urlscan.io logo urlscan.io
SecurityTrails logo

plus.npr.org Open in urlscan Pro
151.101.130.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://plus.npr.org/
Effective URL: https://plus.npr.org/
Submission: On April 09 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 18 domains to perform 63 HTTP transactions. The main IP is 151.101.130.133, located in United States and belongs to FASTLY, US. The main domain is plus.npr.org.
TLS certificate: Issued by R3 on March 20th 2023. Valid for: 3 months.
This is the only time plus.npr.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
plus.npr.org
5    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
media.supportingcast.fm
1    2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    54.231.139.24 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
4    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    52.12.237.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-237-161.us-west-2.compute.amazonaws.com
api.amplitude.com
2    216.35.221.71 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
api.npr.org
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm
2    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-adaptive-growth.cloudfunctions.net
2    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
11390690.fls.doubleclick.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fi
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fi
Apex Domain
Subdomains		 Transfer
27 npr.org
plus.npr.org
api.npr.org — Cisco Umbrella Rank: 23429
831 KB
5 supportingcast.fm
media.supportingcast.fm
1 MB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 100
11390690.fls.doubleclick.net
googleads.g.doubleclick.net Failed
1 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
242 KB
3 google.fi
www.google.fi — Cisco Umbrella Rank: 29193
adservice.google.fi — Cisco Umbrella Rank: 306082
1 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 407
14 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
239 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 90
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
136 KB
2 cloudfunctions.net
us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2711
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 amplitude.com
api.amplitude.com — Cisco Umbrella Rank: 1586
205 B
1 pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 2617
6 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1464
654 B
1 amazonaws.com
s3.amazonaws.com
127 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1034
12 KB
0 clarity.ms Failed
www.clarity.ms Failed
0 tiktok.com Failed
analytics.tiktok.com Failed
63 18
Domain Requested by
25 plus.npr.org 1 redirects plus.npr.org
5 media.supportingcast.fm plus.npr.org
4 www.googletagmanager.com plus.npr.org
www.googletagmanager.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
plus.npr.org
2 www.facebook.com plus.npr.org
2 www.google.fi plus.npr.org
2 connect.facebook.net plus.npr.org
connect.facebook.net
2 11390690.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm
2 www.google-analytics.com www.googletagmanager.com
plus.npr.org
2 api.npr.org plus.npr.org
2 api.amplitude.com media.supportingcast.fm
1 adservice.google.fi adservice.google.com
1 adservice.google.com 11390690.fls.doubleclick.net
1 www.google.com plus.npr.org
1 cdn.pdst.fm plus.npr.org
1 polyfill.io media.supportingcast.fm
1 s3.amazonaws.com plus.npr.org
1 use.fontawesome.com plus.npr.org
0 www.clarity.ms Failed bat.bing.com
0 googleads.g.doubleclick.net Failed www.googletagmanager.com
0 analytics.tiktok.com Failed plus.npr.org
63 23

This site contains links to these domains. Also see Links.

Domain
www.npr.org
npr.formstack.com
help.npr.org
text.npr.org
www.supportingcast.fm
Subject Issuer Validity Valid
plus.npr.org
R3		 2023-03-20 -
2023-06-18		 3 months crt.sh
*.supportingcast.fm
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-28 -
2023-11-29		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2022-12-06 -
2023-12-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2023-01-23 -
2024-02-14		 a year crt.sh
*.npr.org
Thawte RSA CA 2018		 2023-01-09 -
2024-02-02		 a year crt.sh
cdn.pdst.fm
GTS CA 1D4		 2023-03-28 -
2023-06-26		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-16 -
2023-04-16		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.google.fi
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://plus.npr.org/
Frame ID: 469BBAD64A780EC3667A73AC0B1914DB
Requests: 57 HTTP requests in this frame

Frame: https://11390690.fls.doubleclick.net/activityi;dc_pre=CNnMqZDHm_4CFabMOwIdiycBww;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2Fplus.npr.org%2F
Frame ID: 1A658B017F935E26616E253395540E6C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNnMqZDHm_4CFabMOwIdiycBww;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2Fplus.npr.org%2F
Frame ID: 15EBB49603803F2FC189BF11FFE7CD5C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.fi/ddm/fls/i/dc_pre=CNnMqZDHm_4CFabMOwIdiycBww;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2Fplus.npr.org%2F
Frame ID: E68D341111FB6E7E93973DA6F3DDDA58
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NPR Plus | Membership

Page URL History Show full URLs

  1. http://plus.npr.org/ HTTP 301
    https://plus.npr.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

63
Requests

95 %
HTTPS

65 %
IPv6

18
Domains

23
Subdomains

21
IPs

3
Countries

2628 kB
Transfer

3545 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://plus.npr.org/ HTTP 301
    https://plus.npr.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://11390690.fls.doubleclick.net/activityi;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2Fplus.npr.org%2F HTTP 302
  • https://11390690.fls.doubleclick.net/activityi;dc_pre=CNnMqZDHm_4CFabMOwIdiycBww;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2Fplus.npr.org%2F

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
plus.npr.org/
Redirect Chain
  • http://plus.npr.org/
  • https://plus.npr.org/
37 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99fe712ed438697d27cdd08e079f51b04ea862d17ed0998ca1301d49e36d6bd2
Security Headers
Name Value
Content-Security-Policy default-src 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com data:;form-action *.supportingcast.fm plus.npr.org docs.google.com connect.stripe.com *.supportingcast.fm;img-src * data:;media-src * data:;connect-src 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;style-src 'unsafe-inline' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;frame-src *;frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, private
content-encoding
gzip
content-security-policy
default-src 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com data:;form-action *.supportingcast.fm plus.npr.org docs.google.com connect.stripe.com *.supportingcast.fm;img-src * data:;media-src * data:;connect-src 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;style-src 'unsafe-inline' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;frame-src *;frame-ancestors 'none';
content-type
text/html; charset=UTF-8
cr-x-cache
MISS
date
Sun, 09 Apr 2023 00:36:11 GMT
feature-policy
geolocation 'self' https://js.stripe.com https://www.googletagmanager.com https://amplitude.com https://profile-api.amplitude.com; payment 'self' https://js.stripe.com
permissions-policy
camera=(), display-capture=(self), fullscreen=(self), geolocation=(), microphone=(), web-share=()
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-iad-kiad7000071-IAD, cache-fra-eddf8230027-FRA
x-timer
S1681000571.618310,VS0,VE1203
x-xss-protection
1; mode=block

