www.crainsdetroit.com Open in urlscan Pro
2606:4700::6812:b93b  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

• https://crain-com.videoplayerhub.com/galleryloader.js HTTP 301
• https://btloader.com/tag?h=crain-com&upapi=true

Request Chain 65

• https://cm.everesttech.net/cm/dd?d_uuid=15690120270934384333801962937290028283 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zob7lAAAAJLSBgN-

Request Chain 97

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1720122260395&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1720122260395&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&e_ipv6=AQIqlZb5oioo4AAAAZB_RrxwXudt2BaK_-40pRglDEctdQBwklx7ERLH2o_M-x07zY-JCjcQ

230 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request flagstar-bank-paid-1-million-bitcoin-ransomware-group Show response www.crainsdetroit.com/banking-finance/	224 KB 41 KB	3028ms 2884ms	Document text/html	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21588c05c59e5d3a6b81eb4c09d6b9a7c40a37620adc872d6af2e4c1bde30be0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers cache-control public, max-age=43200 cf-cache-status MISS cf-ray 89e19be70fac5bf5-FRA content-encoding br content-language en content-type text/html; charset=UTF-8 date Thu, 04 Jul 2024 19:44:19 GMT expires Fri, 05 Jul 2024 07:44:19 GMT last-modified Thu, 04 Jul 2024 19:44:16 GMT server cloudflare vary X-Acquia-Cookie-A,Accept-Encoding via varnish x-ah-environment prod x-cache MISS x-content-type-options nosniff x-drupal-dynamic-cache MISS x-frame-options SAMEORIGIN x-generator Drupal 9 (https://www.drupal.org) x-request-id v-cc619f10-3a3d-11ef-93b2-b77f1a02fbf8 x-ua-compatible IE=edge
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	98 KB 31 KB	167ms 82ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash ca0516e1d662ae7298dead9fefa408902be25bec575786dbd693e6ea94c85e10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31387 x-xss-protection 0 server cafe etag 115 / 19908 / 31085076 / config-hash: 7963625485320637285 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 04 Jul 2024 19:44:19 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	196 KB 71 KB	151ms 55ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-2717831-1 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7b5639d21e7eb9e7827cfb5b4c06758baa8ee77c56ad8634d76c65986d727b64 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:19 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72739 x-xss-protection 0 last-modified Thu, 04 Jul 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 04 Jul 2024 19:44:19 GMT
GET H2	200	chartbeat_mab.js Show response static.chartbeat.com/js/	24 KB 10 KB	156ms 45ms	Script application/x-javascript	2600:9000:2646:1000:18:1fcd:354:4b41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat_mab.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2646:1000:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 16:30:33 GMT content-encoding gzip via 1.1 f7bf54ada21ef4f1f7e0646051894136.cloudfront.net (CloudFront) last-modified Thu, 21 Dec 2023 01:18:23 GMT server nginx x-amz-cf-pop FRA60-P5 age 11626 etag W/"6583925f-5f13" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=86400 cross-origin-resource-policy cross-origin x-amz-cf-id WF38zR58wlreose4s1Ulpr-dLuqvwt--Hw2DUZ-LdkDbnwLKNkzi3Q== expires Fri, 05 Jul 2024 16:30:33 GMT
GET H2	200	launch-ef0d5546c26e.min.js Show response assets.adobedtm.com/05852ba8023b/f33085ef03e5/	269 KB 83 KB	138ms 42ms	Script application/x-javascript	2a02:26f0:3500:58f::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 24fcce4d063676374643817ec12847f4e45921ec95d36643dc825c361dcc9241 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:19 GMT content-encoding gzip last-modified Mon, 26 Feb 2024 11:48:23 GMT server AkamaiNetStorage etag "581b777219121cbe79e4869e8393f24d:1708948103.492676" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://www.crainsdetroit.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 84428 expires Thu, 04 Jul 2024 20:44:19 GMT
