167 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 307 craommunications.demdex.net — Cisco Umbrella Rank: 272035	5 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 490	84 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2673	16 KB
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 5220	498 B
2	zemanta.com js-tag.zemanta.com — Cisco Umbrella Rank: 36818 p1.zemanta.com — Cisco Umbrella Rank: 24320	4 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1239 script.hotjar.com — Cisco Umbrella Rank: 1662	59 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2182 pixel.quantserve.com — Cisco Umbrella Rank: 1792	10 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 251	72 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1661	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	remixd.com tags.remixd.com — Cisco Umbrella Rank: 34940 pubcast-files.remixd.com — Cisco Umbrella Rank: 37486	11 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 439	623 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 1410	16 KB
1	2o7.net crain.112.2o7.net — Cisco Umbrella Rank: 244219	393 B
1	cdn-apple.com applepay.cdn-apple.com — Cisco Umbrella Rank: 22356	49 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	274 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1988	633 B
1	omtrdc.net craommunications.tt.omtrdc.net — Cisco Umbrella Rank: 269669	850 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 2060	490 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1224	396 B
1	t.co t.co — Cisco Umbrella Rank: 766	375 B
1	amazonaws.com crain-global.s3.amazonaws.com — Cisco Umbrella Rank: 368539	4 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1803	201 B
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 5336	34 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1756	17 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1208	15 KB
1	lr-intake.com cdn.lr-intake.com — Cisco Umbrella Rank: 66232	165 KB
1	gstatic.com fonts.gstatic.com	26 KB
1	videoplayerhub.com 1 redirects crain-com.videoplayerhub.com — Cisco Umbrella Rank: 266545	458 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 387	17 KB
231	45

	Domain	Requested by
41	pagead2.googlesyndication.com	cdn.lr-ingest.com securepubads.g.doubleclick.net www.crainsdetroit.com pagead2.googlesyndication.com tpc.googlesyndication.com
22	px.moatads.com	www.crainsdetroit.com
21	www.crainsdetroit.com	www.crainsdetroit.com
14	www.pelcro.com	js.pelcro.com cdn.lr-ingest.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
9	z.moatads.com	www.crainsdetroit.com z.moatads.com securepubads.g.doubleclick.net
8	mb.moatads.com	z.moatads.com
8	js.stripe.com	www.crainsdetroit.com js.stripe.com
6	bat.bing.com	assets.adobedtm.com bat.bing.com www.crainsdetroit.com cdn.lr-ingest.com
6	consent.trustarc.com	assets.adobedtm.com consent.trustarc.com www.crainsdetroit.com
5	api.btloader.com	1 redirects www.crainsdetroit.com crain-com.videoplayerhub.com cdn.lr-ingest.com
4	px.ads.linkedin.com	3 redirects cdn.lr-ingest.com
4	maps.googleapis.com	www.crainsdetroit.com maps.googleapis.com
4	www.googletagmanager.com	www.crainsdetroit.com www.googletagmanager.com assets.adobedtm.com
3	r.stripe.com	js.stripe.com
3	ml314.com	www.crainsdetroit.com ml314.com z.moatads.com
3	assets.adobedtm.com	www.crainsdetroit.com assets.adobedtm.com
3	static.chartbeat.com	www.crainsdetroit.com
2	r.lr-ingest.com	cdn.lr-ingest.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	api.sail-personalize.com	cdn.lr-ingest.com
2	s3-rd-prod.crainsdetroit.com	www.crainsdetroit.com
2	cdn.lr-ingest.com	assets.adobedtm.com cdn.lr-ingest.com
2	dpm.demdex.net	assets.adobedtm.com www.crainsdetroit.com
2	connect.facebook.net	assets.adobedtm.com connect.facebook.net
2	ad-delivery.net	www.crainsdetroit.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	js.pelcro.com	www.crainsdetroit.com js.pelcro.com
2	securepubads.g.doubleclick.net	www.crainsdetroit.com securepubads.g.doubleclick.net
1	m.stripe.com	m.stripe.network
1	bam.nr-data.net	cdn.lr-ingest.com
1	js-agent.newrelic.com	www.crainsdetroit.com
1	crain.112.2o7.net	cdn.lr-ingest.com
1	applepay.cdn-apple.com	js.pelcro.com
1	pixel.quantserve.com	www.crainsdetroit.com
1	script.hotjar.com	static.hotjar.com
1	p1.zemanta.com	www.crainsdetroit.com
1	www.facebook.com	www.crainsdetroit.com
1	rules.quantcount.com	secure.quantserve.com
1	3c31de4bed55da245a04c91b99e87e1c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	px4.ads.linkedin.com	www.crainsdetroit.com
1	www.linkedin.com	1 redirects
1	craommunications.tt.omtrdc.net	cdn.lr-ingest.com
1	cm.everesttech.net	1 redirects
1	craommunications.demdex.net	assets.adobedtm.com
1	analytics.twitter.com	www.crainsdetroit.com
1	t.co	www.crainsdetroit.com
1	crain-global.s3.amazonaws.com	assets.adobedtm.com
1	js-tag.zemanta.com	www.crainsdetroit.com
1	static.hotjar.com	www.crainsdetroit.com
1	secure.quantserve.com	www.crainsdetroit.com
1	ping.chartbeat.net	www.crainsdetroit.com
1	ak.sail-horizon.com	www.crainsdetroit.com
1	snap.licdn.com	assets.adobedtm.com
1	vi.ml314.com	www.crainsdetroit.com
1	static.ads-twitter.com	assets.adobedtm.com
1	ad.doubleclick.net	www.crainsdetroit.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pubcast-files.remixd.com	tags.remixd.com
1	cdn.lr-intake.com	www.crainsdetroit.com
1	fonts.gstatic.com	fonts.googleapis.com
1	mab.chartbeat.com	static.chartbeat.com
1	btloader.com	www.crainsdetroit.com
1	crain-com.videoplayerhub.com	1 redirects
1	tags.remixd.com	www.crainsdetroit.com
1	cdnjs.cloudflare.com	www.crainsdetroit.com
1	fonts.googleapis.com	www.crainsdetroit.com
231	67

This site contains links to these domains. Also see Links.

Domain
jobs.crainsdetroit.com
www.facebook.com
www.linkedin.com
twitter.com
www.twitter.com
www.instagram.com
help.crainsdetroit.com
wd1.myworkdaysite.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-11` - `2024-05-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
*.remixd.com Amazon RSA 2048 M03	`2024-01-10` - `2025-02-07`	a year	crt.sh
*.pelcro.com Amazon RSA 2048 M02	`2023-10-12` - `2024-11-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
lr-intake.com E1	`2024-01-21` - `2024-04-20`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
pubcast-files.remixd.com GTS CA 1D4	`2024-03-10` - `2024-06-08`	3 months	crt.sh
pelcro.com E1	`2024-02-19` - `2024-05-19`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-02-06` - `2024-05-06`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-27` - `2024-03-26`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-02-28` - `2024-05-28`	3 months	crt.sh
vi.ml314.com GTS CA 1D4	`2024-01-26` - `2024-04-25`	3 months	crt.sh
lr-ingest.com GTS CA 1P5	`2024-02-26` - `2024-05-26`	3 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2024-03-16` - `2025-04-14`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M02	`2023-12-04` - `2024-12-30`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
quantserve.com R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
api.sail-personalize.com Amazon RSA 2048 M01	`2023-04-25` - `2024-05-23`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
applepay.cdn-apple.com Apple Public Server ECC CA 12 - G1	`2024-01-29` - `2024-04-28`	3 months	crt.sh
*.112.2o7.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-10`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2024-03-06` - `2024-06-06`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-15` - `2025-02-15`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh
api.logrocket.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Frame ID: 2D90409BF84886DE1F9F1CE6B1D76D26
Requests: 152 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 5F3609813BF089AFB0D14039CAD6FDEB
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-experimental-f061880eddcd69c062dc0edbfdbf8872.html
Frame ID: 260E3960ABBAF59E34799692A62A8C8D
Requests: 8 HTTP requests in this frame

Frame: https://craommunications.demdex.net/dest5.html?d_nsid=0
Frame ID: 7439FD20B8ABDC2642739F25F1DDDD54
Requests: 1 HTTP requests in this frame

Frame: https://3c31de4bed55da245a04c91b99e87e1c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E60167857EA33F7692142847DC0961FD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js
Frame ID: 8D9A1B69FA4B66D6BD493506102D2B13
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js
Frame ID: E59BE8BE42A6D83EC2841C67EE177060
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js
Frame ID: 81EB96B159C5B31847AA94B183B7B29B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js
Frame ID: EAA2E3DA8452D59F3D2F1A0245070C4E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js
Frame ID: A5715D592DCE2AB172AF2CFE3A7C57CA
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/12328937770629736648
Frame ID: 5EBB15B5BA4FFFC5380CDA6262C5A769
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js
Frame ID: 165CC6BBE93658563CB7D2224EF4EC47
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 918688221B48B4FCE6737297FC04E683
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: A94262A678875CFA6A0F64C01A1AE9AA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A920D92BD9A07812C6260BCDA12DCCB4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Flagstar bank paid $1 million in bitcoin to a ransomware group | Crain's Detroit Business

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Apple Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<script id="apple-pay

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

Page Statistics

231
Requests

97 %
HTTPS

53 %
IPv6

45
Domains

67
Subdomains

59
IPs

5
Countries

4875 kB
Transfer

17236 kB
Size

52
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://jobs.crainsdetroit.com/
Title: Post a Job

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group&title=Flagstar%20paid%20$1M%20bitcoin%20ransom%20after%20cyberattack%20in%202021,%20court%20filings%20show

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=1&url=https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group&title=Flagstar%20paid%20$1M%20bitcoin%20ransom%20after%20cyberattack%20in%202021,%20court%20filings%20show&source=https://www.crainsdetroit.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group&via=crainsdetroit&text=Flagstar%20paid%20$1M%20bitcoin%20ransom%20after%20cyberattack%20in%202021,%20court%20filings%20show

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CrainsDetroit

Search URL Search Domain Scan URL

URL: https://www.twitter.com/crainsdetroit

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/crain%27s-detroit-business

Search URL Search Domain Scan URL

URL: https://www.instagram.com/crainsdetroit

Search URL Search Domain Scan URL

URL: https://help.crainsdetroit.com/hc/en-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://wd1.myworkdaysite.com/recruiting/crain/Crain_Careers
Title: Crain Careers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://crain-com.videoplayerhub.com/galleryloader.js HTTP 301
https://btloader.com/tag?h=crain-com&upapi=true

Request Chain 44

https://api.btloader.com/websiteconfig?o=5764463032532992&w=crainsdetroit.com HTTP 302
https://api.btloader.com/websiteconfig?bt_env=prod&o=5764463032532992&w=crainsdetroit.com

Request Chain 91

https://cm.everesttech.net/cm/dd?d_uuid=65488357751747574282899052090091504928 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZfjUeQAAAG2dtgN-

Request Chain 93

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1710806137132&li_adsId=30fb5f0f-1f47-4b15-b836-c38e3fa71a27&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1710806137132&li_adsId=30fb5f0f-1f47-4b15-b836-c38e3fa71a27&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2832529%26time%3D1710806137132%26li_adsId%3D30fb5f0f-1f47-4b15-b836-c38e3fa71a27%26url%3Dhttps%253A%252F%252Fwww.crainsdetroit.com%252Fbanking-finance%252Fflagstar-bank-paid-1-million-bitcoin-ransomware-group%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1710806137132&li_adsId=30fb5f0f-1f47-4b15-b836-c38e3fa71a27&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1710806137132&li_adsId=30fb5f0f-1f47-4b15-b836-c38e3fa71a27&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cookiesTest=true&liSync=true&e_ipv6=AQKWYDIm4cut4gAAAY5T_fxW8YTj4ou9oFRlRYTR9YyAKlCtsdrhoJu1x4C49LIxuOtG2XVr1rjtvIcQg7Up-k7aOuJRmg

231 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request flagstar-bank-paid-1-million-bitcoin-ransomware-group Show response
www.crainsdetroit.com/banking-finance/ 221 KB
40 KB 714ms
609ms Document
text/html 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bda6eb2aadc180d5c832068d23ffa237717e42b7a7cb5a567ff2dfd0e575807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=43200
cf-cache-status: EXPIRED
cf-ray: 8669278a5da765df-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=UTF-8
date: Mon, 18 Mar 2024 23:55:35 GMT
expires: Tue, 19 Mar 2024 11:55:35 GMT
last-modified: Mon, 18 Mar 2024 21:09:13 GMT
server: cloudflare
vary: Cookie,Accept-Encoding
via: varnish
x-ah-environment: prod
x-cache: HIT
x-cache-hits: 10
x-content-type-options: nosniff
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-request-id: v-c56b6e42-e56b-11ee-afe3-e3c04ddc513c
x-ua-compatible: IE=edge

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 87 KB
29 KB 144ms
49ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f97daaf33de46594c8c53f12928a493174b836bdff3f673456493c78f509dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28737
x-xss-protection: 0
server: cafe
etag: 999 / 19800 / m202403140101 / config-hash: 2114763945481947557
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 23:55:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 181 KB
67 KB 122ms
50ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2717831-1

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

afb22835b561cd5c463bf3b3619f7ea222ca87ae9ecff4ee1c1fa53154f7d3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67900
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 21:08:46 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Mar 2024 23:55:36 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 138ms
37ms Script
application/x-javascript 2600:9000:2646:ba00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:ba00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 19:19:56 GMT
content-encoding: gzip
via: 1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 16540
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: eOxBQbVLD7cYvZFM3tNryMqWlXZmFqJZidCt2OE-HthFlq84iOHCcw==
expires: Tue, 19 Mar 2024 19:19:56 GMT

GET
H2 200 launch-ef0d5546c26e.min.js Show response
assets.adobedtm.com/05852ba8023b/f33085ef03e5/ 269 KB
83 KB 235ms
80ms Script
application/x-javascript 2a02:26f0:3100:787::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:787::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 24fcce4d063676374643817ec12847f4e45921ec95d36643dc825c361dcc9241

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
content-encoding: gzip
last-modified: Mon, 26 Feb 2024 11:48:23 GMT
server: AkamaiNetStorage
etag: "581b777219121cbe79e4869e8393f24d:1708948103.492676"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 84428
expires: Tue, 19 Mar 2024 00:55:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
992 B 110ms
41ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,300;0,400;0,500;0,700;0,800;0,900;1,300;1,400;1,500;1,700;1,800;1,900&display=swap

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4753efaa55ec4381d4b4b320f2cec85ebce4577de533e6e24553b4fe34204022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 23:55:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 18 Mar 2024 23:55:36 GMT

GET
H2 200 css_k9yclWLvLwggFcQ3BP66Hv8zB3LmTQ1tWqqRx0UC1yw.css
www.crainsdetroit.com/sites/cdb_rd/files/css/ 112 KB
20 KB 46ms
44ms Stylesheet
text/css 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/css/css_k9yclWLvLwggFcQ3BP66Hv8zB3LmTQ1tWqqRx0UC1yw.css

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

477926aa04368dcc2d05073bd2da2378d5dc357b43e34fcdacf37127b38a56d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 31
date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 99179
cf-polished: origSize=115154
x-cache: HIT
x-ah-environment: prod
x-request-id: v-0f6785ee-e1f7-11ee-99a2-8f1db9988fc0
cf-bgj: minify
last-modified: Mon, 26 Feb 2024 10:42:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
cf-ray: 8669278e390865df-FRA
expires: Thu, 28 Mar 2024 11:36:12 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/ 98 KB
17 KB 112ms
43ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 449028
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17041
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "623a082a-4291"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3uj%2BF3dfRMRn433LS4Nqy9JObnFFa%2BFKv%2FR9ggsTyYKPVKj%2F62A2GuZigSfLgoDMkOEhOMkEkjDoXgJSCTN4VmctNKr7jv2DNRLD1owdPCyVfD456VtICTqtOrWFNWRzVQYRwNQkFL76gGU4CfzrGLSD"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8669278eaa593606-FRA
expires: Sat, 08 Mar 2025 23:55:36 GMT

GET
H2 200 css_I7pn8BYxJS3mJh1DCMwBTr3HDX-zxAMxbMJY8_pD6-k.css
www.crainsdetroit.com/sites/cdb_rd/files/css/ 193 KB
32 KB 49ms
48ms Stylesheet
text/css 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/css/css_I7pn8BYxJS3mJh1DCMwBTr3HDX-zxAMxbMJY8_pD6-k.css

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9dd1659fcb3095d91a4c4174b4e4bc7fa3ef7470f107f1d0e0dec780d4752f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 290
date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 457937
cf-polished: origSize=198161
x-cache: HIT
x-ah-environment: prod
x-request-id: v-66fb53b2-db94-11ee-87ac-63e744d60c94
cf-bgj: minify
last-modified: Wed, 06 Mar 2024 08:34:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
cf-ray: 8669278e390965df-FRA
expires: Wed, 20 Mar 2024 08:34:52 GMT

GET
H2 200 js_lyb0K5ITaniwcgo-uFqLgufjqgYVW6mPAkzWFQRWKOQ.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 93 KB
33 KB 48ms
47ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_lyb0K5ITaniwcgo-uFqLgufjqgYVW6mPAkzWFQRWKOQ.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d598b11113ca13e57538e85b580e0135467c25fbbf1f60f248dcadac20e86fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 419
date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 457937
cf-polished: origSize=97739
x-cache: HIT
x-ah-environment: prod
x-request-id: v-ceab0148-d6d9-11ee-957a-576201cf6307
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 11:14:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8669278e390a65df-FRA
expires: Thu, 14 Mar 2024 08:09:05 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/crainprebidheader782626518086/ 274 KB
94 KB 212ms
76ms Script
application/x-javascript 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d208e777775378f574b7d0120d2a549a0afec0c3957c51b781a0155d772a4ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Mon, 18 Mar 2024 23:55:36 GMT
last-modified: Wed, 28 Feb 2024 12:16:18 GMT
server: AmazonS3
x-amz-request-id: 1YP70P818MXXC4AZ
etag: "55d49edbe6bef361c94dbdfc89cd2d4f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=40028
accept-ranges: bytes
content-length: 96176
x-amz-id-2: fYPx8NgCY0e3nU+dU9l7s++Nj/IQGnB8wTHK1AQe19H37m7RX+Y144idqZgu3Y/WZaDxXRwng3k=

GET
H2 200 js_954lV8Ki6AP6yA3A6MvYfEsTL54ijdEl-FolfnmMi2s.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 2 KB
782 B 47ms
46ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_954lV8Ki6AP6yA3A6MvYfEsTL54ijdEl-FolfnmMi2s.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

476f3ea93ecf3d5a3d04f9ec7264d9be07c55792cae459e1e056d668fbe0eb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 400
date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 453298
cf-polished: origSize=2710
x-cache: HIT
x-ah-environment: prod
x-request-id: v-01cd3242-d6dc-11ee-a045-dba128821247
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 11:14:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8669278e390b65df-FRA
expires: Thu, 14 Mar 2024 08:24:50 GMT

GET
H2 200 js_-QM9b70ms9vwfnmLPrfosaU6dnxAznojaeO3JCOcMSs.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 2 KB
855 B 44ms
43ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_-QM9b70ms9vwfnmLPrfosaU6dnxAznojaeO3JCOcMSs.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7429f8084c66cf882a7e96a4afcf207df7c77483f13a91ec7333887392dc346a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 385
date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 457937
cf-polished: origSize=4073
x-cache: HIT
x-ah-environment: prod
x-request-id: v-01cc83ba-d6dc-11ee-a22c-b3891c107790
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 11:14:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8669278e390c65df-FRA
expires: Thu, 14 Mar 2024 08:24:50 GMT

GET
H2 200 adobe_launch_dtm_init.js Show response
www.crainsdetroit.com/modules/contrib/adobe_launch/js/ 67 B
235 B 423ms
423ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/modules/contrib/adobe_launch/js/adobe_launch_dtm_init.js?sajemz

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d986b35a59fa7cdf953a4b6e5ad899b3d9ebfed1501c01a385f67c22e3690a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
cf-polished: origSize=196
x-cache: MISS
x-ah-environment: prod
x-request-id: v-e4c65358-e50a-11ee-b35c-3b32bfac02e1
cf-bgj: minify
last-modified: Tue, 17 May 2022 04:57:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 8669278e390d65df-FRA
expires: Mon, 01 Apr 2024 23:55:36 GMT