Redirect headers

Accept-Ranges
bytes
CR-X-Cache
HIT
Connection
close
Content-Length
0
Date
Sun, 09 Apr 2023 00:36:10 GMT
Location
https://plus.npr.org/
Retry-After
0
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
0
X-Served-By
cache-fra-eddf8230135-FRA
X-Timer
S1681000570.438583,VS0,VE0
app.css
media.supportingcast.fm/css/ 		156 KB
157 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.supportingcast.fm/css/app.css?d=1680882449
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
952eebe11dbb1784efb0b6e7783a74f8bc7c599182bb5324c07ef6736b9abeb5

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230074-FRA
date
Sun, 09 Apr 2023 00:36:12 GMT
via
1.1 varnish
cr-x-cache
HIT
last-modified
Fri, 07 Apr 2023 15:37:47 GMT
age
1587
x-timer
S1681000572.036756,VS0,VE1
etag
"5da640c51129c3873cae690d2e3982b3"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/css
accept-ranges
bytes
content-length
160235
x-cache-hits
1
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer
https://plus.npr.org/
Origin
https://plus.npr.org
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 00:36:12 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3QXH4MJPCNG1P59B
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
9AruAcHUSg5rb8aLAQbbqS+YuXFrLuCLagKK7LEKMbAgFka8WYr62LAbsrHtdAJbp95WSzzEgWE=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCrfxfhPJLXfJjaZlXMBpO4drHapY7kHW9vlSN71Rx8udrMgdTRbSEs%2BdxHAqf4P7K5MaKpiJVVTXWhEIbG4UBYYk%2FO%2FTqcWTf378KwlQQMbDAd6YeWHXBIAHl2PsFB8JtTDTXYlNoLWtsr%2BDQxG8LJD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7b4eaca6efce0a38-ARN
supportingcast_sdk.js
media.supportingcast.fm/js/ 		96 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.supportingcast.fm/js/supportingcast_sdk.js?d=1680882449
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9e570bcdfa49dcf95172e81975d6694df257ddf0ffcc3df360824762a9f8867e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230074-FRA
date
Sun, 09 Apr 2023 00:36:12 GMT
via
1.1 varnish
cr-x-cache
HIT
last-modified
Fri, 07 Apr 2023 15:37:49 GMT
age
1587
x-timer
S1681000572.036952,VS0,VE1
etag
"83f8fd5382c29a6b99c02a25cccbb6a5"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
content-length
98626
x-cache-hits
1
d68cd88d-6559-43e2-8f55-a457d0a48875.png
media.supportingcast.fm/content/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.supportingcast.fm/content/d68cd88d-6559-43e2-8f55-a457d0a48875.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21cc8dcc72ed316a038fc267308fbb3b75581600876f59019e05afdae6d14c15