GET H2	200	css2 fonts.googleapis.com/	14 KB 994 B	141ms 50ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,300;0,400;0,500;0,700;0,800;0,900;1,300;1,400;1,500;1,700;1,800;1,900&display=swap Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4753efaa55ec4381d4b4b320f2cec85ebce4577de533e6e24553b4fe34204022 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Thu, 04 Jul 2024 19:44:19 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Thu, 04 Jul 2024 19:44:19 GMT
GET H2	200	css_cYF_2YL8sAlaENU47p4IqsUWgZWDJ_w4EDlgkP7Clco.css www.crainsdetroit.com/sites/cdb_rd/files/css/	116 KB 20 KB	69ms 67ms	Stylesheet text/css	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/css/css_cYF_2YL8sAlaENU47p4IqsUWgZWDJ_w4EDlgkP7Clco.css Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f16b2e30683a52ca6705b0a7a5855090e02bd4267cd834ebd1f465c779f37db Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 14 date Thu, 04 Jul 2024 19:44:19 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 300826 cf-polished origSize=119927 x-cache HIT x-ah-environment prod x-request-id v-8c460856-377e-11ef-96b3-1b2993e04f1e cf-bgj minify last-modified Mon, 01 Jul 2024 07:42:14 GMT server cloudflare vary Accept-Encoding content-type text/css cache-control max-age=1209600 cf-ray 89e19bf92b545bf5-FRA expires Mon, 15 Jul 2024 07:50:13 GMT
GET H3	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/	100 KB 19 KB	124ms 57ms	Stylesheet text/css	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:19 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1188569 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 18861 last-modified Fri, 01 Dec 2023 00:32:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "65692999-49ad" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gA0eHgV1KXY2fbhMuKn1m%2FELkIGXYaTBu6pHUYFWMd82OGVwVboW6UzDxUY4Xv57b8dIH0K8fRrr2AdYChUTFku%2FxNYQRfkNfNU%2B%2BrRrdB%2BGOzcigZWqhoojynKPUbdBYU%2BbHfoU"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 89e19bf98d5b65a3-FRA expires Tue, 24 Jun 2025 19:44:19 GMT
GET H2	200	css_5sAHPoi8qvpXdE2cc_zRbfD8pdsVBWWbQ6EAvYcQUgQ.css www.crainsdetroit.com/sites/cdb_rd/files/css/	193 KB 32 KB	72ms 70ms	Stylesheet text/css	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/css/css_5sAHPoi8qvpXdE2cc_zRbfD8pdsVBWWbQ6EAvYcQUgQ.css Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e581f074b59893dddf29fb35ce7427f3f4e99c2e13d104cf5f4ef4d7fb68cc61 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 235 date Thu, 04 Jul 2024 19:44:19 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 785639 cf-polished origSize=198359 x-cache HIT x-ah-environment prod x-request-id v-f1ad20d4-1f1a-11ef-988d-a70f16ffdd7e cf-bgj minify last-modified Thu, 16 May 2024 07:55:04 GMT server cloudflare vary Accept-Encoding content-type text/css cache-control max-age=1209600 cf-ray 89e19bf92b565bf5-FRA expires Thu, 27 Jun 2024 11:25:21 GMT
GET H2	200	js_lyb0K5ITaniwcgo-uFqLgufjqgYVW6mPAkzWFQRWKOQ.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	93 KB 33 KB	70ms 69ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_lyb0K5ITaniwcgo-uFqLgufjqgYVW6mPAkzWFQRWKOQ.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d598b11113ca13e57538e85b580e0135467c25fbbf1f60f248dcadac20e86fad Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 267 date Thu, 04 Jul 2024 19:44:19 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 783038 cf-polished origSize=97739 x-cache HIT x-ah-environment prod x-request-id v-e62d50c4-1f17-11ef-b1fe-033391e69b17 cf-bgj minify last-modified Mon, 17 Jul 2023 11:14:58 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 89e19bf92b585bf5-FRA expires Thu, 27 Jun 2024 11:04:08 GMT