GET
H2 200 email-decode.min.js Show response
www.crainsdetroit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
800 B 56ms
54ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Mar 2024 18:07:56 GMT
server: cloudflare
etag: W/"65f099fc-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8669278e691e65df-FRA
expires: Wed, 20 Mar 2024 23:55:36 GMT

GET
H2 200 index.js Show response
tags.remixd.com/player/v5/ 34 KB
10 KB 192ms
61ms Script
text/javascript 18.66.122.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.remixd.com/player/v5/index.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:22 GMT
content-encoding: gzip
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 49
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10041
last-modified: Tue, 31 Oct 2023 15:34:26 GMT
server: AmazonS3
etag: "57b6f8ad4125903b7e06bb427c232d10"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=1800
accept-ranges: bytes
x-amz-cf-id: nCfmNA9hsVQwgya31hshyayKxvzjV9owHHfCgTxqr1ZF3QAMySirqQ==

GET
H2 200 js_O40j1Rj3SRByEkq45U7DZLlm2gVdyVYzPfFrl_gpJOM.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 156 KB
46 KB 58ms
56ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_O40j1Rj3SRByEkq45U7DZLlm2gVdyVYzPfFrl_gpJOM.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fcef0716825e85fb5a12018e61d82ba24f358254c0f6ed5cb1bae3d3a920904

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 51592
cf-polished: origSize=213514
x-cache: MISS
x-ah-environment: prod
x-request-id: v-e4c654ac-e50a-11ee-87c0-6347e383912e
cf-bgj: minify
last-modified: Mon, 18 Mar 2024 09:35:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8669278e692065df-FRA
expires: Mon, 01 Apr 2024 09:35:44 GMT

GET
H2 200 crain_pelcro_user.js Show response
www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/ 24 KB
7 KB 58ms
56ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/crain_pelcro_user.js?sajemz

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a094736305b27be0ed1574764bc61bb066a33118cd9603dae6d4e002591e8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 13
cf-polished: origSize=35599
x-cache: MISS
x-ah-environment: prod
x-request-id: v-e504ab1c-e50a-11ee-ad3f-cb61b18cad5a
cf-bgj: minify
last-modified: Mon, 18 Mar 2024 09:16:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 86692790eb1365df-FRA
expires: Mon, 01 Apr 2024 23:55:36 GMT

GET
H2 200 crain_pelcro_order.js Show response
www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/ 1 KB
711 B 446ms
443ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/crain_pelcro_order.js?sajemz

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c03d980fed6f86344148c1d33e311ffe17b84985ec47519e62556e3dd82d8f7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
cf-polished: origSize=1938
x-cache: MISS
x-ah-environment: prod
x-request-id: v-e5052d94-e50a-11ee-8c49-4b0aae1305ba
cf-bgj: minify
last-modified: Mon, 06 Mar 2023 09:00:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 86692790eb1565df-FRA
expires: Mon, 01 Apr 2024 23:55:36 GMT

GET
H2 200 js_-0BdO3LkFuFFGBAHyINS7RgVPwBaMKTe-czA7uNebeg.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 2 MB
605 KB 87ms
85ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_-0BdO3LkFuFFGBAHyINS7RgVPwBaMKTe-czA7uNebeg.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79d038a268ee2fcd4762cecadeeba4a274889108b739b51f28c389382d980f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 51592
cf-polished: origSize=2482130
x-cache: MISS
x-ah-environment: prod
x-request-id: v-e4c69a02-e50a-11ee-be34-d34f047c4686
cf-bgj: minify
last-modified: Mon, 18 Mar 2024 09:35:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8669278e692165df-FRA
expires: Mon, 01 Apr 2024 09:35:44 GMT

GET
H2 200 main.min.js Show response
js.pelcro.com/sdk/ 305 KB
87 KB 155ms
38ms Script
text/javascript 2600:9000:2240:5400:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/sdk/main.min.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:5400:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3da23c6b7353f903e30e3651984a87359c7facd26296b147bd6b6ebdfecdf86f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 04:37:30 GMT
content-encoding: gzip
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 76837
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: PaI8a3NT+QPjDjZRmEqHNZx/rNJilrFHvWtuvf7N+G8=
x-cache: Hit from cloudfront
x-amz-meta-sha384: Ibi9yGBwVveetE1SeULiQl5dAe4KXr+ZTI/D0+pTygabIRXfgWWjgtdsmk6kP+dR
last-modified: Tue, 31 Oct 2023 05:23:09 GMT
server: AmazonS3
etag: W/"0197d3a042c5c695817564065e213a27"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-amz-meta-md5: 0197d3a042c5c695817564065e213a27
x-amz-cf-id: eXaiC0di5RA6Oh8UL3i2zTz3D3Gw-t8RsmHbEFNiZ_SvHmexJZN_MQ==

GET
H2 200 js_SnKD2-3aEfAFBELg9IZ5JYEiN0TYGTM1RmvX_BtxeIA.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 5 KB
2 KB 56ms
55ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_SnKD2-3aEfAFBELg9IZ5JYEiN0TYGTM1RmvX_BtxeIA.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63aae67d48458f330d11bac26bf2fc81512d26d4186cdb01f82021be2a0b2ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 388
date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 453298
cf-polished: origSize=7332
x-cache: HIT
x-ah-environment: prod
x-request-id: v-ceac1bd2-d6d9-11ee-97ba-977bae4661e5
cf-bgj: minify
last-modified: Mon, 26 Feb 2024 10:42:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8669278e692265df-FRA
expires: Thu, 14 Mar 2024 08:09:05 GMT

GET
H2 200 google_analytics.js Show response
www.crainsdetroit.com/modules/contrib/google_analytics/js/ 4 KB
1 KB 410ms
408ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/modules/contrib/google_analytics/js/google_analytics.js?v=9.5.3

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d8fb7264da35f0a328c76bea44722c24c4a12e7de9b690a2180b5f57e868f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 160979
date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
cf-polished: origSize=8219
x-cache: HIT
x-ah-environment: prod
x-request-id: v-910ebbfe-d6d9-11ee-bd8b-4b0bd0ebdabd
cf-bgj: minify
last-modified: Thu, 28 Jul 2022 07:49:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 86692790eb1765df-FRA
expires: Mon, 01 Apr 2024 23:55:36 GMT

GET
H2 200 js_ySV8cx5Xd25-JgzJg1_GgmeuXnQWMfpNooegsiNDl4c.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 309 KB
94 KB 91ms
90ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_ySV8cx5Xd25-JgzJg1_GgmeuXnQWMfpNooegsiNDl4c.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5897e8e09a85f610e1afffe64f8838900def6ecd2296dccbd2cf006de83c17d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 366
date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 457803
cf-polished: origSize=330497
x-cache: HIT
x-ah-environment: prod
x-request-id: v-ceab6cfa-d6d9-11ee-80cc-2f8110d3b3da
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 11:15:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8669278e692465df-FRA
expires: Thu, 14 Mar 2024 08:09:05 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 191 KB
65 KB 167ms
62ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

a0c6f52bf4d52ba78bcc460ca2e69b57de88b48821133063a4185ebdb6c5b02f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65963
x-xss-protection: 0

GET
H2 200 js_hNuFLFZ4KuWBtmzfogrJPedi10_pI614olSZdgj2Ba4.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 182 KB
60 KB 58ms
58ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_hNuFLFZ4KuWBtmzfogrJPedi10_pI614olSZdgj2Ba4.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

708f37d42db58799126ed4dc0ea8847882d430f7cbbe8453db6d03210ab63f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 51592
cf-polished: origSize=271451
x-cache: MISS
x-ah-environment: prod
x-request-id: v-e4c68738-e50a-11ee-8f59-07afed38f41e
cf-bgj: minify
last-modified: Mon, 18 Mar 2024 09:35:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8669278e692665df-FRA
expires: Mon, 01 Apr 2024 09:35:44 GMT

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://crain-com.videoplayerhub.com/galleryloader.js
https://btloader.com/tag?h=crain-com&upapi=true

53 KB
18 KB

133ms
50ms

Script
application/javascript

2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=crain-com&upapi=true
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Server: 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d8199530cfa9e80faeb1d8d79d8b0c2c04fbf48f2d14b0e98ce87d96b20b693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2024 23:47:14 GMT
server: cloudflare
age: 323
etag: "74d4b721a28ee71b0989d92915203537"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 866927925f785d5d-FRA
content-length: 17942

Redirect headers

date: Mon, 18 Mar 2024 23:55:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=luF0YGLSgdCSMdPM22oieI5UBrs87apwR3BWUjvbBpCjeYUhH5su8sdtlXlB3SgdA6afFWHOXy6O%2FlmWcHtSEVKRs3%2FjEEzvEzfNdvODV%2Ft%2BJKa7tBBLfMt04xMar8N%2F1Xh7Noz9za3pQhY6l1tov16d7Ro53XuaQ%2BE%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=crain-com&upapi=true
cache-control: max-age=3600
cf-ray: 866927917a821c8b-FRA
expires: Tue, 19 Mar 2024 00:55:36 GMT

GET
H2 200 sitetotal.js Show response
static.chartbeat.com/js/sitewidgets/ 54 KB
22 KB 45ms
44ms Script
application/x-javascript 2600:9000:2646:ba00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/sitewidgets/sitetotal.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:ba00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 879f8ac93353fa4011fb96c803114599fccc3bdf068c906fc2ea35b9e9715d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 19:17:52 GMT
content-encoding: gzip
via: 1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
last-modified: Fri, 12 Apr 2013 15:40:22 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 16664
etag: W/"51682ae6-d6df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: fWqlkDwGhLo4D5S5SUXTHMzZqd4xs2IHcSY1lew1pdFVJx2cBtEQog==
expires: Tue, 19 Mar 2024 19:17:52 GMT

GET
H2 200 dashboard.js Show response
www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/chartbeat/js/build/ 2 KB
789 B 430ms
428ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/chartbeat/js/build/dashboard.js?sajemz

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

694d8d308661f0a9835c8ba2c50f848dd8effa27fbea6938d0bbd95b9f9ee571

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
cf-polished: origSize=2340
x-cache: MISS
x-ah-environment: prod
x-request-id: v-e504a55e-e50a-11ee-9469-7789526057ed
cf-bgj: minify
last-modified: Thu, 02 Feb 2023 06:17:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 86692790eb1865df-FRA
expires: Mon, 01 Apr 2024 23:55:36 GMT

GET
H2 200 js_V02_970wEXgRxblqdg5skocdOqhnVKF4_f6SsmXrN70.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 47 KB
12 KB 56ms
56ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_V02_970wEXgRxblqdg5skocdOqhnVKF4_f6SsmXrN70.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd83d563e9acad29d8b8cdcc9b8e2611c2ef269278a01d17414c22f714f611a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 346
date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 461514
cf-polished: origSize=66759
x-cache: HIT
x-ah-environment: prod
x-request-id: v-e9034026-d6f4-11ee-b31f-3bc18f58540f
cf-bgj: minify
last-modified: Mon, 26 Feb 2024 11:06:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8669278e692765df-FRA
expires: Thu, 14 Mar 2024 11:23:06 GMT

GET
H2 200 crain_pelcro_user_status.js Show response
www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/ 3 KB
1 KB 428ms
427ms Script
application/javascript 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/crain_pelcro_user_status.js?sajemz

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6e1bca811af848f4ad930170f9bc77edcd142fc90badc0218cd8c6dc57f36ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
cf-polished: origSize=4140
x-cache: MISS
x-ah-environment: prod
x-request-id: v-e505a5b2-e50a-11ee-b28c-4fd98f392da3
cf-bgj: minify
last-modified: Mon, 05 Feb 2024 10:34:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 86692790eb1965df-FRA
expires: Mon, 01 Apr 2024 23:55:36 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/ 437 KB
138 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b02035774d9978a0656512051c97ec80f62a4da90137b41e4e998d5cbb7b957

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21440
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140761
x-xss-protection: 0
server: cafe
etag: 16686147382162094741
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 18 Mar 2025 17:58:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 119ms
36ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2717831-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 18 Mar 2024 23:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 448
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 19 Mar 2024 01:48:08 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 235 B
528 B 230ms
141ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=crainsdetroit.com&domain=crainsdetroit.com&path=%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 192574e33506cbc2db0a4a31e24e7a72abe1bd1fc08f10da2e1e0d789bbed5fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 0
date: Mon, 18 Mar 2024 23:55:36 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 170
x-served-by: cache-fra-etou8220108-FRA
x-timer: S1710806137.527926,VS0,VE104
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sat, 16 Mar 2024 23:55:36 GMT

GET
H2 200 icons.svg
www.crainsdetroit.com/themes/custom/citybook_rd/dist/ 21 KB
7 KB 54ms
54ms Other
image/svg+xml 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/themes/custom/citybook_rd/dist/icons.svg

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f058c513fcaf91655142859e33bc379433065e14cbc8eaf57de942825dc731a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 3
date: Mon, 18 Mar 2024 23:55:36 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 13
x-cache: HIT
x-ah-environment: prod
x-request-id: v-ddda783c-e1d9-11ee-95c2-534f433caecb
last-modified: Thu, 01 Dec 2022 09:24:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=1209600
cf-ray: 86692790eb1a65df-FRA
expires: Mon, 01 Apr 2024 23:55:36 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif

GET
H2 200 ijwRs572Xtc6ZYQws9YVwnNGfJ7QwOk1.woff2
fonts.gstatic.com/s/publicsans/v15/ 26 KB
26 KB 118ms
37ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ7QwOk1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,300;0,400;0,500;0,700;0,800;0,900;1,300;1,400;1,500;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8458e4b4a54eacfd1b843411542fb3c450c0b9cf9552297bfca73fc718a258ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.crainsdetroit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Mar 2024 12:39:41 GMT
x-content-type-options: nosniff
age: 472555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26160
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 12:39:41 GMT

GET
H2 200 logger-1.min.js Show response
cdn.lr-intake.com/ 832 KB
165 KB 147ms
55ms Script
text/javascript 2606:4700:3037::6815:6a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-intake.com/logger-1.min.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_-0BdO3LkFuFFGBAHyINS7RgVPwBaMKTe-czA7uNebeg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:6a4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcda6233b9433198b116599b6c9b7d3f28ab6aae16a8b23cf63c9338d3e4c1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46
x-cache: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220091-FRA
last-modified: Mon, 18 Mar 2024 19:27:31 GMT
server: cloudflare
x-timer: S1710790083.494914,VS0,VE48
etag: W/"ddc6e50b70e1d9410e1226e382a8707958f0701e9873f9d7d5199aab7cd0225c-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x8eAcOhuxMYSuaCVrGwOhugQx6P1NEo6PYb8rTqzU2pr3ZoJnSt2zwZzU85oL52ZobyMc%2FQ8Wksabiok%2FP7L%2BxR2LdKTag8YGdAZ4VBT4hQ%2Fys1eZTZTMTBoNXc7VX%2Bq%2FzHAcr9H0j%2FauIR7dfyc8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 866927920a499107-FRA
x-cache-hits: 0

GET
H2 200 v3 Show response
js.stripe.com/ 607 KB
168 KB 194ms
55ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_-0BdO3LkFuFFGBAHyINS7RgVPwBaMKTe-czA7uNebeg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ef2642634e396d16e410f04f342043325da54d58e386bc0db675a874d4da7ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 18 Mar 2024 23:55:36 GMT
via: 1.1 varnish
age: 32
x-cache: HIT
content-length: 171760
x-request-id: b4684fe8-c1d0-497b-b1eb-bab149df7a9c
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 18 Mar 2024 17:57:32 GMT
server: Fastly
etag: "91e54d5a1304369d0bf60d6296561874"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 127ms
53ms XHR
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.crainsdetroit.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 43ms
43ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=423830001&t=pageview&_s=1&dl=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&ul=en-us&de=UTF-8&dt=Flagstar%20bank%20paid%20%241%20million%20in%20bitcoin%20to%20a%20ransomware%20group%20%7C%20Crain%27s%20Detroit%20Business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1922731211&gjid=270280183&cid=1758361776.1710806137&tid=UA-2717831-1&_gid=151453732.1710806137&_r=1&gtm=457e43d0za200&gcd=13l3l3l2l3&dma_cps=sypham&dma=1&did=dMDhkMT&gdid=dMDhkMT&npa=1&z=803941248

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 crainsdetroit.com Show response
pubcast-files.remixd.com/player-configs/ 111 B
487 B 267ms
153ms Fetch
application/xml 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pubcast-files.remixd.com/player-configs/crainsdetroit.com
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 08142330655deb1526dcc56795c92eb5c13012f75b599d5ac68db4027953ed80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
server: UploadServer
x-guploader-uploadid: ABPtcPrE5WcfoLGw_AxpRVqUX-9Rs1Y99TQw6YL68mHb_NHh3Zm9YxQgMEwYmr1m7nWnjPY93mdG0jVgzQ
content-type: application/xml; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
expires: Mon, 18 Mar 2024 23:55:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 133ms
42ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2717831-1&cid=1758361776.1710806137&jid=1922731211&gjid=270280183&_gid=151453732.1710806137&npa=1&_u=YEBAAUAAAAAAACAAI~&z=980215985

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 18 Mar 2024 23:55:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 site Show response
www.pelcro.com/api/v1/sdk/ 11 KB
2 KB 163ms
162ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/site?site_id=5070&language=en

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

982abd6700474cbf50afcec02e1e52e938aa8d666c2ebd01e018a37333bd2068

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.16.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2024 23:47:24 GMT
server: cloudflare
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=0
cf-ray: 86692796f86c9b86-FRA
expires: Mon, 18 Mar 2024 23:47:24 GMT

OPTIONS
H2 204 site
www.pelcro.com/api/v1/sdk/ Frame 0
0 700ms
610ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/site?site_id=5070&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 866927932dce9b86-FRA
date: Mon, 18 Mar 2024 23:55:37 GMT
expires: Mon, 18 Mar 2024 23:55:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2

200

websiteconfig Show response
api.btloader.com/
Redirect Chain

https://api.btloader.com/websiteconfig?o=5764463032532992&w=crainsdetroit.com
https://api.btloader.com/websiteconfig?bt_env=prod&o=5764463032532992&w=crainsdetroit.com

567 B
509 B

161ms
161ms

Fetch
application/json

130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/websiteconfig?bt_env=prod&o=5764463032532992&w=crainsdetroit.com
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 986fe3da40757fb67805f5136fb3627c04d0f25f17b490d0b1dbe66c481b3e74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 18 Mar 2024 23:55:35 GMT
etag: "ece85e554191a2af593d9e314708013f"
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324

Redirect headers

date: Mon, 18 Mar 2024 23:55:36 GMT
via: 1.1 google
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: /websiteconfig?bt_env=prod&o=5764463032532992&w=crainsdetroit.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96

GET
H2 204 state Show response
api.btloader.com/mw/ 0
39 B 275ms
161ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: crain-com.videoplayerhub.com
URL: https://crain-com.videoplayerhub.com/galleryloader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Mon, 18 Mar 2024 23:55:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
338 B 124ms
46ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 462164
x-guploader-uploadid: ABPtcPqkn84ORkTHuFNCRUJTFlhYnkbeQ09QY1pcs7XDkBH8tEs4enE2ou-t0BzneIxmpIQS0CQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bqfm89DTxOGXpfqqIAtkyYhQjv%2BdLW7r58VziHP2jO3mVDgDMB6hToZUWFVt4Dk%2FjUROJDuO8yQAx2heHsPwc7qwSwdq1Sy07CLWTVYqL57U6GQs95Uo38tMXam3BJfVh00PSkWwhUh4rSCZCg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 866927933f331d90-FRA
expires: Wed, 13 Mar 2024 16:15:37 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 173ms
53ms Image
image/x-icon 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 00:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Mar 2024 00:43:46 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
913 B 121ms
44ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.8704120982787638
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 462164
x-guploader-uploadid: ABPtcPqkn84ORkTHuFNCRUJTFlhYnkbeQ09QY1pcs7XDkBH8tEs4enE2ou-t0BzneIxmpIQS0CQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1A9QkzsSd4bpmWnNH%2FDnW8HyGY2j22XHu%2FutWKkEOaZ2Nle8LqxpoOlsmPqf08tYvuSGI9OVn8M4AXNE8VU1bWyHi%2FZ2T3YC50Y4xHPdmqyu6MtZvKkV8aowiT4woOfr2ZTOrCoSroRFTHY7Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 866927933f351d90-FRA
expires: Wed, 13 Mar 2024 16:15:37 GMT

GET
BLOB 200
OK 98d49753-6d51-4bea-a869-9695ddf073e6
https://www.crainsdetroit.com/ 463 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.crainsdetroit.com/98d49753-6d51-4bea-a869-9695ddf073e6
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22a564e9d4184c90dc9e0a8c354e247063ae64d9ce1dcd50b691d2ad291c1fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Length: 473816
Content-Type