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230074-FRA
date
Sun, 09 Apr 2023 00:36:12 GMT
via
1.1 varnish
cr-x-cache
HIT
last-modified
Fri, 02 Apr 2021 16:02:28 GMT
age
205538
x-timer
S1681000573.596935,VS0,VE1
etag
"769264ebe3759a25e73721d164a8e0e1"
x-cache
HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
14649
x-cache-hits
1
04a2ae60-ef24-42fa-b111-dd300c45ecf0.jpeg
s3.amazonaws.com/media.supportingcast.fm/content/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/media.supportingcast.fm/content/04a2ae60-ef24-42fa-b111-dd300c45ecf0.jpeg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.139.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
06dd4182eba8ec8d27a11a9854cf50a92e743c09f4524fd8b0fa8d2214a8680d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 09 Apr 2023 00:36:13 GMT
x-amz-version-id
null
Last-Modified
Tue, 01 Nov 2022 13:33:12 GMT
Server
AmazonS3
x-amz-request-id
3QXG62KZCCZG8JAB
ETag
"1e350492e9994070ea48ab1b0be916cd"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
x-amz-meta-surrogate-control
max-age=31557600
x-amz-meta-surrogate-key
n232
Accept-Ranges
bytes
Content-Length
130002
x-amz-id-2
b4kZQ92yNVKlkBHqfixWHcrEqVcypBJLaWrxpZ6zwh6qMBG/noAFDRnoUXRvwwOk92+97kxMtuE=
apple_podcasts.png
plus.npr.org/images/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/logos/apple_podcasts.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bbef37ff761dac2a1fa9959b29ce5f890c8822e487a18c65dbcdc1a6a7414ff4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
1511467
x-cache
HIT, HIT
content-length
4768
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200158-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 08 Mar 2023 14:38:54 GMT
x-timer
S1681000573.598789,VS0,VE1
etag
"64089dfe-12a0"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-cache-hits
764, 1
spotify.png
plus.npr.org/images/logos/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/logos/spotify.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7417fb9ac2bcfe34cef46801b9531caee261d3b9ffc799e110a86a36cd89adf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
909703
x-cache
HIT, HIT
content-length
63167
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000098-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 27 Mar 2023 13:21:32 GMT
x-timer
S1681000573.598790,VS0,VE2
etag
"6421985c-f6bf"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-cache-hits
108, 1
google_podcasts.jpg
plus.npr.org/images/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/logos/google_podcasts.jpg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76ec799209058566b88410e0a6ee331f4a1dabbcad92c9092b516015607ea1ca
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
325235
x-cache
HIT, HIT
content-length
2236
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000027-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2023 20:43:38 GMT
x-timer
S1681000573.599498,VS0,VE1
etag
"6424a2fa-8bc"
x-frame-options
DENY
content-type
image/jpeg
accept-ranges
bytes
x-cache-hits
3, 1
overcast.png
plus.npr.org/images/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/logos/overcast.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b3b5519e7a63f6d8ce7c5abed5b3d753c3e58c4e349ce0ff58b1ed67f3776b7e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
2224837
x-cache
HIT, HIT
content-length
3923
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200176-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 02 Mar 2023 17:07:22 GMT
x-timer
S1681000573.599215,VS0,VE2
etag
"6400d7ca-f53"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-cache-hits
464, 1
pocket_casts.png
plus.npr.org/images/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/logos/pocket_casts.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21dc690c0425157582fa108407ff628954398305ee35acbb6f17b35aceb4ae94
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
985359
x-cache
HIT, HIT
content-length
3467
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200113-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 10 Feb 2023 19:29:56 GMT
x-timer
S1681000573.599710,VS0,VE1
etag
"63e69b34-d8b"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-cache-hits
1206, 1
itunes.png
plus.npr.org/images/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/logos/itunes.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5924ae8d6b1620b7e637f43c64f546da193cae58fe2b6d932169ee80cd754842
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
1358115
x-cache
HIT, HIT
content-length
3587
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000123-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 Mar 2023 13:38:42 GMT
x-timer
S1681000573.599666,VS0,VE1
etag
"641078e2-e03"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-cache-hits
192, 1
podcast_addict.png
plus.npr.org/images/logos/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/logos/podcast_addict.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26acc7255f577a53c63eb69f2efe25c47ce6b3c53a8b87835dc0aa013799254b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
909703
x-cache
HIT, HIT
content-length
4498
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100136-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 24 Jan 2023 15:53:24 GMT
x-timer
S1681000573.599232,VS0,VE1
etag
"63cffef4-1192"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-cache-hits
1815, 1
npr-plus-bundle.png
plus.npr.org/images/npr-images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/npr-plus-bundle.png
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a01538fdb25dc6fc93fda7912dabf7d9591c41693df6e6a36e2c71271990da96
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
160535
x-cache
HIT, HIT
content-length
25805
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100108-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2023 20:43:38 GMT
x-timer
S1681000573.599521,VS0,VE1
etag
"6424a2fa-64cd"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-cache-hits
106, 1
code-switch-plus.jpg
plus.npr.org/images/npr-images/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/code-switch-plus.jpg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
da81666807eee6bef59283c22568c46119e0603e4664c1c3dccfa2d73f1179fe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
1414733
x-cache
HIT, HIT
content-length
88032
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200156-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 02 Mar 2023 17:07:22 GMT
x-timer
S1681000573.599152,VS0,VE2
etag
"6400d7ca-157e0"
x-frame-options
DENY
content-type
image/jpeg
accept-ranges
bytes
x-cache-hits
742, 1
fresh-air-plus.svg
plus.npr.org/images/npr-images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/fresh-air-plus.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40330f009e54ccd36fc867e0601af72695e5ade1f9dc01712bbbad913d7102da
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
325235
x-cache
HIT, HIT
content-length
13427
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000069-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 Mar 2023 13:38:42 GMT
x-timer
S1681000573.599148,VS0,VE2
etag
"641078e2-3473"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
1216, 1
embedded-plus.jpg
plus.npr.org/images/npr-images/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/embedded-plus.jpg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