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 1 KB
1 KB 301ms
102ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&pcode=crainprebidheader782626518086&rx=60954908677&callback=MoatNadoAllJsonpRequest_68815018
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: bf1c0df8b4f1771a1ee8d1e3245a76929eff1801de282d36c67e8cb5e16baf90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
server: istio-envoy
etag: "c9f9bf684ccceb00b74822ac0c5e75dc07350cbf"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 30
timing-allow-origin: *
content-length: 1085

GET
H2 200 n.js Show response
mb.moatads.com/ 100 B
279 B 279ms
83ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=CRAIN_PREBID_HEADER1&hp=1&wf=1&pxm=3&sgs=3&vb=0&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1710806136809&de=925343754269&rx=60954908677&m=0&ar=b14f40e8f24-clean&iw=c678243&q=1&cb=1&cu=1710806136809&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A1392%3A1392%3A0%3A1348&fs=207200&na=97535477&cs=0&callback=MoatDataJsonpRequest_68815018
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 2472b2d44c92fff06a3266936ee73317ff90535641442356faa4e12c59c5d8d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
server: istio-envoy
etag: "16dbf7e47906167fcc58bb3699bd35ccfdb76978"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 11
timing-allow-origin: *
content-length: 100

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 5F36 1 KB
2 KB 63ms
63ms Document
text/html 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2791
content-length: 1374
content-type: text/html
date: Mon, 18 Mar 2024 23:55:36 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
x-amz-id-2: XmKNbxIVbCxldfP/6F45tHX/KnNmX+y7HmOtmul9SDdTs7vcLQ4Psn+BcPQjsPU80m3Uge5r6CQ=
x-amz-request-id: AED5DD8BACD1DA13

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 216 KB
58 KB 112ms
37ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Mar 2024 23:55:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57659
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=12, mss=1326, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 95JGePA1E3x+l44Cq+l1TLJ0/1ZdiBJ7rVnDmlpKSiByWAuVwgDE7mhrJd0dxCo+JTlwIoc0dnb+sUtvqmcJug==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 201ms
61ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kcgs7200169-IAD, cache-muc13964-MUC

GET
H2 200 id Show response
dpm.demdex.net/ 375 B
925 B 273ms
82ms XHR
application/json 176.34.167.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=138FFF2554E6E7220A4C98C6%40AdobeOrg&d_nsid=0&ts=1710806136848

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

176.34.167.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-176-34-167-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

70d590fd3f4dd71b53ff73f9f5b6e51f5218960683251a5d7779060edb8fb2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-1-v058-04a4a65da.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Mon, 18 Mar 2024 23:55:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: ChbkwdB4QF8=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 316
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
75 KB 90ms
89ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-593664384&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2717831-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

940199e3ff7556588249d729e5af6d21129401950d75df8259b175c57ddf3ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76526
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 21:08:46 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Mar 2024 23:55:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
83 KB 67ms
66ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R975N3VDSQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2717831-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7905d6e4526944dd6fa407e26c056ed6c5f5fb366f7d5f6254c49a0830badfeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85219
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Mar 2024 23:55:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
83 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R975N3VDSQ&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1cc5b96699b9c21feae769f29c0267340a3c1f9c36d6542b001f960d3058fed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85144
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Mar 2024 23:55:36 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ 33 KB
11 KB 182ms
51ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?192
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 99c6759db0bf5499cf7be649fdec085400f989dbdd62853d865f03effe6d53bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:47:48 GMT
via: 1.1 google
content-encoding: br
age: 468
x-guploader-uploadid: ABPtcPoYVH32kNKqLPxGHbLRMdUZ-lbYS9bJfFauTGaK_4TcCGOFg66Z0vS58JjsNw4ytN79roacicmZuA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10608
last-modified: Mon, 18 Mar 2024 21:40:23 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1710798023291201
x-goog-hash: crc32c=gZcFJQ==, md5=mf2H8ATtxKQ4t5e6NzYI+g==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 34203
accept-ranges: bytes

GET
H2 200 get Show response
vi.ml314.com/ 264 B
388 B 216ms
105ms Script
application/javascript 35.201.104.135
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vi.ml314.com/get?eid=69120&tk=weP6qvbwC4vTzjKxXoXB2fkYVMrqAXGxMEdSJ6g2fHRUg3d&fp=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

135.104.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
via: 1.1 google
date: Mon, 18 Mar 2024 23:55:37 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 LogRocket.min.js Show response
cdn.lr-ingest.com/ 112 KB
30 KB 133ms
46ms Script
text/javascript 2606:4700:3034::ac43:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.com/LogRocket.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:991b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3841ddbd6228db1640d8e927279a4db6d7ac3fa47c9bf18f42ee22a7c076162

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1852
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-ams21052-AMS
last-modified: Mon, 18 Mar 2024 19:27:31 GMT
server: cloudflare
x-timer: S1710793548.113135,VS0,VE0
etag: W/"2b098506e6d2ff197d086f866ba9194a8079d4ae04dce4cc0b68c750e37a356b-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SFe5nZJ2golKufp95hrx%2BNr2FARKVtV6OCMs1yDA4PZbAIt5mbflRvAZoZ9%2BYkqa6cq1k5NW5Vg5Qg1%2FxpZmqQ1OTZtK1zvaGMRmmKoC9eJpFYOwXdXizDPUcD%2Flz55lMCl65LGMaASNVAiU3VhPwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 866927940c5a4d6d-FRA
x-cache-hits: 44

GET
H2 200 notice Show response
consent.trustarc.com/ 36 KB
11 KB 214ms
90ms Script
text/javascript 13.224.189.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=crain.com&c=teconsent&text=true&pcookie=true&cdn=1&gtm=true&js=bb&noticeType=bb&privacypolicylink=%2Fprivacy-policy&cookieLink=%2Fprivacy-policy

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-87.fra2.r.cloudfront.net

Software

Resource Hash

483610c50fe1dbfc40268da23b2ab2a1a8bf735f4dfcaed8e37f78e3af31011e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
content-encoding: gzip
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: gcybvfbYY-iiU_sAkIDajFyYkbRSUzXj2Pm72stvfAHk3OVK9s3SAw==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 48 KB
17 KB 201ms
66ms Script
application/javascript 2a02:26f0:780::210:a40a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Mar 2024 16:03:53 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=27011
accept-ranges: bytes
content-length: 17224

GET
H2 200 RCa1ef3faa49e84abf89a7410820c6c505-source.min.js Show response
assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/ 377 B
508 B 77ms
76ms Script
application/x-javascript 2a02:26f0:3100:787::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/RCa1ef3faa49e84abf89a7410820c6c505-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:787::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b4910ab351d6b75afc3397714f5d0ede5809dfd642fbc43ef390e44519c2b4d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
content-encoding: gzip
last-modified: Mon, 26 Feb 2024 11:48:25 GMT
server: AkamaiNetStorage
etag: "2802d3aea24d254dd967b5eff9bf953e:1708948105.733511"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 247
expires: Tue, 19 Mar 2024 00:55:36 GMT

GET
H2 200 RC78c47e69cfbf44d8bcc4b5ba97685ba4-source.min.js Show response
assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/ 401 B
515 B 76ms
75ms Script
application/x-javascript 2a02:26f0:3100:787::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/RC78c47e69cfbf44d8bcc4b5ba97685ba4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:787::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2658d58658e760341eb4e0233a076241d20647c97b71e1b64c57c3ca263578bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:36 GMT
content-encoding: gzip
last-modified: Mon, 26 Feb 2024 11:48:25 GMT
server: AkamaiNetStorage
etag: "2802d3aea24d254dd967b5eff9bf953e:1708948105.733511"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 254
expires: Tue, 19 Mar 2024 00:55:36 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 163ms
64ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 18 Mar 2024 23:55:36 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C87EE8C92CF84B3DB1BF4EFBEF94128B Ref B: FRAEDGE1311 Ref C: 2024-03-18T23:55:37Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 41ms
41ms Script
application/x-javascript 2600:9000:2646:ba00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/chartbeat/js/build/dashboard.js?sajemz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:ba00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 07:29:55 GMT
content-encoding: gzip
via: 1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:03:21 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 59141
etag: W/"65838ed9-9630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: fjBVBptPy4FUB5121a7bHXvgTDdG-uXgKlRv0tADwu9oOK0CAzR2tA==
expires: Tue, 19 Mar 2024 07:29:55 GMT

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 103 KB
34 KB 195ms
57ms Script
application/javascript 18.66.112.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_SnKD2-3aEfAFBELg9IZ5JYEiN0TYGTM1RmvX_BtxeIA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-84.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:47:35 GMT
content-encoding: gzip
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
last-modified: Tue, 20 Feb 2024 06:45:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 483
x-amz-server-side-encryption: AES256
etag: W/"6a90e37d3f128291a2aab5a6b31ac0a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: sp6P7TEGEZOvMFvn_QZhCvyMPIuZAapAEnrlVBmxFl87OI60B4iO5g==

OPTIONS
H2 204 authorization
www.pelcro.com/api/v1/sdk/members/ip/ Frame 0
0 604ms
604ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 86692793de339b86-FRA
date: Mon, 18 Mar 2024 23:55:37 GMT
expires: Mon, 18 Mar 2024 23:55:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 404 authorization Show response
www.pelcro.com/api/v1/sdk/members/ip/ 76 B
161 B 345ms
345ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2057b29ca580da0aab4aa5c20f0cf9204c5e80025bbcaa343ecefbf0b0f420

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.16.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: no-cache, private
cf-ray: 8669279798ee9b86-FRA

GET
H2 200 micro-logo.svg
www.crainsdetroit.com/themes/custom/citybook_rd/images/cdb/ 4 KB
1 KB 423ms
422ms Image
image/svg+xml 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crainsdetroit.com/themes/custom/citybook_rd/images/cdb/micro-logo.svg

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb947a7f8ed92bb31038d96a8e36f2f844bb8c8c925ea96183a0d647748cd5c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 82844
date: Mon, 18 Mar 2024 23:55:37 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-cache: HIT
x-ah-environment: prod
x-request-id: v-8ac8e17a-d6d9-11ee-9940-0366b6c09246
last-modified: Mon, 13 Feb 2023 08:12:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=1209600
cf-ray: 866927941dfc65df-FRA
expires: Mon, 01 Apr 2024 23:55:37 GMT

GET
H2 200 2JEN3RX.jpg
s3-rd-prod.crainsdetroit.com/styles/1024x512/s3/ 36 KB
36 KB 616ms
508ms Image
image/jpeg 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-rd-prod.crainsdetroit.com/styles/1024x512/s3/2JEN3RX.jpg
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b4f22f30d39cb4bcedecf40d500aa953c8d891970f73e0b9b61d97c4666330b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
cf-cache-status: MISS
last-modified: Wed, 13 Mar 2024 14:52:32 GMT
server: cloudflare
x-amz-request-id: 9XFVEBKTHYN4RGAF
etag: "068ae438ea24e57c10b4d16a64680f4a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 8669279538601d86-FRA
content-length: 36920
x-amz-id-2: zpjSiJIsehPDfSmc/bAI/gkoK0tePKxdRCtw1Keb7dx0gCNtKkDTsaZAt/fjeeYef0M3SQaNzWM=
expires: Tue, 19 Mar 2024 00:55:37 GMT

GET
H2 200 controller-experimental-f061880eddcd69c062dc0edbfdbf8872.html Show response
js.stripe.com/v3/ Frame 260E 391 B
816 B 53ms
52ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-experimental-f061880eddcd69c062dc0edbfdbf8872.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

31a1485c5f7cba6880eb2d4730a0a11cb30ff0ab1e5c6387457660ae214c5edf

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 230
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 18 Mar 2024 23:55:37 GMT
etag: "f061880eddcd69c062dc0edbfdbf8872"
last-modified: Mon, 18 Mar 2024 17:04:54 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: a3fce8ce-12c1-4862-86ba-31891aa3971c
x-served-by: cache-fra-etou8220068-FRA

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 431ms
134ms Image
image/gif 44.194.189.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=crainsdetroit.com&p=%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&u=Bj9yhLKzPTZbsBaI&d=crainsdetroit.com&g=25465&g0=No%20Section&g1=Anna%20Fifelski&n=1&f=00001&c=0&x=0&m=0&y=4746&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&b=1702&t=C_Rzs2C9eARfQ-Ym5CqrdsxB_Z9XL&V=143&i=Flagstar%20bank%20paid%20%241%20million%20in%20bitcoin%20to%20a%20ransomware%20group%20%7C%20Crain%27s%20Detroit%20Business&tz=-60&_acct=anon&sn=1&sv=jPIEVC8YmKMQ_7eeKa75EDDYc-N&sr=external&sd=1&im=067b0fff&_
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.189.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-189-235.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 18 Mar 2024 23:55:37 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H3 200 logger-1.min.js Show response
cdn.lr-ingest.com/ 832 KB
165 KB 129ms
52ms Script
text/javascript 2606:4700:3034::ac43:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.com/logger-1.min.js

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:991b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcda6233b9433198b116599b6c9b7d3f28ab6aae16a8b23cf63c9338d3e4c1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-ams21071-AMS
last-modified: Mon, 18 Mar 2024 19:27:31 GMT
server: cloudflare
x-timer: S1710790301.186289,VS0,VE1
etag: W/"ddc6e50b70e1d9410e1226e382a8707958f0701e9873f9d7d5199aab7cd0225c-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3eGrlZEXdeu8a4WIjYBvG3Sc4sgOcMTc2vMFURDv8PXlPZ8BZpDeyGNF8NQyTD091zSKf498PdGVSQQIyfmmfN%2FbPaWrqhQTKSIsrsFa5UL6TC4%2FtB%2FO4sQ6uzFwY0JrYRo0Uqp9VdkkACNTcft6Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 86692794feb29052-FRA
x-cache-hits: 1

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 142ms
36ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 25 Mar 2024 23:55:37 GMT

GET
H2 200 hotjar-1906609.js Show response
static.hotjar.com/c/ 9 KB
4 KB 237ms
88ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1906609.js?sv=6

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

e3f855e17f37e24da094ea311929c1fb97da7d9ae66b79f51cf20c6f8918f0c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/b1c11e27c5cc2612276e03f6b06a437f
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: prflla6A30DReNhASDKBPPkIW-UvZVhb_cFHoSsCguEpnm6LtfWQwA==

GET
H2 200 zcpt.js Show response
js-tag.zemanta.com/ 8 KB
3 KB 139ms
50ms Script
application/javascript 2606:4700:10::ac43:247d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-tag.zemanta.com/zcpt.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 08:53:31 GMT
server: cloudflare
x-amz-request-id: 7N8H1DMA3VZPXF3R
age: 2834
etag: W/"6376a488d713d6cf8cf3d1ebfb5e6361"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 866927956ec01e20-FRA
x-amz-id-2: sT/MblEO+0Os7AhXiD0UI1xBDZDLeZWVhhvvkqk42z8npCs6xUwzH6AkAMsouDMgYhjp1uJ02eI=

GET
H/1.1 200
OK cci-firstTouchCookie.js Show response
crain-global.s3.amazonaws.com/global/js/ 3 KB
4 KB 479ms
154ms Script
application/javascript 3.5.31.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://crain-global.s3.amazonaws.com/global/js/cci-firstTouchCookie.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.31.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a52bf805948390e3ecf0ee9bf232f1563a9d8cae24a20152845730f355adedbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 18 Mar 2024 23:55:38 GMT
Last-Modified: Tue, 26 Sep 2023 14:12:59 GMT
Server: AmazonS3
x-amz-request-id: 9XFSPJYMV5WPQYQJ
ETag: "b79b890f95a91ffbf5a1e0c99ee5eeed"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3185
x-amz-id-2: pAlhWtTMI94MClhwFI+oK7AWJvyycZH4g1sUt8IehKCa2VLee2cjkrT1Tj5b90MUplbXJQdQeaTg1h5naxOEfbxy4b0+2A4v

GET
H2 200 shared-1ebe1a83278d605de01c2374ebfdc54b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 260E 538 KB
131 KB 52ms
52ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1ebe1a83278d605de01c2374ebfdc54b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-experimental-f061880eddcd69c062dc0edbfdbf8872.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

eaafa6081b854f5d07ac61c2fed4c79526c79149608c0a304f156c945c41a114

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-experimental-f061880eddcd69c062dc0edbfdbf8872.html
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 18 Mar 2024 23:55:37 GMT
via: 1.1 varnish
age: 24389
x-cache: HIT
content-length: 133618
x-request-id: f16cb277-d58a-435e-a398-ceafdcb3bb7c
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 18 Mar 2024 17:05:08 GMT
server: Fastly
etag: "60d07ccd480415eb7b5725a9c655f145"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4799

GET
H2 200 controller-6623d633f782605c4746fbea0c4f29d2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 260E 706 KB
185 KB 54ms
54ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-6623d633f782605c4746fbea0c4f29d2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-experimental-f061880eddcd69c062dc0edbfdbf8872.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

00a2606e1fe54936cf49336a833470b146c1d8eb28ecbef2fd134785ad78b123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-experimental-f061880eddcd69c062dc0edbfdbf8872.html
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 18 Mar 2024 23:55:37 GMT
via: 1.1 varnish
age: 24389
x-cache: HIT
content-length: 188896
x-request-id: c893e493-09be-424b-bdd4-e7861558e57a
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 18 Mar 2024 17:05:05 GMT
server: Fastly
etag: "4b817618dbe4c5388699303979277336"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4771

GET
H2 200 637988649571323 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 146ms
146ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/637988649571323?v=2.9.150&r=stable&domain=www.crainsdetroit.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

05473628a05446e2ae7971509b4e43b76b31ca77abf28dfe6b1cb8167e0164de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Mar 2024 23:55:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=63, mss=1326, tbw=62792, tp=-1, tpl=-1, uplat=111, ullat=0
pragma: public
x-fb-debug: X7m/R60DP6XnIcPIn7TSJ0M45icoSzUoGyGVEf+FobPpeO1yjO1PnEWe8MOs6OwUvTGMLkz2znCADjIwt9ObCg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
254 B 109ms
109ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=69120&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&pv=1710806137061_60rnw4y61&bl=en-us&cb=3337474&return=&ht=&d=&dc=&si=1710806137061_60rnw4y61&cid=&s=1600x1200&rp=&v=2.7.0.154
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?192
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:37 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 adsct
t.co/i/ 43 B
375 B 280ms
171ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=b8ba55b9-33d0-416b-8eb6-c23c1467f34c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=692cd605-20ea-4829-a446-4d7e1480830f&tw_document_href=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4r93&type=javascript&version=2.3.29

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-response-time: 123
date: Mon, 18 Mar 2024 23:55:37 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 92102ece36f13093
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: f916a6a9bd0207d7071d387dabd2c021ed2108b4b64f92b7b194cc8c70f1453b
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 352ms
236ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b8ba55b9-33d0-416b-8eb6-c23c1467f34c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=692cd605-20ea-4829-a446-4d7e1480830f&tw_document_href=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4r93&type=javascript&version=2.3.29

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-response-time: 197
date: Mon, 18 Mar 2024 23:55:37 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 6387953d2ae3e6ba
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 3f82fbff11af468f59c42827e125636f6d5af17b68a89461008399b2f2fc0ba2
content-length: 43

GET
H2 200 187044856.js Show response
bat.bing.com/p/action/ 1 KB
842 B 65ms
65ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187044856.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7a14a0fe551572acdc43f34050492d8bd9ffb0e9e312532308fed7b8322c2903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 18 Mar 2024 23:55:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9CCC95697BDD40A98996D37EE0744A87 Ref B: FRAEDGE1311 Ref C: 2024-03-18T23:55:37Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
286 B 63ms
63ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187044856&tm=al001&Ver=2&mid=24660495-46a3-44a0-9251-378e44ee876e&sid=044ff080e58311eebccc6771ec7392d4&vid=045004a0e58311ee857761f10f9d8bc0&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Flagstar%20bank%20paid%20%241%20million%20in%20bitcoin%20to%20a%20ransomware%20group%20%7C%20Crain%27s%20Detroit%20Business&p=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&r=&lt=1613&pt=1710806135304,,,,,0,28,28,28,105,66,105,715,720,717,1348,1595,1613,,,&pn=0,0&evt=pageLoad&sv=1&rn=656614

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 18 Mar 2024 23:55:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B4F1DF5E6FC24BEFBBAE629EB590A9E2 Ref B: FRAEDGE1311 Ref C: 2024-03-18T23:55:37Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v1.7-2475 Show response
consent.trustarc.com/asset/notice.js/v/ 92 KB
27 KB 64ms
64ms Script
text/javascript 13.224.189.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-2475

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=crain.com&c=teconsent&text=true&pcookie=true&cdn=1&gtm=true&js=bb&noticeType=bb&privacypolicylink=%2Fprivacy-policy&cookieLink=%2Fprivacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-87.fra2.r.cloudfront.net

Software

Resource Hash

04fcd6a5d8cda1ed675f518abfd91b6a8bbdda9cd508426bdbcca58dd457d7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Mon, 18 Mar 2024 23:11:25 GMT
content-encoding: gzip
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 5 Mar 2024 14:21:44 GMT
x-amz-cf-pop: FRA2-C1
age: 2653
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: Icc0kEU0u55dxA7pQnj0jhhaMCLG76fwNmzpWB_BSXsgcbI54jwuHw==

GET
H2 200 log
consent.trustarc.com/ 43 B
1 KB 244ms
140ms Image
image/gif 13.224.189.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=crain.com&country=de&state=&behavior=implied&session=f6ec58a1-6f9b-4f31-874f-3d1bc58751bc&userType=NEW&c=1924

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-87.fra2.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.prod.internal.trustarc.com https://.trustarc.eu https://.prod.internal.trustarc.eu https://.staging.internal.trustarc.com https://.trustarc-svc.net https://.truste-svc.net https://.qa.truste-svc.net https://.dev.truste-svc.net http://localhost: https://.nymity.com https://.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
content-security-policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: cross-origin
expect-ct: enforce, max-age=60
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id: FQczSJ9d2SNIJ4r-NqAbcOZY1W8QMc_qkg51XJbBDbF-BR3A4RTRjw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dest5.html Show response
craommunications.demdex.net/ Frame 7439 7 KB
3 KB 106ms
75ms Document
text/html 176.34.167.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://craommunications.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

176.34.167.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-176-34-167-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 18 Mar 2024 23:55:37 GMT
dcs: dcs-prod-irl1-2-v058-044e496b3.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 6 Mar 2024 14:53:58 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: rOCNczlzS1M=

GET
H2

200

ibs:dpid=411&dpuuid=ZfjUeQAAAG2dtgN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=65488357751747574282899052090091504928
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZfjUeQAAAG2dtgN-

42 B
717 B

70ms
70ms

Image
image/gif

176.34.167.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZfjUeQAAAG2dtgN-

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Server

176.34.167.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-176-34-167-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

dcs: dcs-prod-irl1-2-v058-092bc5e04.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 18 Mar 2024 23:55:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: DEQM91kOQZA=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZfjUeQAAAG2dtgN-
Date: Mon, 18 Mar 2024 23:55:37 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
craommunications.tt.omtrdc.net/rest/v1/ 359 B
850 B 268ms
88ms XHR
application/json 66.235.152.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://craommunications.tt.omtrdc.net/rest/v1/delivery?client=craommunications&sessionId=61e3c2a60dbe48568dc4b1098537540a&version=2.10.2

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.225 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-66-235-152-225.data.adobedc.net

Software

jag /

Resource Hash

f7836e03f6a037000a9a0bd44ae673964b00fa7c92ad4cf51cefabcbfbf1c5cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crainsdetroit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 292430d2-c896-4b9b-9def-8875f3b1c29c

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1710806137132&li_adsId=30fb5f0f-1f47-4b15-b836-c38e3fa71a27&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1710806137132&li_adsId=30fb5f0f-1f47-4b15-b836-c38e3fa71a27&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2832529%26time%3D1710806137132%26li_adsId%3D30fb5f0f-1f47-4b15-b836-c38e3fa71a27%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1710806137132&li_adsId=30fb5f0f-1f47-4b15-b836-c38e3fa71a27&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1710806137132&li_adsId=30fb5f0f-1f47-4b15-b836-c38e3fa71a27&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-ban...

0
267 B

299ms
190ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1710806137132&li_adsId=30fb5f0f-1f47-4b15-b836-c38e3fa71a27&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cookiesTest=true&liSync=true&e_ipv6=AQKWYDIm4cut4gAAAY5T_fxW8YTj4ou9oFRlRYTR9YyAKlCtsdrhoJu1x4C49LIxuOtG2XVr1rjtvIcQg7Up-k7aOuJRmg
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 744589D8428C4960803AE7CC9F638643 Ref B: DUS30EDGE0421 Ref C: 2024-03-18T23:55:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYT+Bgl4cIzpAcL/DCGRA==

Redirect headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FBD35C6200094E329632D044CF5EF069 Ref B: DUS30EDGE0908 Ref C: 2024-03-18T23:55:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1710806137132&li_adsId=30fb5f0f-1f47-4b15-b836-c38e3fa71a27&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&cookiesTest=true&liSync=true&e_ipv6=AQKWYDIm4cut4gAAAY5T_fxW8YTj4ou9oFRlRYTR9YyAKlCtsdrhoJu1x4C49LIxuOtG2XVr1rjtvIcQg7Up-k7aOuJRmg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYT+Bghk5jYn62JDn75zg==

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 355 KB
41 KB 203ms
118ms XHR
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4388747529106204&correlator=549062356140446&eid=31079956%2C31081790%2C31079525&output=ldjh&gdfp_req=1&vrg=202403140101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=105554924%2Ccdb%2Cbanking-finance%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%2C1200x250%7C970x90%7C970x250%7C728x90%2C1x1%2C970x90%7C728x90%2C300x250%2C300x250%7C300x600%2C300x250%2C320x50%2C300x250%2C970x90%7C970x250%7C728x90&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0&ifi=1&sfv=1-0-40&ists=640&eri=1&sc=1&abxe=1&dt=1710806137152&lmt=1710796153&adxs=0%2C0%2C740%2C255%2C1120%2C1120%2C1120%2C1120%2C1120%2C160&adys=0%2C112%2C2046%2C2213%2C283%2C947%2C947%2C947%2C947%2C3847&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C0%7C0%7C0%7C0%7C0%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&vis=1&psz=1600x0%7C1600x0%7C0x0%7C970x0%7C320x0%7C320x0%7C320x0%7C320x0%7C320x0%7C1280x0&msz=1600x0%7C1600x0%7C0x0%7C970x0%7C320x0%7C320x0%7C320x0%7C320x0%7C320x0%7C1280x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&dlt=1710806136021&idt=625&prev_scp=m_gv%3D90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26pos%3Dinterstitial%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_gv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26pos%3DLB_01%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DINREAD%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_gv%3D40%2C30%2C20%2C10%26m_mv%3D40%2C30%2C20%2C10%26pos%3DLB_02%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_gv%3D0%26m_mv%3D0%26pos%3DREC_01%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_gv%3D0%26m_mv%3D0%26pos%3DREC_02%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DREC_03%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DNTV_01%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DREC_04%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_gv%3D0%26m_mv%3D0%26pos%3DLB_03%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&adks=1736990578%2C674599526%2C1502471116%2C408539902%2C2893687796%2C552518957%2C3715397273%2C2635183635%2C831234856%2C2025323704&frm=20

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb828280be4d8a383123ca1fd7497f9ce289a26a14baa729ccbaa33dda3bc892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41018
x-xss-protection: 0
google-lineitem-id: -2,6544015677,-2,6439686130,6478931411,6091333837,6354644058,-2,6354644058,6683262888
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138468679858,-2,138458624057,138460935702,138402123361,138442311334,-2,138441589527,138468178373
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3c31de4bed55da245a04c91b99e87e1c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E601 6 KB
3 KB 173ms
68ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3c31de4bed55da245a04c91b99e87e1c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 23:55:37 GMT
expires: Tue, 18 Mar 2025 23:55:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 260E 474 B
611 B 166ms
60ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ebe1a83278d605de01c2374ebfdc54b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

902c90e02862f6af386270280c1129264a5bce6f28826aa27ad9de856827858b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-experimental-f061880eddcd69c062dc0edbfdbf8872.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 20
x-cache: HIT
content-length: 296
x-request-id: 58bd5121-4a8d-4db5-82c8-fd34504741f2
x-served-by: cache-fra-etou8220041-FRA
last-modified: Mon, 18 Mar 2024 17:57:32 GMT
server: Fastly
etag: "0d53e5b71886b4198cd63acaf404d545"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 260E 474 B
367 B 159ms
61ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ebe1a83278d605de01c2374ebfdc54b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

902c90e02862f6af386270280c1129264a5bce6f28826aa27ad9de856827858b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-experimental-f061880eddcd69c062dc0edbfdbf8872.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 20
x-cache: HIT
content-length: 296
x-request-id: f133f0cd-3bc4-4b6e-a6e7-f15136d63e31
x-served-by: cache-fra-etou8220041-FRA
last-modified: Mon, 18 Mar 2024 17:57:32 GMT
server: Fastly
etag: "0d53e5b71886b4198cd63acaf404d545"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9

GET
H2 200 187044856 Show response
bat.bing.com/p/insights/t/ 725 B
1014 B 139ms
139ms Script
application/x-javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/187044856

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/187044856.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4a29012c74596d5a96e2913541f0b61dbf47843b4165baccaeff3f4d1909d31b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: -1
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 18 Mar 2024 23:55:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 190713A818E843FF872089A776134B20 Ref B: FRAEDGE1311 Ref C: 2024-03-18T23:55:37Z
vary: Accept-Encoding
x-azure-ref: 20240318T235537Z-kath3z2dgt10tfanz5ts73rs8n0000000a5g00000000680g
content-type: application/x-javascript
x-cache: CONFIG_NOCACHE
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 617
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 country Show response
api.btloader.com/ 16 B
31 B 160ms
160ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 200 rules-p-J_kXLtyWmukpz.js Show response
rules.quantcount.com/ 160 B
633 B 129ms
36ms Script
application/javascript 2600:9000:223c:9600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-J_kXLtyWmukpz.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b022a884114de14db9cefdd4d2554c1f281ae12820f33976f3c7e768f7998fbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:24:08 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2206
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:30:53 GMT
server: AmazonS3
etag: "599ac3fe3327eee0bd61b8e478fad20a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: cIDfPX-WNOS7MrTtI1Mp6xuQRxZXu8haQSv5pRsLt33S__dmxs0NLg==

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 121ms
39ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=637988649571323&ev=PageView&dl=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&rl=&if=false&ts=1710806137230&sw=1600&sh=1200&v=2.9.150&r=stable&a=adobe_launch&ec=0&o=4126&fbp=fb.1.1710806137229.1766845959&cs_est=true&ler=empty&cdl=API_unavailable&it=1710806137049&coo=false&rqm=GET

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1326, tbw=2765, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Mar 2024 23:55:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 204 pv Show response
api.btloader.com/ 0
12 B 159ms
159ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=v3lQpshha&w=5661028241113088&o=5764463032532992&cv=2.1.38-3-g408da7f&widget=false&checksum=cd6d04a6&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&sid=cX2NCEH84&pm=false&upapi=true
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Mon, 18 Mar 2024 23:55:37 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 get
consent.trustarc.com/ 127 KB
127 KB 62ms
61ms Font
font/ttf 13.224.189.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=OpenSansRegular.ttf

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-87.fra2.r.cloudfront.net

Software

Resource Hash

a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Mon, 18 Mar 2024 23:20:19 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C1
age: 2118
x-cache: Hit from cloudfront
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 129796
x-amz-cf-id: qcfTavIXlIqKNEx2rJW_WTi9_ma2jeA7pTezSeMGMNPGLat0CfT-Xg==

GET
H2 200 get
consent.trustarc.com/ 127 KB
127 KB 147ms
147ms Font
font/ttf 13.224.189.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=OpenSansBold.ttf

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-87.fra2.r.cloudfront.net

Software

Resource Hash

914b98c4be37d22289a09667dc5083f7c625d972fea66a049d73decad7f1df72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Mon, 18 Mar 2024 23:08:32 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C1
age: 2825
x-cache: Hit from cloudfront
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 129784
x-amz-cf-id: 7T5yv3jRv1zWIiBmeGpuARDmvV9x5OSPonGcpVx8vleXvLvomVh_rw==

GET
H2 200 bannermsg
consent.trustarc.com/ 43 B
1 KB 82ms
81ms Image
image/gif 13.224.189.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/bannermsg?action=views&domain=crain.com&behavior=implied&country=de&language=de&rand=0.5632973203231288&session=f6ec58a1-6f9b-4f31-874f-3d1bc58751bc&userType=NEW

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-87.fra2.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.prod.internal.trustarc.com https://.trustarc.eu https://.prod.internal.trustarc.eu https://.staging.internal.trustarc.com https://.trustarc-svc.net https://.truste-svc.net https://.qa.truste-svc.net https://.dev.truste-svc.net http://localhost: https://.nymity.com https://.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
content-security-policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: cross-origin
expect-ct: enforce, max-age=60
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id: WkcnGscsC_dNfCMX9snWyIUQMFZxW3Q7i8SUZqHM1hJ9kMSXlT7jTQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
p1.zemanta.com/v2/p/js/38076/PAGE_VIEW/ 26 B
145 B 367ms
359ms Image
image/gif 2606:4700:10::ac43:247d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p1.zemanta.com/v2/p/js/38076/PAGE_VIEW/?bust=05770197107690858&optOut=false

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
x-robots-tag: none
cf-ray: 866927964f5b1e20-FRA
content-length: 26

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 288 B
498 B 135ms
134ms Fetch
application/json 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=1&okv=%7B%7D
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: f4caa2d9c614a9494dd5a4687b93387e47b84becb371cd62860012add5ee9552

Request headers

x-lib-version: v1.0.1
accept-language: de-DE,de;q=0.9
authorization: Bearer 9e4ef7ae863f721d8ef0aa6f15b0ac85
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type: application/json
accept: application/json
Referer: https://www.crainsdetroit.com/
x-referring-url: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:37 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 197
expires: -1

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 421ms
131ms Preflight
text/plain 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=1&okv=%7B%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://www.crainsdetroit.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Mon, 18 Mar 2024 23:55:37 GMT

GET
BLOB 200
OK 8fefbdb3-5564-45b1-9e73-386735cc3304
https://www.crainsdetroit.com/ 463 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.crainsdetroit.com/8fefbdb3-5564-45b1-9e73-386735cc3304
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22a564e9d4184c90dc9e0a8c354e247063ae64d9ce1dcd50b691d2ad291c1fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Length: 473816
Content-Type

GET
H2 200 modules.a832f5d8f24964da1f4a.js Show response
script.hotjar.com/ 220 KB
55 KB 143ms
50ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a832f5d8f24964da1f4a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1906609.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

a25146c544ae821d97ac637e817dae3f4985b7e991d7354cf1d21561a8dfc630

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 15 Mar 2024 17:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 282811
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55518
last-modified: Fri, 15 Mar 2024 17:21:16 GMT
etag: "8bd905e445d19a6e7c5adc15919ba59b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: BCJtrZSGcXqo4YUlAMbhTcBlYlsjz6X3joTlfdY2YlpzsyHg5hlcyg==

GET
H2 200 pixel;r=1252285215;rf=0;a=p-J_kXLtyWmukpz;url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group;uht=2;fpan=1;fpa=P0-826859903-17108061372...
pixel.quantserve.com/ 35 B
409 B 43ms
33ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=1252285215;rf=0;a=p-J_kXLtyWmukpz;url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group;uht=2;fpan=1;fpa=P0-826859903-1710806137225;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=pai;gdpr=0;ref=;d=crainsdetroit.com;dst=1;et=1710806137416;tzo=-60;ogl=site_name.Crain's%20Detroit%20Business%2Ctype.article%2Curl.https%3A%2F%2Fwww%252Ecrainsdetroit%252Ecom%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitco%2Ctitle.Flagstar%20paid%20%241M%20bitcoin%20ransom%20after%20cyberattack%20in%202021%252C%20court%20filings%20show%2Cimage.https%3A%2F%2Fs3-rd-prod%252Ecrainsdetroit%252Ecom%2Fstyles%2F1200x630%2Fs3%2F2JEN3RX%252Ejpg%2Cimage%3Aurl.https%3A%2F%2Fs3-rd-prod%252Ecrainsdetroit%252Ecom%2Fstyles%2F1200x630%2Fs3%2F2JEN3RX%252Ejpg%2Cupdated_time.2024-03-13T12%3A21%3A03-04%3A00;ses=1d0f9eae-c8f5-47f7-a8e2-d6260e0887ab;mdl=
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:37 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 0.7.24 Show response
bat.bing.com/p/insights/s/ 34 KB
15 KB 59ms
59ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.24

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/187044856

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e29f986367ac6f7c5d8a9c2dfde5a0cf6f2a8a70a68cebf80197f945253d9c48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 18 Mar 2024 23:55:37 GMT
x-cache: CONFIG_NOCACHE
x-fd-int-roxy-purgeid: 51562430
content-length: 14592
last-modified: Sun, 17 Mar 2024 14:21:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 93031745EEAB42768B11C9B3F4F2F9D8 Ref B: FRAEDGE1311 Ref C: 2024-03-18T23:55:37Z
etag: W/"0x8DC468D7F93540F"
vary: Accept-Encoding
x-azure-ref: 20240318T235537Z-uzpff2ywyt36x1f9v54kw3n2gn00000001mg00000000ckch
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 39df77f1-201e-000c-6081-78b9d3000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 8D9A 23 KB
9 KB 232ms
165ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 17:06:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 8D9A 3 KB
1 KB 237ms
170ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 17:06:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8D9A 206 KB
62 KB 118ms
51ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 00:06:00 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame 8D9A 10 KB
4 KB 47ms
47ms Script
application/x-javascript 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/craindfp44917164363/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a17b4e32bbe1fbeb9652704cd9c2b4ae580ac44715b848c762a44d4b8935fff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Mon, 18 Mar 2024 23:55:37 GMT
last-modified: Wed, 28 Feb 2024 12:16:18 GMT
server: AmazonS3
x-amz-request-id: RR3VY9M1V0HC932Y
etag: "8b3cce7ffc092fe8086675b8484a5482"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37721
accept-ranges: bytes
content-length: 3857
x-amz-id-2: 3NUfWdJiuh32WYTKzMKXs1R8GwBcPG7ji5uJEiU1KcYlyyilbiJ7SzkMBdmk86esK96nH5kVcD8=

GET
H2 200 7329454460835646415
tpc.googlesyndication.com/simgad/ Frame 8D9A 126 KB
126 KB 199ms
115ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7329454460835646415

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2cf9f858e5a9650e4214c71bbd71e257aa18c5f1b4e24927accd4b33eb0652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Tue, 18 Mar 2025 23:25:04 GMT
date: Mon, 18 Mar 2024 23:25:04 GMT
x-content-type-options: nosniff
age: 1833
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128875
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 10:59:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame E59B 23 KB
9 KB 229ms
166ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 17:06:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame E59B 3 KB
1 KB 240ms
177ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 17:06:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E59B 206 KB
62 KB 158ms
95ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 00:06:00 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame E59B 10 KB
4 KB 46ms
46ms Script
application/x-javascript 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/craindfp44917164363/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a17b4e32bbe1fbeb9652704cd9c2b4ae580ac44715b848c762a44d4b8935fff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Mon, 18 Mar 2024 23:55:37 GMT
last-modified: Wed, 28 Feb 2024 12:16:18 GMT
server: AmazonS3
x-amz-request-id: RR3VY9M1V0HC932Y
etag: "8b3cce7ffc092fe8086675b8484a5482"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37721
accept-ranges: bytes
content-length: 3857
x-amz-id-2: 3NUfWdJiuh32WYTKzMKXs1R8GwBcPG7ji5uJEiU1KcYlyyilbiJ7SzkMBdmk86esK96nH5kVcD8=

GET
H2 200 16993375091110671538
tpc.googlesyndication.com/simgad/ Frame E59B 65 KB
65 KB 136ms
67ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16993375091110671538

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c72f7117f8074a4938b64c241b62929ce19615e9766d4a8c6cff8608735e5fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Thu, 13 Mar 2025 15:49:44 GMT
date: Wed, 13 Mar 2024 15:49:44 GMT
x-content-type-options: nosniff
age: 461153
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66905
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 19:29:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 81EB 23 KB
9 KB 234ms
175ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 17:06:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 81EB 3 KB
1 KB 224ms
166ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 17:06:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 81EB 206 KB
62 KB 90ms
33ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 00:06:00 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame 81EB 10 KB
4 KB 47ms
47ms Script
application/x-javascript 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/craindfp44917164363/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a17b4e32bbe1fbeb9652704cd9c2b4ae580ac44715b848c762a44d4b8935fff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Mon, 18 Mar 2024 23:55:37 GMT
last-modified: Wed, 28 Feb 2024 12:16:18 GMT
server: AmazonS3
x-amz-request-id: RR3VY9M1V0HC932Y
etag: "8b3cce7ffc092fe8086675b8484a5482"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37721
accept-ranges: bytes
content-length: 3857
x-amz-id-2: 3NUfWdJiuh32WYTKzMKXs1R8GwBcPG7ji5uJEiU1KcYlyyilbiJ7SzkMBdmk86esK96nH5kVcD8=