132d4ca218b05f0808ef3871bf6462e84e97ab9c7a5a2d6ca2be961a9bd082e7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
1533788
x-cache
HIT, HIT
content-length
58704
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000122-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Feb 2023 22:00:54 GMT
x-timer
S1681000573.657428,VS0,VE2
etag
"63f7e216-e550"
x-frame-options
DENY
content-type
image/jpeg
accept-ranges
bytes
x-cache-hits
985, 1
its-been-a-minute-plus.svg
plus.npr.org/images/npr-images/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/its-been-a-minute-plus.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f32342bc3924912686f8bfae763f2be055b4450078567e400f0c9a443340d7fb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
1639074
x-cache
HIT, HIT
content-length
98072
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100167-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 08 Mar 2023 14:38:54 GMT
x-timer
S1681000573.658138,VS0,VE2
etag
"64089dfe-17f18"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
17, 1
life-kit-plus.svg
plus.npr.org/images/npr-images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/life-kit-plus.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
00f4c00f8c0d490fc07da00e08974b58d451461aa375f67d01755031aa5880bb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
909703
x-cache
HIT, HIT
content-length
13905
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100129-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 Mar 2023 13:38:42 GMT
x-timer
S1681000573.657431,VS0,VE1
etag
"641078e2-3651"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
802, 1
npr-news-now.svg
plus.npr.org/images/npr-images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/npr-news-now.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2e6e23969c9c1dea7e5e9872739c3a286871a6be5f3d5210b9c0673666594033
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
354176
x-cache
HIT, HIT
content-length
12678
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200179-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 Mar 2023 13:38:42 GMT
x-timer
S1681000573.657431,VS0,VE2
etag
"641078e2-3186"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
862, 1
politics.svg
plus.npr.org/images/npr-images/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/politics.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eccc141fdfbf8eaf7a748d706e31ef1e9178ab184fac6f2244f3f06d712e8077
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
1336178
x-cache
HIT, HIT
content-length
87061
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100098-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 Feb 2023 22:54:58 GMT
x-timer
S1681000573.657426,VS0,VE2
etag
"63fe8642-15415"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
1081, 1
planet-money-plus.jpg
plus.npr.org/images/npr-images/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/planet-money-plus.jpg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6efe6ebe9d13b6315c526a9acf520b66b58c05de10cfa49fc640d9b8ae4be558
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
985359
x-cache
HIT, HIT
content-length
65321
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100148-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 07 Mar 2023 14:25:30 GMT
x-timer
S1681000573.658086,VS0,VE2
etag
"6407495a-ff29"
x-frame-options
DENY
content-type
image/jpeg
accept-ranges
bytes
x-cache-hits
1079, 1
pop-culture-happy-hour-plus.svg
plus.npr.org/images/npr-images/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/pop-culture-happy-hour-plus.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d1bff4e9d97c15b80610234c80fb9e173d813dd63dd99ac4c4ea04a0a305c84
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
325235
x-cache
HIT, HIT
content-length
33099
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100133-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 08 Mar 2023 14:38:54 GMT
x-timer
S1681000573.657800,VS0,VE2
etag
"64089dfe-814b"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
1259, 1
short-wave-plus.jpg
plus.npr.org/images/npr-images/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/short-wave-plus.jpg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d5d992942668fb5fe0bfb51edebec0fcbdc7b8e3439c735810d43e9ff312edaf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
1497106
x-cache
HIT, HIT
content-length
61974
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200112-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 02 Mar 2023 17:07:22 GMT
x-timer
S1681000573.657741,VS0,VE2
etag
"6400d7ca-f216"
x-frame-options
DENY
content-type
image/jpeg
accept-ranges
bytes
x-cache-hits
679, 1
ted-radio-hour-plus.jpg
plus.npr.org/images/npr-images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/ted-radio-hour-plus.jpg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
613aed1d93f5d0a60204b31742b75d63ddd5e3d0885303af51620a572bda5495
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
985359
x-cache
HIT, HIT
content-length
60294
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200034-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Jan 2023 16:53:58 GMT
x-timer
S1681000573.657138,VS0,VE2
etag
"63bee9a6-eb86"
x-frame-options
DENY
content-type
image/jpeg
accept-ranges
bytes
x-cache-hits
1418, 1
throughline-plus.svg
plus.npr.org/images/npr-images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/throughline-plus.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3300651c20f801c69b1e7ed73e3ea32d00e9b1df14d2f13dd1c72cf28ecde8bc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
1533788
x-cache
HIT, HIT
content-length
40625
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000154-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 Feb 2023 22:54:58 GMT
x-timer
S1681000573.657119,VS0,VE2
etag
"63fe8642-9eb1"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
921, 1
up-first-plus.svg
plus.npr.org/images/npr-images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/up-first-plus.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c51e8ed90aadca79be5dc5d0c68896d33bb0874e123702286a687515ae47142
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
1336168
x-cache
HIT, HIT
content-length
16596
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200026-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 Feb 2023 22:54:58 GMT
x-timer
S1681000573.657104,VS0,VE1
etag
"63fe8642-40d4"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
1064, 1
wait-wait-plus.svg
plus.npr.org/images/npr-images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.npr.org/images/npr-images/wait-wait-plus.svg
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed69178bcad62774d14e1d2e1ab82d7b77f9ed1b978061ef2351d92372c510d8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
1414733
x-cache
HIT, HIT
content-length
18316
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200087-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 Mar 2023 13:38:42 GMT
x-timer
S1681000573.657085,VS0,VE2
etag
"641078e2-478c"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-cache-hits
68, 1
spin.js
media.supportingcast.fm/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.supportingcast.fm/js/spin.js?d=1680882449
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe5f5e7e72312bcccc4cb3e07f0a4f71d2b5785d28dda708ea469549f25b3853

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230074-FRA
date
Sun, 09 Apr 2023 00:36:12 GMT
via
1.1 varnish
cr-x-cache
HIT
last-modified
Fri, 07 Apr 2023 15:37:49 GMT
age
1587
x-timer
S1681000572.264943,VS0,VE1
etag
"9943f9004db8e4924549aea726b06bf9"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
content-length
3007
x-cache-hits
1
app.js
media.supportingcast.fm/js/ 		964 KB
965 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.supportingcast.fm/js/app.js?d=1680882449
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1435febd3bc68be174cf2541211b86bac9b10f84251a1a3a6167f60cea2c042

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230074-FRA
date
Sun, 09 Apr 2023 00:36:12 GMT
via
1.1 varnish
cr-x-cache
HIT
last-modified
Fri, 07 Apr 2023 15:37:49 GMT
age
1587
x-timer
S1681000572.322568,VS0,VE2
etag
"2a575afbfed9c2502a45ed7733755b58"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
content-length
987224
x-cache-hits
1
npr-plus.js
plus.npr.org/js/ 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plus.npr.org/js/npr-plus.js
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
969a5bf6b75701789e02055c579b31f157eea4c2f72c0d520796c2b9d21d4e9c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
1183
x-cache
HIT, HIT
content-length
51819
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000134-IAD, cache-fra-eddf8230027-FRA
cr-x-cache
HIT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 07 Apr 2023 15:37:34 GMT
x-timer
S1681000572.465309,VS0,VE88
etag
"643038be-ca6b"
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
436, 1
gtm.js
www.googletagmanager.com/ 		155 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N6D7B5G&l=gtmDataLayer
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f01b7e6976c8d08ba1d4c58ff41fa692e19c26c7cb88a27c71843b8d0e14d370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 00:36:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54961
x-xss-protection
0
last-modified
Sun, 09 Apr 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 09 Apr 2023 00:36:12 GMT
polyfill.min.js
polyfill.io/v3/ 		101 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=Object.assign%2CString.prototype.startsWith%2Cdocument.querySelector%2CURLSearchParams%2CReflect.apply%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CNumber.parseFloat%2CXMLHttpRequest%2ClocalStorage%2Chtml5shiv%2Cconsole.log%2Cconsole.error%2CSymbol.iterator%2CNodeList.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2Cfetch%2CPromise
Requested by
Host: media.supportingcast.fm
URL: https://media.supportingcast.fm/js/supportingcast_sdk.js?d=1680882449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plus.npr.org/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:36:12 GMT
age
2192437
detected-user-agent
Chrome/111.0.0
useragent_normaliser
chrome/111.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
last-modified
Sun, 05 Mar 2023 16:54:09 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/111.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
/
api.amplitude.com/ 		7 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: media.supportingcast.fm
URL: https://media.supportingcast.fm/js/app.js?d=1680882449
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.12.237.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-12-237-161.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://plus.npr.org/
Cross-Origin-Resource-Policy
cross-origin
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Apr 2023 00:36:13 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-6432087d-6d1ef9fe29dbaea749a72906
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
/
api.amplitude.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.12.237.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-12-237-161.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
cross-origin-resource-policy
Access-Control-Request-Method
POST
Origin
https://plus.npr.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
cross-origin-resource-policy
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Sun, 09 Apr 2023 00:36:13 GMT
strict-transport-security
max-age=15768000
recommendations
api.npr.org/stationfinder/v3/stations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.npr.org/stationfinder/v3/stations/recommendations?nprPlusBundle=true
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
216.35.221.71 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://plus.npr.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers
origin, accept, content-type, authorization, x-http-method-override, x-pingother, x-requested-with, if-match, if-modified-since, if-none-match, if-unmodified-since
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
tag, link, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes
Cache-Control
max-age=0
Connection
Keep-Alive
Content-Length
0
Content-Type
text/plain;;charset=UTF-8
Date
Sun, 09 Apr 2023 00:36:13 GMT
Expires
Sun, 09 Apr 2023 00:36:13 GMT
Keep-Alive
timeout=5, max=4906
Server
Apache/2.4.25 (Debian)
X-Frame-Options
DENY
X-Powered-By
PHP/7.4.14
X-Robots-Tag
noindex
X-Served-By
prod-web-42
recommendations
api.npr.org/stationfinder/v3/stations/ 		303 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.npr.org/stationfinder/v3/stations/recommendations?nprPlusBundle=true
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/js/npr-plus.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
216.35.221.71 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
baea8197f255cf37931f59903a7d2005f05d5388e8f5a7055dd1976e2483d4cb
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://plus.npr.org/
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Served-By
prod-web-44
Date
Sun, 09 Apr 2023 00:36:13 GMT
Server
Apache/2.4.25 (Debian)
X-Powered-By
PHP/7.4.14
X-Frame-Options
DENY
Content-Type
application/json;
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
Keep-Alive
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=4800
Content-Length
303
Expires
Sun, 09 Apr 2023 00:36:13 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6D7B5G&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 09 Apr 2023 00:05:25 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1848
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sun, 09 Apr 2023 02:05:25 GMT
gtm.js
www.googletagmanager.com/ 		192 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHZ4W3X&l=gtmDataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6D7B5G&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc095269198baa20d63ce77282d7abd0c2e9450c5d1fd0f37ef0e885d1641be9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 00:36:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70303
x-xss-protection
0
last-modified
Sun, 09 Apr 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 09 Apr 2023 00:36:12 GMT
gtm.js
www.googletagmanager.com/ 		149 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSR2B4H&l=gtmDataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6D7B5G&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ca23ec57bd673438fa0cbebfcc1b77178fc873aba8df49aa7073ad15aa171ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 00:36:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52749
x-xss-protection
0
last-modified
Sun, 09 Apr 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 09 Apr 2023 00:36:12 GMT
ping.min.js
cdn.pdst.fm/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 00:23:08 GMT
content-encoding
gzip
age
785
x-guploader-uploadid
ADPycdtoMp3dWogtvLPa7hRxZ8a4yBVZ9zVcs8IMn1MY56gM_6BTIizk9uNQ0j_mDZniMakc99vTNjeATparE4DsfddwGQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5774
last-modified
Fri, 28 May 2021 20:34:03 GMT
server
UploadServer
etag
"d001d1c9f5a942fa5524eeacb047e819"
vary
Accept-Encoding
x-goog-generation
1622234043862937
x-goog-hash
crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5774
accept-ranges
bytes
content-type
application/javascript;
expires
Sun, 09 Apr 2023 01:23:08 GMT
js
www.googletagmanager.com/gtag/ 		185 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XK44GJHVBE&l=gtmDataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6D7B5G&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8ca3d24d27b2de671cd2f94ce74dc88ac5d6a60a99c03c0a12c5f5601c3da601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 00:36:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69372
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 09 Apr 2023 00:36:12 GMT
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://plus.npr.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
gzip
content-length
22
content-type
text/html; charset=utf-8
date
Sun, 09 Apr 2023 00:36:13 GMT
etag
W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id
sgbzqwveysbh
server
Google Frontend
x-cloud-trace-context
cd44eddfd6314572ad47dabf8e34bade
x-powered-by
Express
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by
Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
application/json
Referer
https://plus.npr.org/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 09 Apr 2023 00:36:13 GMT
server
Google Frontend
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by