GET
H2 200 3363866611623250881
tpc.googlesyndication.com/simgad/ Frame 81EB 21 KB
21 KB 141ms
87ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3363866611623250881

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6364cbee21672d46d78c5eb9d2aec16631740b625552d3e4747c33cb3a936ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Thu, 13 Mar 2025 13:51:32 GMT
date: Wed, 13 Mar 2024 13:51:32 GMT
x-content-type-options: nosniff
age: 468245
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21334
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 18:38:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame EAA2 23 KB
9 KB 223ms
169ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 17:06:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame EAA2 3 KB
1 KB 222ms
168ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 17:06:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EAA2 206 KB
62 KB 119ms
65ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 00:06:00 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame EAA2 10 KB
4 KB 48ms
47ms Script
application/x-javascript 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/craindfp44917164363/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a17b4e32bbe1fbeb9652704cd9c2b4ae580ac44715b848c762a44d4b8935fff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Mon, 18 Mar 2024 23:55:37 GMT
last-modified: Wed, 28 Feb 2024 12:16:18 GMT
server: AmazonS3
x-amz-request-id: RR3VY9M1V0HC932Y
etag: "8b3cce7ffc092fe8086675b8484a5482"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37721
accept-ranges: bytes
content-length: 3857
x-amz-id-2: 3NUfWdJiuh32WYTKzMKXs1R8GwBcPG7ji5uJEiU1KcYlyyilbiJ7SzkMBdmk86esK96nH5kVcD8=

GET
H2 200 15307122963789882879
tpc.googlesyndication.com/simgad/ Frame EAA2 50 KB
50 KB 84ms
31ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15307122963789882879

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e35ea95288c443888def1bd1c9cdcad2fc17dac1a018711053dd7556ce39f55a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Mon, 17 Mar 2025 19:39:51 GMT
date: Sun, 17 Mar 2024 19:39:51 GMT
x-content-type-options: nosniff
age: 101746
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51287
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:47:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame A571 23 KB
9 KB 223ms
173ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 17:06:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame A571 3 KB
1 KB 225ms
174ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 17:06:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A571 206 KB
62 KB 127ms
77ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 00:06:00 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame A571 10 KB
4 KB 47ms
47ms Script
application/x-javascript 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/craindfp44917164363/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a17b4e32bbe1fbeb9652704cd9c2b4ae580ac44715b848c762a44d4b8935fff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Mon, 18 Mar 2024 23:55:37 GMT
last-modified: Wed, 28 Feb 2024 12:16:18 GMT
server: AmazonS3
x-amz-request-id: RR3VY9M1V0HC932Y
etag: "8b3cce7ffc092fe8086675b8484a5482"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37721
accept-ranges: bytes
content-length: 3857
x-amz-id-2: 3NUfWdJiuh32WYTKzMKXs1R8GwBcPG7ji5uJEiU1KcYlyyilbiJ7SzkMBdmk86esK96nH5kVcD8=

GET
H2 200 12328937770629736648
tpc.googlesyndication.com/simgad/ Frame A571 51 B
564 B 80ms
30ms Image
image/gif 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12328937770629736648

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a926196a97d8e400c8c714bcc663de7e30e226928ed7432e3c8f03ba9183eab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Thu, 13 Mar 2025 13:07:36 GMT
date: Wed, 13 Mar 2024 13:07:36 GMT
x-content-type-options: nosniff
age: 470881
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
last-modified: Wed, 13 Apr 2016 17:30:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 12328937770629736648
tpc.googlesyndication.com/simgad/ Frame 5EBB 51 B
113 B 115ms
114ms Image
image/gif 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12328937770629736648

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a926196a97d8e400c8c714bcc663de7e30e226928ed7432e3c8f03ba9183eab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Thu, 13 Mar 2025 13:07:36 GMT
date: Wed, 13 Mar 2024 13:07:36 GMT
x-content-type-options: nosniff
age: 470881
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
last-modified: Wed, 13 Apr 2016 17:30:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 5EBB 23 KB
9 KB 222ms
176ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 17:06:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 5EBB 3 KB
1 KB 222ms
176ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 17:06:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5EBB 206 KB
62 KB 131ms
85ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 00:06:00 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame 5EBB 10 KB
4 KB 49ms
49ms Script
application/x-javascript 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/craindfp44917164363/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a17b4e32bbe1fbeb9652704cd9c2b4ae580ac44715b848c762a44d4b8935fff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Mon, 18 Mar 2024 23:55:37 GMT
last-modified: Wed, 28 Feb 2024 12:16:18 GMT
server: AmazonS3
x-amz-request-id: RR3VY9M1V0HC932Y
etag: "8b3cce7ffc092fe8086675b8484a5482"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37721
accept-ranges: bytes
content-length: 3857
x-amz-id-2: 3NUfWdJiuh32WYTKzMKXs1R8GwBcPG7ji5uJEiU1KcYlyyilbiJ7SzkMBdmk86esK96nH5kVcD8=

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 165C 23 KB
9 KB 212ms
171ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 17:06:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 165C 3 KB
1 KB 213ms
172ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Apr 2024 17:06:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 165C 206 KB
62 KB 80ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63910
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 00:06:00 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame 165C 10 KB
4 KB 47ms
47ms Script
application/x-javascript 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/craindfp44917164363/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a17b4e32bbe1fbeb9652704cd9c2b4ae580ac44715b848c762a44d4b8935fff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Mon, 18 Mar 2024 23:55:37 GMT
last-modified: Wed, 28 Feb 2024 12:16:18 GMT
server: AmazonS3
x-amz-request-id: RR3VY9M1V0HC932Y
etag: "8b3cce7ffc092fe8086675b8484a5482"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37721
accept-ranges: bytes
content-length: 3857
x-amz-id-2: 3NUfWdJiuh32WYTKzMKXs1R8GwBcPG7ji5uJEiU1KcYlyyilbiJ7SzkMBdmk86esK96nH5kVcD8=

GET
H2 200 8384655227831368602
tpc.googlesyndication.com/simgad/ Frame 165C 50 KB
50 KB 191ms
141ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8384655227831368602

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73e151cc390f1fba4745585b840819b02843ce1b16231d08aa281db4aee4d7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

allow-fenced-frame-automatic-beacons: true
date: Mon, 18 Mar 2024 23:55:37 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50851
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 16:54:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 18 Mar 2025 23:55:37 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 8D9A 0
26 B 219ms
179ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst3tQ6g9jzWgo2y_i-yAoDhovsYS5LwMXxUIFqJaGrVXzeZj_d3R92u-5cUEY3WNSsjX0XWS-bdV33Xs60hRLhpUR95RtjtJdVi3wRLR3YJmPD8-IBOe63HadL1ha1TbYjHlvAcl8_ukS03AT6kgNZNwewOq3PiW3_x0EyyPcCJmd8woboRXegpUBcp3JAZvbiMBEyjlQ-nCr7kxbjYec69mUW90CXJVEYjDD_C6oOMGQ7P4qq-JZWSuRZM8xervCbM5krcIqT-Fm2USUSsPX96Ue9vgc4-dMdo9lHv2kumhP7rV_dLk06HIanMUC76Pf9Pjb-T7gdZBuNa_uTK1rGXEaZu1x9nLwqLS3qWEQ4Uaylmpr3XeioqvhWPjd1QmPkW&sig=Cg0ArKJSzDZb5yemkIyrEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame E59B 0
26 B 219ms
179ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuTj1RUzlbZOvoz6_w89LDjKlH4yt1CRq8v_IYii70j5nBCZ2k_NMKlZs0pFTCjVtbZMsOaBoiYHaBn_zu8WobaxtKr51opyunW4fWKLjURMKiTD_5DRDVR_5yBe6XhjmEIMBUJlko0c3VTclLVZuPoyY4xil5x2vlF_nEdMLetrLSgSqvwCMfKdAWcWthIqp7dL6Pk58c5yhmCzUD953mCQNbG404hnO74jlXi6KKmOkljCJZCcFcLUNCd5nfVHVBOm05rXzxz_b8fnFbcTOAh3GgxcaJtnNZHAyUIPhUYGfZXKx7shuwWkLF0l4U7XE_beK0dDXlrZkVyKC7V-_EY1G1InRi32hzghHIYVXviAJVSXVEgv713qDHmY_yd29Du&sig=Cg0ArKJSzIakmrhs4Jr0EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 81EB 0
26 B 218ms
178ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssWAn3VAgmWqAn3tuBqqisdyQARCL78WsT4LRWpj9rKhUihFOHWWWSaOUlBiglLA3LKhYR2LXl_vNoOdPxa5XMRbEuHfdf0_B0A4NyhIMF_aj2nNkr5RHPlatULzC-Q6WsDBIMXWBsKS89UuPNkAZrhbZRmDu69APklzohG29jEXlv8fE9ZTTGLmGyjgnOONbAnlff9AMByQXxNnhFOwVeCsVWDZZNDNa1RaPpImSS2Q6QAWfWstT8W9dj4cXIeyswiEJbXra91GOsDBStkMMCz2g-ze8EhM541rIN40C-IOKLM3Y8px14jPpiN8kudUyBPrWessom8b0znErGsXlEG6VZGBTfFkv_0MAWzHqm_RhnCr-h5x-RmF4a31NGc5CC5&sig=Cg0ArKJSzJz_fnzEimEyEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame EAA2 0
26 B 220ms
179ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstdb7uXpVAMzfePbVprgI2NgBgtvHHIIsZcPsyCIlSKFE6r0FZg2JAsBKpCYvUNsecry7ok8wGk2GbatcTnPs-DfF_ToBYse0WnJ9xwvzDuUing8ykOfKK7aQem-mn9ODiIRYCwSZ4-cF3eQVKM6kO4aNE35qV-d8Rjo5SrmhmvPFIK-nmDXSm8VwcSf_t-PJyUby1FAmWsZxreznSXAR8qIvQNlEVbn_lF_Ofx_qHYsq0yXxrn6gCIjm20Dp-3S7vz5bpO_cycXgpWczq9Dw4aGGmKXq1ZrZOcEz-YpXmh5RMENrk9PzQMhiQTUTGxxwC5Jpy2L1VIRxwZ4BMzcczavgR3XFwxhNXSn2m7wF8gXHEPiLKvqHcwuawds7lk0Qqk&sig=Cg0ArKJSzGDEyPNBYZOyEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame A571 0
26 B 220ms
180ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss3iG84GjqT1EzpHjMo3zvtWItJ9Tq17Y6v38FXyyEpm7oov-nDPCp2N5pieZ8c_06XNhFNHsBMkVeQcx87Oo3mZoSQggEwT-PJuB-zcs30jLdiHJ8lTpZArf2nq_ANLidx-C6HYRR7ZQpjz7PoDzEeC_N_RaDDicV-zflgiI46hSaA5YG7Yh9_t0TgVE5hxcqUM84J0m96fxPXDY-C_J78WU2UmjNynAse_CbSsDkRQuRevN3tNxXxCzHtF9MjsJ6WQRBSrz5aCMoWLTwzfIjG_G-tS9cRxifac8ctc4JLWBIPVWiwJNAzT3d59Wir0KsmGTbUcwQ44mJNbPhAMPWV8w_P90oK7kr75UxrtFQVJ8GsAg7BxpmYHgjJ-ieO3YoQ&sig=Cg0ArKJSzIG8ckCwlT7BEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 5EBB 0
26 B 219ms
179ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsug33U3kPc0s_CETTYOEDu63bXhD1bVCpYGfAKMctuAHsTTxinrAC9rpkClxS7hihffYiN_WFP0biUrQCV_44OZQoBj2AW7IvDqG7OI01bkufcdq1yNJ0MGtI5LaCT5CD-OdjFrY9y5P41CS__up2cdjpxONW6Jn5C_gm-UBAb1wuUAoEz27lMIJMf54JsXgbUgKI9QfjSTULG9a8dD8pNyKyZjhxW_Ate4JzRUZ0o6Wp5C6jD93xSZVstuEfcodf7BpTBIjD7LL1m13vDlRz9RwHYZuCKQyw7mOuedF3zLvA3tc8-xnQCPaLPrgMTSQtbet7KrzpwjrVfn-aEjVuNgPrON1ZpQjdpmAMKKbh-208_uaawV7blWLP3RLPJzXakV&sig=Cg0ArKJSzF_c5ja4CxVzEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 165C 0
26 B 219ms
179ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssqjdsitcKHEQ5ONVgtmpG1Gc_eexfJL-9x6sbmkhJNtCXWBs2QiPJJoZ3vKCMWHYIE1DkHF-oT3W1odugIdOqvGwU_Z7JZM6Y8xAkcvIGCN2B6jy-SDj25_3r_6lZgtEzBCoPvbWzOAX8NBVWruBoGwL79ndGellb-GIFpRulyYinB7rAVEomLNb6nD7Ubw9URUPYCjh5ibHftFArylHeV5PccF4XLXYXlyqJ52yXwxJeAxCQoqV67lYQKq2RfLgwnAOsdBlC04Pcy5elcG4YvaDHKQ3oNBjRZV5yAKmwPIXS50VMzTWJQuqi5OiXqgMLDHCfiysq5Oyq8Yzk_gR8mrXZ_rQgwdJjBHmrh0sMZJLVMIuthQiY4JeHGwE8O34SW&sig=Cg0ArKJSzADOZxw9p2BtEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8D9A 550 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdfaea6f3dfd9126135a972b45e4132c73565f1d3d0e2a85b132e52342fd0617

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E59B 449 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13e951ec980c2e0882b58b187a86bf23af81a3c09fd992390ad3062e4c95a4de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 81EB 543 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82cecff4554d7a925d9493b80f6bad4bbc2e57c3d07b13545bea59806c8c4934

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EAA2 545 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60b3a20c6db854467416984c449f293e2dd69d702fd564c9536403a6c5052d4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A571 366 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85b3d927b962078c64555ff5ad47770224bc6f03447abbc88b5abe56ca757034

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5EBB 355 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7706d8c00ab543c844950c0f7035be6622c52daeb539205eb93eb481f2c8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 165C 550 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d54970c5b18c909182f0f18e5067859239afa28c5c4f1c17be7abc4837b2ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

OPTIONS
H2 204 country
www.pelcro.com/api/v1/sdk/geo/ Frame 0
0 296ms
296ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/geo/country?site_id=5070&language=en&locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 86692798192b9b86-FRA
date: Mon, 18 Mar 2024 23:55:37 GMT
expires: Mon, 18 Mar 2024 23:55:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

OPTIONS
H2 200 location
www.pelcro.com/api/v1/sdk/ Frame 0
0 51ms
51ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pelcro.com/api/v1/sdk/location
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
cf-ray: 86692798192d9b86-FRA
content-length: 0
date: Mon, 18 Mar 2024 23:55:37 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 country Show response
www.pelcro.com/api/v1/sdk/geo/ 5 KB
3 KB 352ms
352ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/geo/country?site_id=5070&language=en&locale=en

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ba5484f689481b134a0ddf78b337af0f276a33c1c4019f9d088aa6b96f2b7de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.16.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=0
cf-ray: 86692799fa2f9b86-FRA
expires: Mon, 18 Mar 2024 23:55:38 GMT

GET
H2 200 location Show response
www.pelcro.com/api/v1/sdk/ 66 B
165 B 41ms
41ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pelcro.com/api/v1/sdk/location
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d92dc4ef46f39dae0b2908c18f8f0623acfd88bc861da9378e7d2393f092228

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.16.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Mon, 18 Mar 2024 23:55:37 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 8669279879579b86-FRA
vary: Accept-Encoding
content-type: application/json; charset=UTF-8

GET
H2 200 country Show response
www.pelcro.com/api/v1/sdk/geo/ 5 KB
3 KB 347ms
346ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/geo/country?site_id=5070&language=en&locale=en

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ba5484f689481b134a0ddf78b337af0f276a33c1c4019f9d088aa6b96f2b7de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.16.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=0
cf-ray: 8669279c7bc19b86-FRA
expires: Mon, 18 Mar 2024 23:55:38 GMT

OPTIONS
H2 204 country
www.pelcro.com/api/v1/sdk/geo/ Frame 0
0 694ms
694ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/geo/country?site_id=5070&language=en&locale=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 86692798292e9b86-FRA
date: Mon, 18 Mar 2024 23:55:38 GMT
expires: Mon, 18 Mar 2024 23:55:38 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

POST
H2 204 k Show response
bat.bing.com/p/insights/c/ 0
231 B 132ms
132ms XHR
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/k

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/x-webinsights-gzip
Referer: https://www.crainsdetroit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 18 Mar 2024 23:55:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB84220918CB4DC08182DE20981AB30E Ref B: FRAEDGE1311 Ref C: 2024-03-18T23:55:37Z
x-powered-by: ARR/3.0
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://www.crainsdetroit.com
access-control-allow-credentials: true
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 tag.aspx Show response
ml314.com/ 33 KB
10 KB 39ms
38ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1922024
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 99c6759db0bf5499cf7be649fdec085400f989dbdd62853d865f03effe6d53bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:37:48 GMT
via: 1.1 google
content-encoding: br
age: 1069
x-guploader-uploadid: ABPtcPq7a_vbeG5FL4EWssNJdB0DDdZAiDEdG_ZJ52QY91cJZR_VgmSburKT6LtB_9UaFXUhCvEahhrqQQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10608
last-modified: Mon, 18 Mar 2024 21:40:23 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1710798023291201
x-goog-hash: crc32c=gZcFJQ==, md5=mf2H8ATtxKQ4t5e6NzYI+g==
content-type: application/javascript
cache-id: FRA-1209ea83
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 34203
accept-ranges: bytes

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 69ms
44ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1710806136809&de=985100584293&rx=60954908677&m=0&ar=b14f40e8f24-clean&iw=c678243&q=2&cb=1&cu=1710806136809&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A418459684%3A6354644058%3A138442311334&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_03&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=1x1&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A1392%3A1392%3A0%3A1348&tz=REC_03&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=207200&na=768689816&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:37 GMT

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame E59B 0
0 64ms
64ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstgYlVlBN1IkXXmjd6nAoxtO1Or-udYEfpfogRMnOEhXbIt3-tUNda2aGy_D4GYZ2ffIdKQrHGMbtCSQBpjz5RONWJ1mkG6Jx_-K2N4Qj9sPgx838MXGJr_N-T9mnEoVEgg5SCn6tdU4RuyhgZSwrCIWMcbz4-XYuH_dAOnQUAx_lHa3i4MTe2Wqp70bd04-Jh2MYAWyVPRBAxjDT0B0Pqs_G7nLoEanD_NOg7ikEwgZ35mGLMx07yK_1wYQu_dbq0vt8gW7qakFi5JB-KfdjtWsEY0DR6-GjFsjK095Y1gWN8X6c2eCZJig0ZCfLdEnJKpYZ78yGckigPTYOP_Vp6FHTyxwB4dQUAf26zUNfTU0HxT88SreeMAlqFgh1einGhUVys&sig=Cg0ArKJSzJECUhzMVRIZEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ii.js Show response
mb.moatads.com/ 128 B
205 B 85ms
85ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6439686130&callback=lineItemInfo6439686130Callback_68815018
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 8d09419958a6d818189803cc7e34f86e1f285b4f026438f1cea3fb6b6e3f1586

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
server: istio-envoy
etag: "47f40d88af3e3dafac5796e60656fcf266d47165"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 27
timing-allow-origin: *
content-length: 128

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame 81EB 0
0 69ms
69ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuiaWn3yHkGQw3MOLMLmXrqHN7GHlvzCSqM_igI-mNSaKx0qX7Nu4rvMdRhV6Gxlk_etXQ0J-B7YD2F5_rnoQyZXvrlZnHdRwwz5YYXv-2P3J5Cff5L9MfRGys6ANpvsTep3uu8pF1UrWiAXHRFCRhjJXbSuRehUDoUqR9fjsofYCo3AL1iU1VlRUfIwjrihY2TLtUrAYCKmEbBjZBY-Agh53ppBrQFN7pa8xGd5OkYrlxYGSQKQ_hT_f9ZS3WvEAAM5wr_NE8LMv1Y9gJtC6UNRYOv4HRDdrNQPEmuljCJoTQ8h0kGsekAu8R0zX08_sCAcB958EWrTq-9GAPZqP5ZIElRcVtnP5g_yZa2DQLOZGv6Z2BFFMhEhgEk1cZs2QAd9K0&sig=Cg0ArKJSzNdorekhudMYEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ii.js Show response
mb.moatads.com/ 128 B
203 B 63ms
63ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6478931411&callback=lineItemInfo6478931411Callback_68815018
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: a3001919241d513d8790af3340378c83caf4021705b588f808ced5c9774e82ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
server: istio-envoy
etag: "a28ac64d83217e1d4d34f487ea67cd61a27b2243"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 6
timing-allow-origin: *
content-length: 128

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame 165C 0
0 67ms
67ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsufIu576cSBo_aOlxI0WXzcQCWUwfkaB0YPU0nipZ2GOSUxpvPu_7GedOhxgp_OxiinuI8ikbAZrmNNIajktcVG154Xs5_DnkMnrnpy6I8hHNzIQc9bLXMYbQmLMZaJA-4_SnlyuNCRtSFGPipicICnL7pUxvSLFAsnSVLBaQH8kxXOqYad9e8i07XVAtqYxU_jCJR30nvBtMFfiSQ_7GaRGZwbHeyM-rlW61CaHc_DV1zi-5eWbzrENyZ0NM69kq5_9eQk8-PFT76BQJTGFe35kfsQReFwzOrWBdGF7-tTJ6boAHCD1o2EuOae_gCChEKlpqWiBey8bDDsisGbL9-KAaGWE5qqZuHPjJklXmxk0JY4XMzIrkaN_hHm5-R4RsDqIFI&sig=Cg0ArKJSzHsQtw0ZVyzhEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ii.js Show response
mb.moatads.com/ 128 B
205 B 70ms
70ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6683262888&callback=lineItemInfo6683262888Callback_68815018
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 78ad82bf5cc115ed841d826ccbfd08dea5bc6c02bfb6581508942f170ec8e7e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
server: istio-envoy
etag: "d903bb40bb997f5698bc48b0d64fceaa7459c4e6"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 13
timing-allow-origin: *
content-length: 128

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame 8D9A 0
0 65ms
65ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstWXW4v--48zG_f__jlRbHVM4bq_HCwjO6jroETJxJUPvUzNKrfqNKojElkYadGjA37bk8VhosJaNgbjpZtRXerb2L_JbbFgkWFBlNWXcGHQ-WLLoSl7L7RhUDsZ1dJV12Y181MXNf44Sgj5LZRZfQ9BXaQCP8w1UvELN8AqZ0cZeFpFkEMq9H7XKiPs3_mKlGHoxX96Z0eEzzRkLanDC7A5scSh6wYQJJzCCPl3NJjT5EroipBChki_-_SN-HC9mXsOKmPH3sJLPD1mTde8km9ffOmeCs0C1_ecxy8z82mKNvUO8etUJq_3fjikA_1lQPp5GVdmgt9Z-LQDgzcKiNdsOsjMWeA_yPIj6CovoE58SgGgaOwKuE87dEq5I3i3E3FBNc&sig=Cg0ArKJSzIDffbAJwBjMEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ii.js Show response
mb.moatads.com/ 134 B
207 B 63ms
63ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6544015677&callback=lineItemInfo6544015677Callback_68815018
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 34332d82a93af4580490ca78c6a60a5ad31ad5c090f1b12f2dbfb477b5994539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
server: istio-envoy
etag: "0e290b07c9188ef2ac3420b364c2e9e17f7069c6"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 6
timing-allow-origin: *
content-length: 134

GET
H2 200 pixel.gif
px.moatads.com/ Frame 8D9A 43 B
251 B 46ms
46ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&d=CRAINDFP1%3A104555044%3A415459684%3A-&de=894266536002&t=1710806137776&i=MOAT_FEATHER_DEBUG1&gw=craindfp44917164363&cm=10&f=0&bq=0&ar=b14f40e8f24-clean&iw=e2df029&dMoatOQs=moatClientLevel1%3D5219145332%26moatClientLevel2%3D3386977141%26moatClientLevel3%3D6544015677%26moatClientLevel4%3D138468679858%26moatClientSlicer1%3D104555044%26moatClientSlicer2%3D415459684%26zMoatPS%3DLB_01%26zMoatMData%3D1%26zMoatMMV%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26zMoatMGV%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26zMoatMSafety%3Dunsafe%26zMoatSZ%3D1200x250%26refresh%3D1&fq=1&sy=1&gh=0&wb=0&g=0&na=2029477554&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:37 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame EAA2 0
0 63ms
63ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv2tcT0xOUkpKCail95D2TfKy8oB2yC81DpVIgjG7XwYBCh9W9659kKYp1fcWuz-Kd8yi2D0rllY9zwY6TmwaV0lddlEF01Wm-kIMpz8ykR48HowJtLZzwF9OB7_0lIHQGEJmH2m__rkGpLuzbarlkiykvmCg7ZoFhgZLn1kHx4_in8bifH8lKpc6yHz06yNfqwy232GYU_yMiNRBHui6xsbrNHsoBKDvUgen_LaS5H-EIzbEF_kwBWOZrYw7f_O9MC3wKQZRZywzzmvRbTrkzqSDhAlzS70gf9veVbfZ_yTl3bEsP-4waru6jwiwTSdYeKd2OdXUD7fcxVQYraWkBxQ1pn-rELGx0WKab6JMvu5QC9Eh6Q49FI_t8tEjO-79hmj1A&sig=Cg0ArKJSzJCFBMYXV3T-EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ii.js Show response
mb.moatads.com/ 43 B
116 B 64ms
64ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6091333837&callback=lineItemInfo6091333837Callback_68815018
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e58f40f1d73845f9a054893be2007483f756099ea9075bb769df8125cff7f6e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
server: istio-envoy
etag: "68c9e39f9a76a98814a518a2ff75e3d42ff68d3e"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 6
timing-allow-origin: *
content-length: 43

OPTIONS
H2 204 5070
www.pelcro.com/api/v1/sdk/ecommerce/products/site/ Frame 0
0 609ms
609ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/ecommerce/products/site/5070

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8669279949d09b86-FRA
date: Mon, 18 Mar 2024 23:55:38 GMT
expires: Mon, 18 Mar 2024 23:55:38 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 5070 Show response
www.pelcro.com/api/v1/sdk/ecommerce/products/site/ 16 KB
2 KB 160ms
160ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/ecommerce/products/site/5070

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69cc199dd7839669ff5b763e037a020a9a8fdf443006ddac7ea595776ad2702c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.16.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2024 23:49:22 GMT
server: cloudflare
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=0
cf-ray: 8669279d1c259b86-FRA
expires: Mon, 18 Mar 2024 23:49:22 GMT

GET
H2 200 main.min.js Show response
js.pelcro.com/ui/plugin/crain-detroit-business/ 1 MB
337 KB 35ms
34ms Script
text/javascript 2600:9000:2240:5400:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/ui/plugin/crain-detroit-business/main.min.js
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:5400:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6a0e59129c5e539fce3e6a870476e9b90b44bf3430ddad914868108efbc4761

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 01:59:20 GMT
content-encoding: gzip
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
last-modified: Mon, 04 Mar 2024 12:47:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 78978
x-amz-server-side-encryption: AES256
etag: W/"936a2bfb89aa27b874f18afab1b02379"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
x-amz-cf-id: OZTNm6Tl2Jp894EnSmkl1VPRcHXiZmexGFqWBZRZXAxPAAAo3tZScg==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 44ms
43ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1710806136809&de=464307938758&rx=60954908677&m=0&ar=b14f40e8f24-clean&iw=c678243&q=3&cb=1&cu=1710806136809&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A418459684%3A6354644058%3A138441589527&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_04&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=1x1&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A1392%3A1392%3A0%3A1348&tz=REC_04&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=207200&na=2046436155&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:37 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame A571 0
0 65ms
64ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvBhCfR8I-bMD6Whzgkw8wF9vT5DdyT_sofwptbbUqeuF-HN3RM12CD1RIod6w6atTkCelpK8pmDy4DqPwYqsBTNTR4uDjbWVYBClz5j4wC3XmpxDDlaxw_y062UbPv3kDe8jEJP-my8_iI0tO_7TBdnxWfFONQqCZd81bPZeMpICv9QRizSYu5jVwqN5EvHgFoxo4xvWWZjOCyiHbJRuGc0tnx3n-vdH7xFkIXiNv7xm2d7aISdHWYE211jgupl3SwWP_GMVAoyKOMwV-1Yd70AxjB7ge204VdoydJh0zNX83lBsQACbyzeCqHRfBZZsJVDt50MuZc9pjSXmIIvSQscHh8HLM0aDzFDgYz8MxP74Cb-_1g-tAAMKJl1tgiIs5ewRE&sig=Cg0ArKJSzK9lS5jhuWxKEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 5EBB 0
0 63ms
62ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuIsRBuWFkMDlKTAhW7dCxiAFAXIo0F8915NYgXcNis09_hr_U2zqJE2YnzKoJw4bk9D67NF-Wb6Hgrg6OGKd8x_hdrLKbIfoSzIPE-bA8UOcOErFt94vGt14bMddxO5tgwEAiMcheNLXa0_j-O59ohx8cu6z8PJ3z--QCa7KAA9l7Ri_KFXTo4kTLL6lelrnJQbkICHKFRy1pQWGt0xv85VajwPd5e_oypmW1HKQZHEFwNL74rXVCYqcc96uYd5HXgOOgxqyRL4mnzOcKJ0nhaCdN0Mff6Z7ScmigsmW90Px9Ioodnwk84rlrm916lNxfxRkbubkTAEIHN_qiKAm8nQk5-4NeOU6ktQ-1i49YCqoKjUOastgeI9dpuLxPnWt0QhIo&sig=Cg0ArKJSzHQ8OalRhvQpEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 56ms
55ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1710806136809&de=563189605386&rx=60954908677&m=0&ar=b14f40e8f24-clean&iw=c678243&q=4&cb=1&cu=1710806136809&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6439686130%3A138458624057&zMoatMMV_MAX=40&zMoatPS=LB_02&zMoatMMV=40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=40%2C30%2C20%2C10&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A1392%3A1392%3A0%3A1348&tz=LB_02&iq=40&tt=40&tu=1&tp=unsafe&fs=207200&na=1113667124&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:37 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame E59B 0
0

GET
H2 200 fifelski.jpg
s3-rd-prod.crainsdetroit.com/styles/50x62/s3/ 1 KB
2 KB 455ms
455ms Image
image/jpeg 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-rd-prod.crainsdetroit.com/styles/50x62/s3/fifelski.jpg
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96dfd8c6951534ebe10d16afd482f8836cec6eb8d2ce3aea323f10a25baf07c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:38 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Sep 2023 21:33:15 GMT
server: cloudflare
x-amz-request-id: 881V0S88GN7C01KT
etag: "97b3a87012d4d96dfdce25fc631fe98d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 86692799eb001d86-FRA
content-length: 1382
x-amz-id-2: fsSCnLfbx4+sXQOFditFzQsSgsOu4DT4XYpci/ZrxvJ2Tiqdy/E/8KZ64NN16hNZ/FHgiBe1z18=
expires: Tue, 19 Mar 2024 00:55:38 GMT

GET
DATA 200
OK truncated
/ 107 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b98c22958e1ca412ad825cb5462746ef42eedb75b967aa954879b3eab227f2c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml;charset=utf-8

OPTIONS
H2 204 authorization
www.pelcro.com/api/v1/sdk/members/ip/ Frame 0
0 339ms
339ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8669279a8a999b86-FRA
date: Mon, 18 Mar 2024 23:55:38 GMT
expires: Mon, 18 Mar 2024 23:55:38 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H/1.1 200
OK apple-pay-sdk.js Show response
applepay.cdn-apple.com/jsapi/v1/ 162 KB
49 KB 153ms
29ms Script
application/javascript 2a01:b740:a10:f000::209
APPLE-AUSTIN

General

Check archive.org

Show headers Download Go to

Full URL

https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a01:b740:a10:f000::209 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN, US),

Reverse DNS

Software

Apple /

Resource Hash

afd584eb5736dd0208473226960ee2d03ca960465d28b21bf9e3a610c70899e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 18 Mar 2024 15:35:31 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
content-encoding: gzip
Age: 30009
Via: https/1.1 defra3-edge-lx-003.ts.apple.com (acdn/133.14417), http/1.1 defra3-edge-bx-032.ts.apple.com (acdn/133.14417)
X-Cache: miss, hit-fresh
CDNUUID: 98f711b0-b6a4-4041-bca7-b23d31011a00-19756398882
edge-control: cache-maxage=7d
x-envoy-upstream-service-time: 6
Connection: keep-alive
Content-Length: 48790
x-xss-protection: 1; mode=block
apple-tk: false
Server: Apple
apple-seq: 0
x-conversation-id: 516c2f5c-4e11-5746-6c87-53ba58b47cf4
etag: "836f40c1160e2cc053e0fd945a62cca3--gzip"
apple-originating-system: wp-content-server-prod1-use1
vary: Accept-Encoding
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401, stale-while-revalidate=86400
access-control-allow-credentials: false

GET
H2 404 authorization Show response
www.pelcro.com/api/v1/sdk/members/ip/ 76 B
148 B 334ms
334ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2057b29ca580da0aab4aa5c20f0cf9204c5e80025bbcaa343ecefbf0b0f420

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.16.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: no-cache, private
cf-ray: 8669279cabda9b86-FRA

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 42ms
41ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16993375091110671538&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=11&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1710806136809&de=563189605386&rx=60954908677&cu=1710806136809&m=924&ar=b14f40e8f24-clean&iw=c678243&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4936&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1392%3A1392%3A0%3A1348&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=242&cd=0&ah=242&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6439686130%3A138458624057&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=40&zMoatPS=LB_02&zMoatMMV=40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=40%2C30%2C20%2C10&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_02&iq=40&tt=40&tu=1&tp=unsafe&tc=0&fs=207200&na=741103138&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:38 GMT

POST
H2 200 s77702719344744 Show response
crain.112.2o7.net/b/ss/craindetroit/1/JS-2.20.0/ 43 B
393 B 153ms
49ms XHR
image/gif 63.140.62.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://crain.112.2o7.net/b/ss/craindetroit/1/JS-2.20.0/s77702719344744

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crainsdetroit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2024 23:55:38 GMT
server: jag
etag: 3673928207798468608-4617932171142485278
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.crainsdetroit.com
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2024 23:55:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 45ms
44ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1710806136809&de=625629358756&rx=60954908677&m=0&ar=b14f40e8f24-clean&iw=c678243&q=5&cb=1&cu=1710806136809&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6478931411%3A138460935702&zMoatMMV_MAX=0&zMoatPS=REC_01&zMoatMMV=0&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=0&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A1392%3A1392%3A0%3A1348&tz=REC_01&iq=0&tt=0&tu=1&tp=unsafe&fs=207200&na=1120055802&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 44ms
44ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3363866611623250881&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=11&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1710806136809&de=625629358756&rx=60954908677&cu=1710806136809&m=941&ar=b14f40e8f24-clean&iw=c678243&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4936&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1392%3A1392%3A0%3A1348&as=0&ag=9&an=0&gf=9&gg=0&ix=9&ic=9&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=9&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=18&cd=0&ah=18&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6478931411%3A138460935702&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=0&zMoatPS=REC_01&zMoatMMV=0&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=0&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=0&tt=0&tu=1&tp=unsafe&tc=0&fs=207200&na=81093047&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 40ms
40ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1710806136809&de=987925932405&rx=60954908677&m=0&ar=b14f40e8f24-clean&iw=c678243&q=6&cb=1&cu=1710806136809&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6683262888%3A138468178373&zMoatMMV_MAX=0&zMoatPS=LB_03&zMoatMMV=0&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=0&zMoatSZ=970x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A1392%3A1392%3A0%3A1348&tz=LB_03&iq=0&tt=0&tu=1&tp=unsafe&fs=207200&na=416462605&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 44ms
44ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F8384655227831368602&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=11&g=0&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1710806136809&de=987925932405&rx=60954908677&cu=1710806136809&m=954&ar=b14f40e8f24-clean&iw=c678243&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4936&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1392%3A1392%3A0%3A1348&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14&cd=0&ah=14&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6683262888%3A138468178373&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=0&zMoatPS=LB_03&zMoatMMV=0&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=0&zMoatSZ=970x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_03&iq=0&tt=0&tu=1&tp=unsafe&tc=0&fs=207200&na=2135512149&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 44ms
44ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1710806136809&de=393147597533&rx=60954908677&m=0&ar=b14f40e8f24-clean&iw=c678243&q=7&cb=1&cu=1710806136809&ll=2&lm=0&ln=0&em=0&en=0&d=5219145332%3A3386977141%3A6544015677%3A138468679858&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A1392%3A1392%3A0%3A1348&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&fs=207200&na=1518874520&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 47ms
47ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.crainsdetroit.com%2F%2Fbanking-finance%2F-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=11&g=0&h=250&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=112&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1710806136809&de=393147597533&rx=60954908677&cu=1710806136809&m=969&ar=b14f40e8f24-clean&iw=c678243&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=112&lb=4936&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1392%3A1392%3A0%3A1348&as=0&ag=7&an=0&gf=7&gg=0&ix=7&ic=7&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=7&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14&cd=0&ah=14&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5219145332%3A3386977141%3A6544015677%3A138468679858&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=DOMSEARCH&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=207200&na=417658936&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 44ms
43ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1710806136809&de=823631259548&rx=60954908677&m=0&ar=b14f40e8f24-clean&iw=c678243&q=8&cb=1&cu=1710806136809&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6091333837%3A138402123361&zMoatMMV_MAX=0&zMoatPS=REC_02&zMoatMMV=0&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=0&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A1392%3A1392%3A0%3A1348&tz=REC_02&iq=0&tt=0&tu=1&tp=unsafe&fs=207200&na=1557680402&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:38 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
201 B 189ms
189ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.crainsdetroit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 18 Mar 2024 23:55:37 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 1303029CE9984DB9BBA62B065316FEC5 Ref B: DUS30EDGE0908 Ref C: 2024-03-18T23:55:38Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.crainsdetroit.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYT+Bgo3/oj9g88DyYPaQ==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 45ms
44ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F15307122963789882879&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=11&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1710806136809&de=823631259548&rx=60954908677&cu=1710806136809&m=984&ar=b14f40e8f24-clean&iw=c678243&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4936&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1392%3A1392%3A0%3A1348&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15&cd=0&ah=15&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6091333837%3A138402123361&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=0&zMoatPS=REC_02&zMoatMMV=0&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=0&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_02&iq=0&tt=0&tu=1&tp=unsafe&tc=0&fs=207200&na=29839080&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:38 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame 260E 0
273 B 662ms
220ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ebe1a83278d605de01c2374ebfdc54b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 18 Mar 2024 23:55:38 GMT
x-stripe-server-envoy-start-time-us: 1710806138962143
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1710806138961325
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 260E 0
273 B 650ms
219ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ebe1a83278d605de01c2374ebfdc54b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 18 Mar 2024 23:55:38 GMT
x-stripe-server-envoy-start-time-us: 1710806138961741
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1710806138961223
access-control-allow-credentials: true
content-length: 0

GET
H2 200 ii.js Show response
mb.moatads.com/ 41 B
141 B 70ms
70ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=__page__&callback=lineItemInfo__page__Callback_68815018
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: fc5d9ccbbcb3e2aed8f93dc13a2e474f6737663853d814909f8023969a0bd4f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:38 GMT
server: istio-envoy
etag: "fb8520b45e7f82dbf100582f1ba58f008cc57551"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 15
timing-allow-origin: *
content-length: 41

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 42ms
42ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAIN_PREBID_HEADER1&hp=1&wf=1&ra=5&pxm=3&sgs=6&vb=10&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1710806136809&de=521984398438&rx=60954908677&m=0&ar=b14f40e8f24-clean&iw=c678243&q=9&cb=1&cu=1710806136809&ll=2&lm=0&ln=0&em=0&en=0&d=crainsdetroit.com%3AFlagstar%20paid%20%241M%20bitcoin%20ransom%20after%20cyberattack%20in%202021%2C%20court%20filings%20show%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A1392%3A1392%3A0%3A1348&fs=207200&na=1319280893&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:38 GMT