Express
access-control-allow-methods
GET, POST
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
d520055140bf84d6901e794ae9241a5a
function-execution-id
yyn0a4imscic
access-control-allow-headers
Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
stats.g.doubleclick.net/j/ 		4 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-5828686-4&cid=557460769.1681000573&jid=2007521416&gjid=1719833575&_gid=1607542347.1681000573&_u=YGBAgEABAAAAAEAAI~&z=112866095
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plus.npr.org/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 09 Apr 2023 00:36:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plus.npr.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1660003639&t=pageview&_s=1&dl=https%3A%2F%2Fplus.npr.org%2F&ul=en-us&de=UTF-8&dt=NPR%20Plus%20%7C%20Membership&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAAAAAI~&jid=2007521416&gjid=1719833575&cid=557460769.1681000573&tid=UA-5828686-4&_gid=1607542347.1681000573&gtm=45He3430n81N6D7B5G&z=899545310
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Apr 2023 19:33:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18161
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CNnMqZDHm_4CFabMOwIdiycBww;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2Fplus.npr.org%2F
11390690.fls.doubleclick.net/ Frame 1A65
Redirect Chain
  • https://11390690.fls.doubleclick.net/activityi;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2Fplus.npr.org%2F?
  • https://11390690.fls.doubleclick.net/activityi;dc_pre=CNnMqZDHm_4CFabMOwIdiycBww;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2F...
480 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11390690.fls.doubleclick.net/activityi;dc_pre=CNnMqZDHm_4CFabMOwIdiycBww;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2Fplus.npr.org%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSR2B4H&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
f72e07d30a201b8acbabd768b8967522bf6997915e4e3f57ab8e09460e9c6f7f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plus.npr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
271
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Apr 2023 00:36:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Apr 2023 00:36:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11390690.fls.doubleclick.net/activityi;dc_pre=CNnMqZDHm_4CFabMOwIdiycBww;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2Fplus.npr.org%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 09 Apr 2023 00:36:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27909
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
h5LDTnSxmRHK0HIzJF6CF5KSRK1pn6Y/Q0ZGp9Qfso+Wv4bDjNdimVTcgYST2KsopzlkOsW4yXHJG6zxrN72WQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		0
0
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHZ4W3X&l=gtmDataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sun, 09 Apr 2023 00:36:12 GMT
last-modified
Thu, 16 Feb 2023 18:31:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 178E4F3457ED4CB1B0DFF2EAE909FA4B Ref B: FRAEDGE1519 Ref C: 2023-04-09T00:36:13Z
etag
"8072cff03442d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11894
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/805131419/ 		0
0
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XK44GJHVBE&cid=557460769.1681000573&gtm=45je3430&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XK44GJHVBE&l=gtmDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Apr 2023 00:36:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plus.npr.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fi/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XK44GJHVBE&cid=557460769.1681000573&gtm=45je3430&aip=1&z=1243311742
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Apr 2023 00:36:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-5828686-4&cid=557460769.1681000573&jid=2007521416&_u=YGBAgEABAAAAAEAAI~&z=53065670
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Apr 2023 00:36:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fi/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-5828686-4&cid=557460769.1681000573&jid=2007521416&_u=YGBAgEABAAAAAEAAI~&z=53065670
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Apr 2023 00:36:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
448121793258601
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/448121793258601?v=2.9.100&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87dcfa9ee516ddc5a18495d83ea4ea38a86984ef14c7f715521b2d8799b2534d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 09 Apr 2023 00:36:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110316
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
I5d/zDezoBxuLXZTRD54djh/jUdh6e764uY3v/lMuoLsxoCAozLd40Hwk2GmmYNb3dsDc6xmDNwhJZTRGu1KIQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
149007383.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/149007383.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4f3382555e3e31317df6cb3c1e9932fb38e4b3ad9618ff0812b2f104c5bd9c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sun, 09 Apr 2023 00:36:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 85D84F0E7EC243D395F1C6C48687F84B Ref B: FRAEDGE1519 Ref C: 2023-04-09T00:36:13Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
content-length
1498
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=149007383&tm=gtm002&Ver=2&mid=b4322432-abba-4aad-ac7b-cb5e3a0b8030&sid=87f11fc0d66e11ed9c885d77a0c53f09&vid=87f14450d66e11edbfc5c149ed2875f9&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=NPR%20Plus%20%7C%20Membership&p=https%3A%2F%2Fplus.npr.org%2F&r=&lt=2482&evt=pageLoad&sv=1&rn=209876
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 09 Apr 2023 00:36:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F44CF6C874E04FABA2C228A9F9B94F0F Ref B: FRAEDGE1519 Ref C: 2023-04-09T00:36:13Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CNnMqZDHm_4CFabMOwIdiycBww;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2Fplus.npr.org%2F
adservice.google.com/ddm/fls/i/ Frame 15EB 		479 B
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CNnMqZDHm_4CFabMOwIdiycBww;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2Fplus.npr.org%2F
Requested by
Host: 11390690.fls.doubleclick.net
URL: https://11390690.fls.doubleclick.net/activityi;dc_pre=CNnMqZDHm_4CFabMOwIdiycBww;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2Fplus.npr.org%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2be58a0994adc28899724397f92579f720b2180aa9cac0a4ca5bdd7b2ba62f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://11390690.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
270
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Apr 2023 00:36:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448121793258601&ev=PageView&dl=https%3A%2F%2Fplus.npr.org%2F&rl=&if=false&ts=1681000573514&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1681000573512.252484783&it=1681000573333&coo=false&rqm=GET
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 09 Apr 2023 00:36:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
149007383
www.clarity.ms/tag/uet/ 		0
0
dc_pre=CNnMqZDHm_4CFabMOwIdiycBww;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2Fplus.npr.org%2F
adservice.google.fi/ddm/fls/i/ Frame E68D 		194 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fi/ddm/fls/i/dc_pre=CNnMqZDHm_4CFabMOwIdiycBww;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2Fplus.npr.org%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNnMqZDHm_4CFabMOwIdiycBww;src=11390690;type=nprpl0;cat=page-0;ord=2879881352802;gtm=45He3430;auiddc=1291581455.1681000573;~oref=https%3A%2F%2Fplus.npr.org%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Apr 2023 00:36:13 GMT
expires
Sun, 09 Apr 2023 00:36:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448121793258601&ev=Microdata&dl=https%3A%2F%2Fplus.npr.org%2F&rl=&if=false&ts=1681000574017&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NPR%20Plus%20%7C%20Membership%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fplus.npr.org%22%2C%22og%3Atitle%22%3A%22NPR%20Plus%20%7C%20Membership%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.supportingcast.fm%2Fcontent%2F401b41b3-4f8a-4ede-82fa-0093c467a809.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1681000573512.252484783&it=1681000573333&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: plus.npr.org
URL: https://plus.npr.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://plus.npr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 09 Apr 2023 00:36:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.tiktok.com
URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF8PBLJC77U9H3ERNJCG&lib=ttq
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805131419/?random=1681000573149&cv=11&fst=1681000573149&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fplus.npr.org%2F&hn=www.googleadservices.com&frm=0&tiba=NPR%20Plus%20%7C%20Membership&auid=1291581455.1681000573&uamb=0&uaw=0&rfmt=3&fmt=4
Domain
www.clarity.ms
URL
https://www.clarity.ms/tag/uet/149007383