GET
H2 200 nr-rum-1.253.0.min.js Show response
js-agent.newrelic.com/ 45 KB
16 KB 92ms
28ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum-1.253.0.min.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6d7aa6bb298937661d993695e32a86a9c891b3cb77e46cda3831bc8ca616c55c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: TgvqgvoYAHsERQ1.OBrfuMt0ieYpGWt5
content-encoding: br
via: 1.1 varnish
date: Mon, 18 Mar 2024 23:55:38 GMT
strict-transport-security: max-age=300
x-amz-request-id: W45R3GKPKPM0T13J
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15820
x-amz-id-2: FSCD2Utu+0jhM/NsfdGbD/2noM0uy8GGLPH6nv0J+OEhpouxzaQkcBtH7tFBILfynLs6CqeEKfo=
x-served-by: cache-fra-etou8220107-FRA
last-modified: Wed, 13 Mar 2024 21:07:25 GMT
server: AmazonS3
etag: "25a03a86ccddb342618e06f726d40778"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 77336

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 9186 200 B
886 B 35ms
35ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 4229858
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 18 Mar 2024 23:55:38 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 684983
x-content-type-options: nosniff
x-request-id: 395fa3e5-f3f3-4ba2-b6a6-fbb3d3dd77a7
x-served-by: cache-fra-etou8220068-FRA

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 43ms
42ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403140101&st=env

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf9a1f4ff0912c581ff41e7f6a0a6f7cb4aee1b873a50504639adf3e2528dec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12474
x-xss-protection: 0

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9186 526 B
450 B 37ms
37ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 18 Mar 2024 23:55:38 GMT
via: 1.1 varnish
age: 4217767
x-cache: HIT
content-length: 315
x-request-id: 4c6437fb-9d04-40e6-9004-bf85b2578cb8
x-served-by: cache-fra-etou8220068-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 651755

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 43ms
43ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=3&sgs=6&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.crainsdetroit.com%2F%2Fbanking-finance%2F-&i=CRAIN_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1710806136809&de=521984398438&rx=60954908677&cu=1710806136809&m=1615&ar=b14f40e8f24-clean&iw=c678243&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4296&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1392%3A1392%3A0%3A1348&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=crainsdetroit.com%3AFlagstar%20paid%20%241M%20bitcoin%20ransom%20after%20cyberattack%20in%202021%2C%20court%20filings%20show%3A__page__%3A-&gw=crainprebidheader782626518086&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207200&na=2145604304&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:38 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 23:55:38 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame A942 930 B
1 KB 53ms
43ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 69
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 18 Mar 2024 23:55:38 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 21
x-content-type-options: nosniff
x-request-id: 6efd5127-22b1-444b-a1b5-745b575fc2b4
x-served-by: cache-fra-etou8220068-FRA
x-timer: S1710806139.538256,VS0,VE0

POST
H/1.1 200
OK 6e51ac8bf4 Show response
bam.nr-data.net/1/ 48 B
623 B 714ms
581ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/6e51ac8bf4?a=165752170&v=1.253.0&to=bwMEMhYCXUUCUBBbW1ZJJwUQClxYTHcWR0RZCjoICwdWaiBcCkZGVwoKAxY/fVkHVjJbUU8lCQgQEVxaD1YWHwpODwMR&rst=3229&ck=0&s=07176091fb77a596&ref=https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group&hr=0&qt=7&ap=2329&be=715&fe=2414&dc=898&at=Q0QHRF4YTks%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1710806135304,%22n%22:0,%22dn%22:28,%22dne%22:28,%22c%22:28,%22s%22:66,%22ce%22:105,%22rq%22:105,%22rp%22:715,%22rpe%22:720,%22di%22:1348,%22ds%22:1595,%22de%22:1613,%22dc%22:3118,%22l%22:3123,%22le%22:3129%7D,%22navigation%22:%7B%7D%7D
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4a725979acb1681a72265c90e68ae931853303505fb9e883bf7fe8e499a66df

Request headers

Referer: https://www.crainsdetroit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type: text/plain

Response headers

Date: Mon, 18 Mar 2024 23:55:39 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.crainsdetroit.com
access-control-expose-headers: Date
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 8669279eba2365d4-FRA
timing-allow-origin: https://www.crainsdetroit.com

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame A942 87 KB
15 KB 43ms
41ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 18 Mar 2024 23:55:38 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 252
x-cache: HIT
content-length: 15509
x-request-id: c42b9ddd-aec0-4cf4-bb4a-e9aa9e124d4a
x-served-by: cache-fra-etou8220068-FRA
server: Fastly
x-timer: S1710806139.590670,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 72

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A920 13 KB
5 KB 30ms
30ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 14:39:31 GMT
expires: Tue, 18 Mar 2025 14:39:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Show response
pagead2.googlesyndication.com/bg/ Frame A920 40 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 17:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15583
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Mar 2025 17:06:02 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame A942 156 B
668 B 644ms
212ms XHR
application/json 35.82.187.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.187.64 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-187-64.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

22d713561cd06e6be770f657919e39572b74825aeead2e8cd7f83b1c7514dead

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Mar 2024 23:55:39 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1710806139211384
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1710806139210759
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A920 0
10 B 28ms
27ms Image
text/plain 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DhNugQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 81EB 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcj3G5h_279QhawAcVaSRuhbjSFPEho-JdQZTevFuUtLjS7wRvNuCpUTXBDHFm-_zRonASLtrtQj5YABKgNMOTkDrAUnhj6CTXasZLx7Epkgi5ac9OAzaaAh1vDFUcRYR1JMn32dodajiKqVEIoDgZJlV3dljpFvQUfoz1&sig=Cg0ArKJSzI3B3u_ugNQLEAE&id=lidar2&mcvt=1000&p=564,1130,814,1430&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240318&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2893687796&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=673893700&rst=1710806137450&rpt=293&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8D9A 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv40ys7J8teDyj870lSPuYQzdShjt4fDH6s0pJLt7OWQB6esLfxdCzTztQPPmen4MoeyJJZuMB9IMjqCUAGvK0Lt_bbwj-oirvwa9EhMWad5FSY32F8dR5tI960_2f51yRo1zqTuWV-uUrvhW_-MHMM7o4mGLe9DUonAoNd&sig=Cg0ArKJSzAFGRtNZTTbXEAE&id=lidar2&mcvt=1000&p=112,200,362,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240318&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=674599526&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=673893700&rst=1710806137439&rpt=335&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 47ms
46ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1710806136809&de=625629358756&rx=60954908677&cu=1710806136809&m=2038&ar=b14f40e8f24-clean&iw=c678243&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4296&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1392%3A1392%3A3129%3A1348&as=1&ag=1107&an=9&gi=1&gf=1107&gg=9&ix=1107&ic=1107&ez=1&ck=1107&kw=915&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1107&bx=9&ci=1107&jz=915&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=915&cd=18&ah=915&am=18&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6478931411%3A138460935702&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=0&zMoatPS=REC_01&zMoatMMV=0&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=0&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=0&tt=0&tu=1&tp=unsafe&tc=0&fs=207200&na=1192312831&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 43ms
43ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1710806136809&de=625629358756&rx=60954908677&cu=1710806136809&m=2039&ar=b14f40e8f24-clean&iw=c678243&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4296&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1392%3A1392%3A3129%3A1348&as=1&ag=1107&an=1107&gi=1&gf=1107&gg=1107&ix=1107&ic=1107&ez=1&ck=1107&kw=915&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1107&bx=1107&ci=1107&jz=915&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=915&cd=915&ah=915&am=915&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6478931411%3A138460935702&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=0&zMoatPS=REC_01&zMoatMMV=0&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=0&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=0&tt=0&tu=1&tp=unsafe&tc=0&fs=207200&na=1141141370&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 47ms
47ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1710806136809&de=625629358756&rx=60954908677&cu=1710806136809&m=2039&ar=b14f40e8f24-clean&iw=c678243&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4296&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1392%3A1392%3A3129%3A1348&as=1&ag=1107&an=1107&gi=1&gf=1107&gg=1107&ix=1107&ic=1107&ez=1&ck=1107&kw=915&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1107&bx=1107&ci=1107&jz=915&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=915&cd=915&ah=915&am=915&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6478931411%3A138460935702&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=0&zMoatPS=REC_01&zMoatMMV=0&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=0&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=0&tt=0&tu=1&tp=unsafe&tc=0&fs=207200&na=1202852507&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 49ms
49ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&h=250&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=112&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1710806136809&de=393147597533&rx=60954908677&cu=1710806136809&m=2040&ar=b14f40e8f24-clean&iw=c678243&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=112&lb=4296&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1392%3A1392%3A3129%3A1348&as=1&ag=1077&an=7&gi=1&gf=1077&gg=7&ix=1077&ic=1077&ez=1&ck=1077&kw=883&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1077&bx=7&ci=1077&jz=883&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=883&cd=14&ah=883&am=14&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5219145332%3A3386977141%3A6544015677%3A138468679858&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-CrainMulti&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=207200&na=2045944457&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 47ms
47ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&h=250&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=112&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1710806136809&de=393147597533&rx=60954908677&cu=1710806136809&m=2040&ar=b14f40e8f24-clean&iw=c678243&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=112&lb=4296&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1392%3A1392%3A3129%3A1348&as=1&ag=1077&an=1077&gi=1&gf=1077&gg=1077&ix=1077&ic=1077&ez=1&ck=1077&kw=883&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1077&bx=1077&ci=1077&jz=883&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=883&cd=883&ah=883&am=883&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5219145332%3A3386977141%3A6544015677%3A138468679858&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-CrainMulti&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=207200&na=248087449&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 44ms
44ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&h=250&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=112&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1710806136809&de=393147597533&rx=60954908677&cu=1710806136809&m=2040&ar=b14f40e8f24-clean&iw=c678243&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=112&lb=4296&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1392%3A1392%3A3129%3A1348&as=1&ag=1077&an=1077&gi=1&gf=1077&gg=1077&ix=1077&ic=1077&ez=1&ck=1077&kw=883&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1077&bx=1077&ci=1077&jz=883&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=883&cd=883&ah=883&am=883&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5219145332%3A3386977141%3A6544015677%3A138468679858&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-CrainMulti&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=207200&na=560031418&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
65ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403140101&jk=4388747529106204&bg=!6uml6abNAAY_ejuoH3o7ADQBe5WfOLzx5_Tz8do7EjGT9GS2Wi9ZWmMT1JCuypRySMm4qQGhRKELR4xBBc0KmmuBcqdtAgAAADZSAAAAAmgBB5kCuBUyqwscnAWZPwp9U2VS5rq9XnaxV5h9RjUcZMKkZGCjoSmyrCNJdDLykZqoh-bu1OkZB5o4qckuGFob_QQM2w2GKKoIphUZrlEL9QJaLgSYA4eTFU8f9Fewbt3Yulkif-WVBvMKauD4lJuz4N9E2msqpjYzEL5_C3s1Zf47wCTGAOeyDvHNYP0aCitJ6Tp_dj6oZuC8xAmUSGQbPcrmDNhJ1YTD37NXoOXWsFKXKx9lCYc6RViuBOiyjuoKwdvX4OqWpEdl5cqMQSyLRP9BThCEJqNh98N3atbnLQt8A_ABe2olx2M53Gxj4HBu5vs5R46UH6xxQWkHYZe0YXslveTSr8N5SW-Uns5b3RoMhVNA222AOA5Q_jUWdlgpwhGRHiDl2fMkV_cy9rLqmSJy-3ITxynAMhLo6nFY4A7zIPh05wY9k1Hw7j_LMFSrJy_rFEMAsdyal91PjvBKXVMmcxSpDAX9sIDwN_cNDUMsv-jffs8PpHnjL_hca_ZmTCRvlFwwEO4GLVqK4EjEwWQb1SxyN_-ZWBBWn-OUcHVAxrfMhAPYPoSzLbji5UWbCcVnjLsbUWaBdKcakowyvuiCgErDntMBTyH-HDN7Y1AaAPFzaLJo-ukLDTrXJoW2dV1jv0PKPqwCQPmIz30cU7StObcmzFjGVXWN67T56jjTY9Tby-fKSNCaEkMePhLRg_5GOwM8qCG-06hVy-Njli49RNFwB60c_7n_UOYtqCoq9Z1NOH8q616Y9CfrBsmjrazLMkV-G0ycscUdEZriUQ7myaCSu2z7dCLRdOPyKLtWXNpBZQR1_iCuAQ1EG3zfEPYKdtVUB0EROD2GJ-XL0E5kPMJts4iLVVzlPCK-PcsGSHjUAxjEpIl5heturcW3Oo8rx-MFszS5xyGG_caDkQ4k5HY1OuQtF9SZ1w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

POST
H2 200 b Show response
r.stripe.com/ Frame 260E 0
273 B 212ms
212ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1ebe1a83278d605de01c2374ebfdc54b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 18 Mar 2024 23:55:39 GMT
x-stripe-server-envoy-start-time-us: 1710806139551832
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1710806139551178
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 204 i
r.lr-ingest.com/ Frame 0
0 482ms
145ms Preflight 104.198.23.205
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.com/i?a=wlb5gx%2Fdrupal-sites&r=5-72a00513-c87a-42b2-89d6-307b045c1ae9&t=fef1c33e-26cd-47c0-b6cb-d808336f7515&s=0&rs=0%2Cu&u=b729f5a7-fe56-4015-aab3-942ff8eda05b&is=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-logrocket-relay-version
Access-Control-Request-Method: POST
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Mon, 18 Mar 2024 23:55:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 i Show response
r.lr-ingest.com/ 25 KB
26 KB 1353ms
469ms XHR
application/json 104.198.23.205
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.com/i?a=wlb5gx%2Fdrupal-sites&r=5-72a00513-c87a-42b2-89d6-307b045c1ae9&t=fef1c33e-26cd-47c0-b6cb-d808336f7515&s=0&rs=0%2Cu&u=b729f5a7-fe56-4015-aab3-942ff8eda05b&is=1

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/logger-1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

/ Express

Resource Hash

b1f43dc0c64f0ca25f074d19fe31085d329ff40dce7c2851c56955261cbb16e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
X-LogRocket-Relay-Version: 2023.12.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 23:55:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
etag: W/"63fd-8GcS9X+jNNb24aORjBJUVIS5PFk"
x-powered-by: Express
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
content-length: 25597

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/5/intl/de_ALL/ 255 KB
56 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/5/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcbc8ab915e52c51519bbdeddbb0f03f64271724603a19396fc22d11191fb711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 22:30:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56900
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 20:45:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Mar 2025 22:30:53 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/5/intl/de_ALL/ 181 KB
56 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/5/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

149a94c6dc9cf86314c0ceb88a77aa5dc17fadcb94610ed4bcd11b3b2f5ad7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 22:30:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57234
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 20:45:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Mar 2025 22:30:53 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 56ms
56ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1710806136809&de=625629358756&rx=60954908677&cu=1710806136809&m=6074&ar=b14f40e8f24-clean&iw=c678243&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4296&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1392%3A1392%3A3129%3A1348&as=1&ag=5143&an=1107&gi=1&gf=5143&gg=1107&ix=5143&ic=5143&ez=1&ck=1107&kw=915&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5143&bx=1107&ci=1107&jz=915&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4951&cd=915&ah=4951&am=915&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=211798204%3A2827089045%3A6478931411%3A138460935702&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=0&zMoatPS=REC_01&zMoatMMV=0&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=0&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=0&tt=0&tu=1&tp=unsafe&tc=0&fs=207200&na=398056980&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 23:55:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 18 Mar 2024 23:55:42 GMT

GET pixel.gif
px.moatads.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssf94mvrog6ZidBrfvLpT6nSIrIoWCm-ROWnvvZC2qlotrKJ8LQ_7l-oLZsr7Uuf5ICUcEDtHHkA3jrJE_qoC4hc0w4NeFFniSGiI5wfvMOe0hsYybm-ofm9PSFJ4ucSOpmXu8vyG_RXmNt8VfOav3dA_mSHXHhDmb9d56_&sig=Cg0ArKJSzK6MwkLmeVfVEAE&id=lidartos&mcvt=0&p=2047,376,2137,1104&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240318&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=3&adk=408539902&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&co=673893700&rst=1710806137446&rpt=279&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Domain: px.moatads.com
URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-ooivBihjElCFgA%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=4&h=250&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=112&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1710806136809&de=393147597533&rx=60954908677&cu=1710806136809&m=6075&ar=b14f40e8f24-clean&iw=c678243&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=112&lb=4296&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1392%3A1392%3A3129%3A1348&as=1&ag=5113&an=1077&gi=1&gf=5113&gg=1077&ix=5113&ic=5113&ez=1&ck=1077&kw=883&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5113&bx=1077&ci=1077&jz=883&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4919&cd=883&ah=4919&am=883&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=5219145332%3A3386977141%3A6544015677%3A138468679858&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=1200x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-CrainMulti&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=207200&na=2055947107&cs=0