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| gtmDataLayer string| snid string| stripe_country string| stripe_currency function| SupportingCastSDK function| SupportingCastPaymentForm function| StripeElements object| webpackChunk object| __core-js_shared__ object| core function| ImageUploader object| intlTelInputGlobals number| uidEvent object| flash object| tabs function| axios function| Vue object| scApp object| __AMPLITUDE__ object| amplitude object| amplitudeEventHandler object| SupportingCastApi object| ScPostUrlHandler object| SupportingCastS3Uploader object| spin object| amplitude_instance object| analyticsConnectorInstances object| nprApi object| nav object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| pdst object| gaplugins object| gaGlobal object| gaData function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_41c02c40a1 object| uetq

14 Cookies

Domain/Path Name / Value
plus.npr.org/ Name: XSRF-TOKEN
Value: eyJpdiI6IjNrUGZWVHg2c09uMVArYmlrUlVKeFE9PSIsInZhbHVlIjoiTkZxdWx1Q1JMRG1va0VXYWVnUXlYaVgyeHNjZ1Z5RExVRVBjOWJCekdvUGZ2NVZiRWl3Z3JOVklmMk9GYVNXSFYvcFcyNGJWQlFwNEtBc1pHbW4rVzZqeUptTFpNSUFKTFZDMFg2ZjFvN01IM2lrUXMwalBjUHVldDRDWHk5clYiLCJtYWMiOiI1MGQwMDUxNDFhMTk0YjJhNjFjYjVhZjQ1MjZhYzU0NTNkNjdhZDEzMDE2YzcxMzlhOTRiNWZhOTQ4M2RmMmJjIiwidGFnIjoiIn0%3D
plus.npr.org/ Name: laravel_session
Value: eyJpdiI6IjZZMnUwdHVxVS9meGtxbVZ4aTRwSGc9PSIsInZhbHVlIjoibllRWlozeDJQZWRhOEdqbWZFLzBxbjAvam5UMUt1RVlMdTJXMmZ0emdSVVJ1ZDZMd3gzV3l2bHhOaHJNR2prWFBkOGVpZWZGRCtjZVN4WUk4dUFBbUU0OXNXeTM3bzBCTldxcEk0aGpVRXBVZ2w1WVJDTFNSN3VZZis0bVI4RCsiLCJtYWMiOiJjNzdmMjU5NjAwNTczZTk1NmJiY2FjMWI1M2ZhZDJkMzFiOGYwM2I4NWVlYWM1NjI4NjE1ZDk2YjQ3MmFiOTQ2IiwidGFnIjoiIn0%3D
.npr.org/ Name: amp_6045bd
Value: W1WTetXf_dnoOalezPh7cW...1gthn29qg.1gthn29qi.1.0.1
plus.npr.org/ Name: __pdst
Value: 14a819765192423ea37b6a8926129493
.npr.org/ Name: _gid
Value: GA1.2.1607542347.1681000573
.npr.org/ Name: _dc_gtm_UA-5828686-4
Value: 1
.npr.org/ Name: _gcl_au
Value: 1.1.1291581455.1681000573
.npr.org/ Name: _ga_XK44GJHVBE
Value: GS1.1.1681000573.1.0.1681000573.60.0.0
.npr.org/ Name: _ga
Value: GA1.1.557460769.1681000573
.npr.org/ Name: _uetsid
Value: 87f11fc0d66e11ed9c885d77a0c53f09
.npr.org/ Name: _uetvid
Value: 87f14450d66e11edbfc5c149ed2875f9
.bing.com/ Name: MUID
Value: 37C130BAADC66A69260C2254ACAD6B1A
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.npr.org/ Name: _fbp
Value: fb.1.1681000573512.252484783

8 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: geolocation. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
javascript warning URL: https://media.supportingcast.fm/js/supportingcast_sdk.js?d=1680882449(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://polyfill.io/v3/polyfill.min.js?features=Object.assign%2CString.prototype.startsWith%2Cdocument.querySelector%2CURLSearchParams%2CReflect.apply%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CNumber.parseFloat%2CXMLHttpRequest%2ClocalStorage%2Chtml5shiv%2Cconsole.log%2Cconsole.error%2CSymbol.iterator%2CNodeList.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2Cfetch%2CPromise, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://media.supportingcast.fm/js/supportingcast_sdk.js?d=1680882449(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://polyfill.io/v3/polyfill.min.js?features=Object.assign%2CString.prototype.startsWith%2Cdocument.querySelector%2CURLSearchParams%2CReflect.apply%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CNumber.parseFloat%2CXMLHttpRequest%2ClocalStorage%2Chtml5shiv%2Cconsole.log%2Cconsole.error%2CSymbol.iterator%2CNodeList.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2Cfetch%2CPromise, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error (Line 1)
Message:
Refused to load the script 'https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF8PBLJC77U9H3ERNJCG&lib=ttq' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHZ4W3X&l=gtmDataLayer(Line 52)
Message:
Refused to load the script 'https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805131419/?random=1681000573149&cv=11&fst=1681000573149&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fplus.npr.org%2F&hn=www.googleadservices.com&frm=0&tiba=NPR%20Plus%20%7C%20Membership&auid=1291581455.1681000573&uamb=0&uaw=0&rfmt=3&fmt=4' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-XK44GJHVBE&l=gtmDataLayer&cx=c(Line 50)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-XK44GJHVBE&gtm=45je3430&_p=1660003639&_gaz=1&cid=557460769.1681000573&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681000573&sct=1&seg=0&dl=https%3A%2F%2Fplus.npr.org%2F&dt=NPR%20Plus%20%7C%20Membership&en=page_view&_fv=1&_ss=1' because it violates the following Content Security Policy directive: "connect-src 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com".
security error URL: https://bat.bing.com/p/action/149007383.js(Line 30)
Message:
Refused to load the script 'https://www.clarity.ms/tag/uet/149007383' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com data:;form-action *.supportingcast.fm plus.npr.org docs.google.com connect.stripe.com *.supportingcast.fm;img-src * data:;media-src * data:;connect-src 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;style-src 'unsafe-inline' 'self' api.npr.org *.amplitude.com *.fontawesome.com *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com *.mouseflow.com polyfill.io analytics.google.com *.npr.org us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm bat.bing.com googleadservices.com stats.g.doubleclick.net sink.pdst.fm *.supportingcast.fm plus.npr.org supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com;frame-src *;frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11390690.fls.doubleclick.net
adservice.google.com
adservice.google.fi
analytics.tiktok.com
api.amplitude.com
api.npr.org
bat.bing.com
cdn.pdst.fm
connect.facebook.net
googleads.g.doubleclick.net
media.supportingcast.fm
plus.npr.org
polyfill.io
s3.amazonaws.com
stats.g.doubleclick.net
us-central1-adaptive-growth.cloudfunctions.net
use.fontawesome.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fi
www.googletagmanager.com
analytics.tiktok.com
googleads.g.doubleclick.net
www.clarity.ms
142.250.186.70
151.101.130.133
151.101.2.217
2001:4860:4802:34::178
2001:4860:4802:36::36
216.35.221.71
2606:4700:e2::ac40:840f
2620:1ec:c11::200
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:813::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:400c:c07::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::282
35.244.142.80
52.12.237.161
54.231.139.24
00f4c00f8c0d490fc07da00e08974b58d451461aa375f67d01755031aa5880bb
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06dd4182eba8ec8d27a11a9854cf50a92e743c09f4524fd8b0fa8d2214a8680d
0c2be58a0994adc28899724397f92579f720b2180aa9cac0a4ca5bdd7b2ba62f
0c51e8ed90aadca79be5dc5d0c68896d33bb0874e123702286a687515ae47142
132d4ca218b05f0808ef3871bf6462e84e97ab9c7a5a2d6ca2be961a9bd082e7
21cc8dcc72ed316a038fc267308fbb3b75581600876f59019e05afdae6d14c15
21dc690c0425157582fa108407ff628954398305ee35acbb6f17b35aceb4ae94
26acc7255f577a53c63eb69f2efe25c47ce6b3c53a8b87835dc0aa013799254b
2e6e23969c9c1dea7e5e9872739c3a286871a6be5f3d5210b9c0673666594033
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
3300651c20f801c69b1e7ed73e3ea32d00e9b1df14d2f13dd1c72cf28ecde8bc
40330f009e54ccd36fc867e0601af72695e5ade1f9dc01712bbbad913d7102da
4ca23ec57bd673438fa0cbebfcc1b77178fc873aba8df49aa7073ad15aa171ee
5924ae8d6b1620b7e637f43c64f546da193cae58fe2b6d932169ee80cd754842
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
613aed1d93f5d0a60204b31742b75d63ddd5e3d0885303af51620a572bda5495
6efe6ebe9d13b6315c526a9acf520b66b58c05de10cfa49fc640d9b8ae4be558
76ec799209058566b88410e0a6ee331f4a1dabbcad92c9092b516015607ea1ca
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87dcfa9ee516ddc5a18495d83ea4ea38a86984ef14c7f715521b2d8799b2534d
8ca3d24d27b2de671cd2f94ce74dc88ac5d6a60a99c03c0a12c5f5601c3da601
952eebe11dbb1784efb0b6e7783a74f8bc7c599182bb5324c07ef6736b9abeb5
969a5bf6b75701789e02055c579b31f157eea4c2f72c0d520796c2b9d21d4e9c
99fe712ed438697d27cdd08e079f51b04ea862d17ed0998ca1301d49e36d6bd2
9d1bff4e9d97c15b80610234c80fb9e173d813dd63dd99ac4c4ea04a0a305c84
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9e570bcdfa49dcf95172e81975d6694df257ddf0ffcc3df360824762a9f8867e
a01538fdb25dc6fc93fda7912dabf7d9591c41693df6e6a36e2c71271990da96
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b3b5519e7a63f6d8ce7c5abed5b3d753c3e58c4e349ce0ff58b1ed67f3776b7e
baea8197f255cf37931f59903a7d2005f05d5388e8f5a7055dd1976e2483d4cb
bbef37ff761dac2a1fa9959b29ce5f890c8822e487a18c65dbcdc1a6a7414ff4
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cc095269198baa20d63ce77282d7abd0c2e9450c5d1fd0f37ef0e885d1641be9
d1435febd3bc68be174cf2541211b86bac9b10f84251a1a3a6167f60cea2c042
d5d992942668fb5fe0bfb51edebec0fcbdc7b8e3439c735810d43e9ff312edaf
d7417fb9ac2bcfe34cef46801b9531caee261d3b9ffc799e110a86a36cd89adf
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
da81666807eee6bef59283c22568c46119e0603e4664c1c3dccfa2d73f1179fe
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eccc141fdfbf8eaf7a748d706e31ef1e9178ab184fac6f2244f3f06d712e8077
ed69178bcad62774d14e1d2e1ab82d7b77f9ed1b978061ef2351d92372c510d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01b7e6976c8d08ba1d4c58ff41fa692e19c26c7cb88a27c71843b8d0e14d370
f32342bc3924912686f8bfae763f2be055b4450078567e400f0c9a443340d7fb
f4f3382555e3e31317df6cb3c1e9932fb38e4b3ad9618ff0812b2f104c5bd9c0
f72e07d30a201b8acbabd768b8967522bf6997915e4e3f57ab8e09460e9c6f7f
fe5f5e7e72312bcccc4cb3e07f0a4f71d2b5785d28dda708ea469549f25b3853