Verdicts & Comments Add Verdict or Comment

217 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.crainsdetroit.com/	1970-01-20 19:13:27	Name: __cf_bm Value: x3BY37vnpfJYY53XH03O3jj20wWZN0N.5M3t6xI2rx8-1710806135-1.0.1.1-Lf65LnewGI1jJX3ta0d10HV5WHblZJQySkejGSHktztnWI4ZCeLg7mtzruw_gTQV3R7am4snsDVmM_3wQHtClw
.crainsdetroit.com/	1970-01-21 04:49:26	Name: _ga Value: GA1.2.1758361776.1710806137
.crainsdetroit.com/	1970-01-20 19:14:52	Name: _gid Value: GA1.2.151453732.1710806137
.crainsdetroit.com/	1970-01-20 19:13:26	Name: _gat_gtag_UA_2717831_1 Value: 1
.crainsdetroit.com/	1969-12-31 23:59:59	Name: at_check Value: true
www.crainsdetroit.com/	1970-01-20 19:13:29	Name: sailthru_hid Value:
.crainsdetroit.com/	1970-01-21 04:42:14	Name: _cb Value: Bj9yhLKzPTZbsBaI
.crainsdetroit.com/	1970-01-21 04:42:14	Name: _chartbeat2 Value: .1710806137002.1710806137002.1.jPIEVC8YmKMQ_7eeKa75EDDYc-N.1
.crainsdetroit.com/	1970-01-20 19:13:27	Name: _cb_svref Value: external
.crainsdetroit.com/	1970-01-20 21:23:02	Name: _gcl_au Value: 1.1.1498814537.1710806137
.crainsdetroit.com/	1970-01-20 19:13:27	Name: TAsessionID Value: f6ec58a1-6f9b-4f31-874f-3d1bc58751bc\|NEW
.demdex.net/	1970-01-20 23:32:38	Name: demdex Value: 65488357751747574282899052090091504928
.crainsdetroit.com/	1969-12-31 23:59:59	Name: AMCVS_138FFF2554E6E7220A4C98C6%40AdobeOrg Value: 1
.bing.com/	1970-01-21 04:35:02	Name: MUID Value: 3243CE95137169AE0CB5DAD312A3687B
.crainsdetroit.com/	1970-01-20 21:23:02	Name: _fbp Value: fb.1.1710806137229.1766845959
www.crainsdetroit.com/	1970-01-20 19:13:27	Name: sailthru_pageviews Value: 1
.crainsdetroit.com/	1970-01-20 19:14:52	Name: Y3JhaW5zZGV0cm9pdC5jb20%3D-_lr_tabs_-wlb5gx%2Fdrupal-sites Value: {%22sessionID%22:0%2C%22recordingID%22:%225-72a00513-c87a-42b2-89d6-307b045c1ae9%22%2C%22webViewID%22:null%2C%22lastActivity%22:1710806137321}
.crainsdetroit.com/	1970-01-20 19:14:52	Name: Y3JhaW5zZGV0cm9pdC5jb20%3D-_lr_hb_-wlb5gx%2Fdrupal-sites Value: {%22heartbeat%22:1710806137321}
.crainsdetroit.com/	1969-12-31 23:59:59	Name: Y3JhaW5zZGV0cm9pdC5jb20%3D-_lr_uf_-wlb5gx Value: 3aa5507f-f9b0-42ba-bcad-4635cd2ead95
.bat.bing.com/	1970-01-21 04:35:02	Name: MSPTC Value: YMJvhFoTIStAOwKoTx6sTzMEg3FNRDbm1l04Gvs6PhQ
.crainsdetroit.com/	1970-01-20 23:32:38	Name: __eoi Value: ID=3e4745f07a3ad425:T=1710806137:RT=1710806137:S=AA-Afjbo9ZyRpaU9ViRAFUjZt3nR
.t.co/	1970-01-21 04:49:26	Name: muc_ads Value: 09cd0831-5ef5-481e-acb1-e2e731d36070
.crainsdetroit.com/	1970-01-21 04:49:26	Name: mbox Value: session#61e3c2a60dbe48568dc4b1098537540a#1710807998\|PC#61e3c2a60dbe48568dc4b1098537540a.37_0#1774050938
.linkedin.com/	1970-01-20 21:23:02	Name: li_sugr Value: 1ace4bbf-c9b2-482a-8398-05429aaa1613
.linkedin.com/	1970-01-21 03:59:02	Name: bcookie Value: "v=2&c2bb2f42-7d49-4b63-82bb-fff51058e75b"
.linkedin.com/	1970-01-20 19:14:52	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3277:u=1:x=1:i=1710806137:t=1710892537:v=2:sig=AQHkulEjaFPh0Ns008ZYGiu14eExJAlN"
.twitter.com/	1970-01-21 04:49:26	Name: personalization_id Value: "v1_nGhcFNtv/dThhJOd/vSJGg=="
.crainsdetroit.com/	1970-01-21 04:37:54	Name: __qca Value: P0-826859903-1710806137225
.crainsdetroit.com/	1970-01-20 19:14:52	Name: _uetsid Value: 044ff080e58311eebccc6771ec7392d4\|sjnj9l\|2\|fk6\|0\|1538
.dpm.demdex.net/	1970-01-20 23:32:38	Name: dpm Value: 65488357751747574282899052090091504928
.crainsdetroit.com/	1970-01-21 04:49:26	Name: AMCV_138FFF2554E6E7220A4C98C6%40AdobeOrg Value: 179643557%7CMCIDTS%7C19801%7CMCMID%7C65523411743536879012897842479546973257%7CMCAAMLH-1711410937%7C6%7CMCAAMB-1711410937%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1710813337s%7CNONE%7CMCSYNCSOP%7C411-19808%7CvVersion%7C5.5.0
.crainsdetroit.com/	1970-01-21 03:59:02	Name: _hjSessionUser_1906609 Value: eyJpZCI6IjE0ODNiMTc1LTBhNjYtNTE1Yy04MDczLWMwMjU0ZDdiZmIwNyIsImNyZWF0ZWQiOjE3MTA4MDYxMzc1OTgsImV4aXN0aW5nIjpmYWxzZX0=
.crainsdetroit.com/	1970-01-20 19:13:27	Name: _hjSession_1906609 Value: eyJpZCI6ImU5ZGJjZmQ2LWI0N2UtNDNkOS1iZmFjLWViZWEzZjcyYmNlZSIsImMiOjE3MTA4MDYxMzc2MDAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.crainsdetroit.com/	1970-01-20 19:13:26	Name: cciFirstTouch Value: %7B%7D
.linkedin.com/	1970-01-20 19:56:38	Name: UserMatchHistory Value: AQIBOwHoySHmTwAAAY5T_frYbBRkKxrXM_wbW2XHywo_xG7yuJ9ED-7Hk_dJCzW-b3b1D99bZYjoPg
.linkedin.com/	1970-01-20 19:56:38	Name: AnalyticsSyncHistory Value: AQKKkQ5k1M_nvgAAAY5T_frY5uw6lYloKQtRMhXnZTjiP0hDReUs66AXvZ9rFG5-0t8tj5hIkWN7Ujlxnp6krw
.crainsdetroit.com/	1970-01-21 03:51:50	Name: pelcro.unique.id Value: ZGNwZ2lmMzVsdmtsdHhsc3djbQ==
.crainsdetroit.com/	1970-01-21 04:35:02	Name: _uetvid Value: 045004a0e58311ee857761f10f9d8bc0\|rh15ze\|1710806137804\|1\|1\|bat.bing.com/p/insights/c/k
www.crainsdetroit.com/	1970-01-21 03:59:02	Name: sailthru_content Value: c2ecf56f67a9c657c65c9e9b3f18f673
www.crainsdetroit.com/	1970-01-21 03:59:02	Name: sailthru_visitor Value: bdf54fc3-2513-4486-9a1c-ac31de3ac983
.www.linkedin.com/	1970-01-21 03:59:02	Name: bscookie Value: "v=1&20240318235537a2bfe7d7-5a74-4d38-847f-b157f24440bfAQHozx7BZ48BRmWWGbnpgVXElwUeKpuR"
.linkedin.com/	1970-01-20 23:32:38	Name: li_gc Value: MTswOzE3MTA4MDYxMzc7MjswMjEs7o6pzAoa20QmiPVA0ZgNxu6jG62Y/x5crFlWzhXM6g==
.crainsdetroit.com/	1970-01-20 19:13:27	Name: s_depth Value: 1
.crainsdetroit.com/	1970-01-20 19:13:27	Name: s_ppn Value: banking%20%26%20finance%3ABanking%20%26%20Finance%3A895766_flagstar%20paid%20%241m%20bitcoin%20ransom%20after%20cyberattack%20in%202021%2C%20court%20filings%20show
.crainsdetroit.com/	1970-01-20 19:56:38	Name: s_nr Value: 1710806137998-New
www.crainsdetroit.com/	1969-12-31 23:59:59	Name: chkcookie Value: 1710806138008
.crainsdetroit.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.crainsdetroit.com/	1969-12-31 23:59:59	Name: s_ppvl Value: banking%2520%2526%2520finance%253ABanking%2520%2526%2520Finance%253A895766_flagstar%2520paid%2520%25241m%2520bitcoin%2520ransom%2520after%2520cyberattack%2520in%25202021%252C%2520court%2520filings%2520show%2C28%2C28%2C1200%2C1600%2C1200%2C1200%2C1600%2C1%2CP
.crainsdetroit.com/	1969-12-31 23:59:59	Name: s_ppv Value: banking%2520%2526%2520finance%253ABanking%2520%2526%2520Finance%253A895766_flagstar%2520paid%2520%25241m%2520bitcoin%2520ransom%2520after%2520cyberattack%2520in%25202021%252C%2520court%2520filings%2520show%2C28%2C28%2C1200%2C1600%2C1200%2C1200%2C1600%2C1%2CP
m.stripe.com/	1970-01-21 04:49:26	Name: m Value: 4a6fc68e-ce99-4647-8ef0-5dd13a94739cf5f4fd
.www.crainsdetroit.com/	1970-01-21 03:59:02	Name: __stripe_mid Value: bc629655-0595-4916-8525-4d1191e9ababb295f1
.www.crainsdetroit.com/	1970-01-20 19:13:27	Name: __stripe_sid Value: 5158df88-f5a3-46da-85fa-b791a028cc7f15dc09

53 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pubcast-files.remixd.com/player-configs/crainsdetroit.com Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/637988649571323?v=2.9.150&r=stable&domain=www.crainsdetroit.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3c31de4bed55da245a04c91b99e87e1c.safeframe.googlesyndication.com
ad-delivery.net
ad.doubleclick.net
ak.sail-horizon.com
analytics.twitter.com
api.btloader.com
api.sail-personalize.com
applepay.cdn-apple.com
assets.adobedtm.com
bam.nr-data.net
bat.bing.com
btloader.com
cdn.lr-ingest.com
cdn.lr-intake.com
cdnjs.cloudflare.com
cm.everesttech.net
connect.facebook.net
consent.trustarc.com
crain-com.videoplayerhub.com
crain-global.s3.amazonaws.com
crain.112.2o7.net
craommunications.demdex.net
craommunications.tt.omtrdc.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
js-tag.zemanta.com
js.pelcro.com
js.stripe.com
m.stripe.com
m.stripe.network
mab.chartbeat.com
maps.googleapis.com
mb.moatads.com
ml314.com
p1.zemanta.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
pubcast-files.remixd.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
r.lr-ingest.com
r.stripe.com
rules.quantcount.com
s3-rd-prod.crainsdetroit.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.chartbeat.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tags.remixd.com
tpc.googlesyndication.com
vi.ml314.com
www.crainsdetroit.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.pelcro.com
z.moatads.com
pagead2.googlesyndication.com
px.moatads.com
104.198.23.205
104.244.42.131
104.244.42.133
13.107.42.14
13.224.189.87
13.32.27.54
130.162.160.243
130.211.23.194
142.250.186.70
151.101.192.176
162.247.241.14
176.34.167.98
18.66.112.84
18.66.122.52
18.66.97.49
199.232.188.157
2.19.107.55
2600:9000:223c:9600:6:44e3:f8c0:93a1
2600:9000:2240:5400:c:b42a:3740:93a1
2600:9000:2646:ba00:18:1fcd:353:c61
2606:4700:10::6816:4ad8
2606:4700:10::ac43:1a0b
2606:4700:10::ac43:247d
2606:4700:20::681a:246
2606:4700:20::ac43:4acf
2606:4700:3034::ac43:991b
2606:4700:3037::6815:6a4
2606:4700::6811:180e
2606:4700::6812:b93b
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c06::9a
2a01:b740:a10:f000::209
2a02:26f0:3100:787::1e80
2a02:26f0:780::210:a40a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::649
2a04:4e42:200::714
3.5.31.150
34.117.77.79
35.190.38.143
35.201.104.135
35.82.187.64
44.194.189.235
52.17.54.105
54.187.119.242
63.140.62.222
66.235.152.225
99.83.154.140
00a2606e1fe54936cf49336a833470b146c1d8eb28ecbef2fd134785ad78b123
04fcd6a5d8cda1ed675f518abfd91b6a8bbdda9cd508426bdbcca58dd457d7b2
05473628a05446e2ae7971509b4e43b76b31ca77abf28dfe6b1cb8167e0164de
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
08142330655deb1526dcc56795c92eb5c13012f75b599d5ac68db4027953ed80
0a094736305b27be0ed1574764bc61bb066a33118cd9603dae6d4e002591e8f3
0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed
13e951ec980c2e0882b58b187a86bf23af81a3c09fd992390ad3062e4c95a4de
149a94c6dc9cf86314c0ceb88a77aa5dc17fadcb94610ed4bcd11b3b2f5ad7bd
192574e33506cbc2db0a4a31e24e7a72abe1bd1fc08f10da2e1e0d789bbed5fe
1b02035774d9978a0656512051c97ec80f62a4da90137b41e4e998d5cbb7b957
1cc5b96699b9c21feae769f29c0267340a3c1f9c36d6542b001f960d3058fed1
1d8fb7264da35f0a328c76bea44722c24c4a12e7de9b690a2180b5f57e868f53
1fcef0716825e85fb5a12018e61d82ba24f358254c0f6ed5cb1bae3d3a920904
22a564e9d4184c90dc9e0a8c354e247063ae64d9ce1dcd50b691d2ad291c1fa2
22d713561cd06e6be770f657919e39572b74825aeead2e8cd7f83b1c7514dead
2472b2d44c92fff06a3266936ee73317ff90535641442356faa4e12c59c5d8d9
24fcce4d063676374643817ec12847f4e45921ec95d36643dc825c361dcc9241
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2658d58658e760341eb4e0233a076241d20647c97b71e1b64c57c3ca263578bd
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2b4f22f30d39cb4bcedecf40d500aa953c8d891970f73e0b9b61d97c4666330b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a1485c5f7cba6880eb2d4730a0a11cb30ff0ab1e5c6387457660ae214c5edf
34332d82a93af4580490ca78c6a60a5ad31ad5c090f1b12f2dbfb477b5994539
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bda6eb2aadc180d5c832068d23ffa237717e42b7a7cb5a567ff2dfd0e575807
3da23c6b7353f903e30e3651984a87359c7facd26296b147bd6b6ebdfecdf86f
3f97daaf33de46594c8c53f12928a493174b836bdff3f673456493c78f509dfb
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4753efaa55ec4381d4b4b320f2cec85ebce4577de533e6e24553b4fe34204022
476f3ea93ecf3d5a3d04f9ec7264d9be07c55792cae459e1e056d668fbe0eb1c
477926aa04368dcc2d05073bd2da2378d5dc357b43e34fcdacf37127b38a56d0
483610c50fe1dbfc40268da23b2ab2a1a8bf735f4dfcaed8e37f78e3af31011e
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a29012c74596d5a96e2913541f0b61dbf47843b4165baccaeff3f4d1909d31b
4b10a155838bd5355a620824cba9d3611cd77be60ac2b23e4296c6f66bedef35
4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5d54970c5b18c909182f0f18e5067859239afa28c5c4f1c17be7abc4837b2ea5
5d92dc4ef46f39dae0b2908c18f8f0623acfd88bc861da9378e7d2393f092228
60b3a20c6db854467416984c449f293e2dd69d702fd564c9536403a6c5052d4c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63aae67d48458f330d11bac26bf2fc81512d26d4186cdb01f82021be2a0b2ab4
694d8d308661f0a9835c8ba2c50f848dd8effa27fbea6938d0bbd95b9f9ee571
69cc199dd7839669ff5b763e037a020a9a8fdf443006ddac7ea595776ad2702c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7aa6bb298937661d993695e32a86a9c891b3cb77e46cda3831bc8ca616c55c
6d8199530cfa9e80faeb1d8d79d8b0c2c04fbf48f2d14b0e98ce87d96b20b693
708f37d42db58799126ed4dc0ea8847882d430f7cbbe8453db6d03210ab63f14
70d590fd3f4dd71b53ff73f9f5b6e51f5218960683251a5d7779060edb8fb2aa
73e151cc390f1fba4745585b840819b02843ce1b16231d08aa281db4aee4d7e0
7429f8084c66cf882a7e96a4afcf207df7c77483f13a91ec7333887392dc346a
78ad82bf5cc115ed841d826ccbfd08dea5bc6c02bfb6581508942f170ec8e7e7
7905d6e4526944dd6fa407e26c056ed6c5f5fb366f7d5f6254c49a0830badfeb
79d038a268ee2fcd4762cecadeeba4a274889108b739b51f28c389382d980f3f
7a14a0fe551572acdc43f34050492d8bd9ffb0e9e312532308fed7b8322c2903
7ba5484f689481b134a0ddf78b337af0f276a33c1c4019f9d088aa6b96f2b7de
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82cecff4554d7a925d9493b80f6bad4bbc2e57c3d07b13545bea59806c8c4934
8458e4b4a54eacfd1b843411542fb3c450c0b9cf9552297bfca73fc718a258ae
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
85b3d927b962078c64555ff5ad47770224bc6f03447abbc88b5abe56ca757034
879f8ac93353fa4011fb96c803114599fccc3bdf068c906fc2ea35b9e9715d79
8d09419958a6d818189803cc7e34f86e1f285b4f026438f1cea3fb6b6e3f1586
902c90e02862f6af386270280c1129264a5bce6f28826aa27ad9de856827858b
914b98c4be37d22289a09667dc5083f7c625d972fea66a049d73decad7f1df72
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5
940199e3ff7556588249d729e5af6d21129401950d75df8259b175c57ddf3ef1
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
96dfd8c6951534ebe10d16afd482f8836cec6eb8d2ce3aea323f10a25baf07c8
982abd6700474cbf50afcec02e1e52e938aa8d666c2ebd01e018a37333bd2068
986fe3da40757fb67805f5136fb3627c04d0f25f17b490d0b1dbe66c481b3e74
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c6759db0bf5499cf7be649fdec085400f989dbdd62853d865f03effe6d53bf
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b
a0c6f52bf4d52ba78bcc460ca2e69b57de88b48821133063a4185ebdb6c5b02f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17b4e32bbe1fbeb9652704cd9c2b4ae580ac44715b848c762a44d4b8935fff8
a25146c544ae821d97ac637e817dae3f4985b7e991d7354cf1d21561a8dfc630
a3001919241d513d8790af3340378c83caf4021705b588f808ced5c9774e82ab
a52bf805948390e3ecf0ee9bf232f1563a9d8cae24a20152845730f355adedbb
a6364cbee21672d46d78c5eb9d2aec16631740b625552d3e4747c33cb3a936ab
a926196a97d8e400c8c714bcc663de7e30e226928ed7432e3c8f03ba9183eab3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afb22835b561cd5c463bf3b3619f7ea222ca87ae9ecff4ee1c1fa53154f7d3a8
afd584eb5736dd0208473226960ee2d03ca960465d28b21bf9e3a610c70899e5
b022a884114de14db9cefdd4d2554c1f281ae12820f33976f3c7e768f7998fbc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f43dc0c64f0ca25f074d19fe31085d329ff40dce7c2851c56955261cbb16e7
b4910ab351d6b75afc3397714f5d0ede5809dfd642fbc43ef390e44519c2b4d6
b4a725979acb1681a72265c90e68ae931853303505fb9e883bf7fe8e499a66df
b98c22958e1ca412ad825cb5462746ef42eedb75b967aa954879b3eab227f2c8
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb2cf9f858e5a9650e4214c71bbd71e257aa18c5f1b4e24927accd4b33eb0652
bf1c0df8b4f1771a1ee8d1e3245a76929eff1801de282d36c67e8cb5e16baf90
c03d980fed6f86344148c1d33e311ffe17b84985ec47519e62556e3dd82d8f7f
c6a0e59129c5e539fce3e6a870476e9b90b44bf3430ddad914868108efbc4761
c6e1bca811af848f4ad930170f9bc77edcd142fc90badc0218cd8c6dc57f36ed
c72f7117f8074a4938b64c241b62929ce19615e9766d4a8c6cff8608735e5fe8
ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb828280be4d8a383123ca1fd7497f9ce289a26a14baa729ccbaa33dda3bc892
cdfaea6f3dfd9126135a972b45e4132c73565f1d3d0e2a85b132e52342fd0617
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cf9a1f4ff0912c581ff41e7f6a0a6f7cb4aee1b873a50504639adf3e2528dec2
d208e777775378f574b7d0120d2a549a0afec0c3957c51b781a0155d772a4ab2
d3841ddbd6228db1640d8e927279a4db6d7ac3fa47c9bf18f42ee22a7c076162
d5897e8e09a85f610e1afffe64f8838900def6ecd2296dccbd2cf006de83c17d
d598b11113ca13e57538e85b580e0135467c25fbbf1f60f248dcadac20e86fad
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d986b35a59fa7cdf953a4b6e5ad899b3d9ebfed1501c01a385f67c22e3690a0a
dcbc8ab915e52c51519bbdeddbb0f03f64271724603a19396fc22d11191fb711
dcda6233b9433198b116599b6c9b7d3f28ab6aae16a8b23cf63c9338d3e4c1fc
dd83d563e9acad29d8b8cdcc9b8e2611c2ef269278a01d17414c22f714f611a4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e29f986367ac6f7c5d8a9c2dfde5a0cf6f2a8a70a68cebf80197f945253d9c48
e35ea95288c443888def1bd1c9cdcad2fc17dac1a018711053dd7556ce39f55a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f855e17f37e24da094ea311929c1fb97da7d9ae66b79f51cf20c6f8918f0c3
e58f40f1d73845f9a054893be2007483f756099ea9075bb769df8125cff7f6e7
e9dd1659fcb3095d91a4c4174b4e4bc7fa3ef7470f107f1d0e0dec780d4752f9
eaafa6081b854f5d07ac61c2fed4c79526c79149608c0a304f156c945c41a114
ee2057b29ca580da0aab4aa5c20f0cf9204c5e80025bbcaa343ecefbf0b0f420
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2642634e396d16e410f04f342043325da54d58e386bc0db675a874d4da7ee4
f058c513fcaf91655142859e33bc379433065e14cbc8eaf57de942825dc731a9
f4caa2d9c614a9494dd5a4687b93387e47b84becb371cd62860012add5ee9552
f7706d8c00ab543c844950c0f7035be6622c52daeb539205eb93eb481f2c8115
f7836e03f6a037000a9a0bd44ae673964b00fa7c92ad4cf51cefabcbfbf1c5cc
fb947a7f8ed92bb31038d96a8e36f2f844bb8c8c925ea96183a0d647748cd5c9
fc5d9ccbbcb3e2aed8f93dc13a2e474f6737663853d814909f8023969a0bd4f4

www.crainsdetroit.com Open in urlscan Pro 2606:4700::6812:b93b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

231 Requests

97 %HTTPS

53 %IPv6

45 Domains

67 Subdomains

59 IPs

5 Countries

4875 kBTransfer

17236 kBSize

52 Cookies

10 Outgoing links

Redirected requests

231 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.crainsdetroit.com Open in urlscan Pro
2606:4700::6812:b93b Public Scan

Screenshot
Live screenshot

Full Image

231
Requests

97 %
HTTPS

53 %
IPv6

45
Domains

67
Subdomains

59
IPs

5
Countries

4875 kB
Transfer

17236 kB
Size

52
Cookies

231 HTTP transactions
9 data transactions