GET H2	200	moatheader.js Show response z.moatads.com/crainprebidheader782626518086/	273 KB 94 KB	141ms 42ms	Script application/x-javascript	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/crainprebidheader782626518086/moatheader.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software / Resource Hash 34bf08ff219b36887d4a53ab9eedf7858aff5d0d624d1ae67e475f90fe6771be Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Thu, 04 Jul 2024 19:44:19 GMT content-md5 UNCYPanZs4RvGIeChPezww== storage-tier Standard content-length 95605 opc-meta-btime 2024-04-22T05:24:19Z opc-meta-mtime 1713763459 last-modified Mon, 22 Apr 2024 19:37:09 GMT opc-request-id iad-1:Wk37OjWyGoar0PI15_xdU-T06TL8-shVyH0aAXHG2ZOoWKgqw71kw2bV4p83zlDG x-api-id native etag 7e2283bf-a8c3-40c1-afbd-18eaf15101b4 vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 5646b131-02d3-45e2-a2b7-6379564833c5 access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=29936 access-control-allow-credentials true accept-ranges bytes
GET H2	200	js_954lV8Ki6AP6yA3A6MvYfEsTL54ijdEl-FolfnmMi2s.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	2 KB 807 B	110ms 109ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_954lV8Ki6AP6yA3A6MvYfEsTL54ijdEl-FolfnmMi2s.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 476f3ea93ecf3d5a3d04f9ec7264d9be07c55792cae459e1e056d668fbe0eb1c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 278 date Thu, 04 Jul 2024 19:44:19 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 782825 cf-polished origSize=2710 x-cache HIT x-ah-environment prod x-request-id v-15bd63ac-1f17-11ef-92c5-977752b5b63a cf-bgj minify last-modified Mon, 17 Jul 2023 11:14:58 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 89e19bf92b5a5bf5-FRA expires Thu, 27 Jun 2024 12:04:23 GMT
GET H2	200	js_-QM9b70ms9vwfnmLPrfosaU6dnxAznojaeO3JCOcMSs.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	2 KB 703 B	111ms 110ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_-QM9b70ms9vwfnmLPrfosaU6dnxAznojaeO3JCOcMSs.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7429f8084c66cf882a7e96a4afcf207df7c77483f13a91ec7333887392dc346a Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 335 date Thu, 04 Jul 2024 19:44:19 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 919106 cf-polished origSize=4073 x-cache HIT x-ah-environment prod x-request-id v-12ede744-297d-11ef-8042-130604f44069 cf-bgj minify last-modified Mon, 17 Jul 2023 11:14:58 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 89e19bf92b5c5bf5-FRA expires Thu, 27 Jun 2024 12:04:23 GMT
GET H2	200	adobe_launch_dtm_init.js Show response www.crainsdetroit.com/modules/contrib/adobe_launch/js/	67 B 241 B	427ms 426ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/modules/contrib/adobe_launch/js/adobe_launch_dtm_init.js?sfxuxi Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d986b35a59fa7cdf953a4b6e5ad899b3d9ebfed1501c01a385f67c22e3690a0a Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 2 date Thu, 04 Jul 2024 19:44:19 GMT via varnish x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding br cf-polished origSize=196 x-cache HIT x-ah-environment prod x-request-id v-20b959ac-378e-11ef-bd46-fbd219b7e05f cf-bgj minify last-modified Tue, 17 May 2022 04:18:03 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control public, max-age=1209600 cf-ray 89e19bf92b605bf5-FRA expires Thu, 18 Jul 2024 19:44:19 GMT
GET H2	200	email-decode.min.js Show response www.crainsdetroit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 801 B	48ms 47ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:19 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 04 Jul 2024 09:57:52 GMT server cloudflare etag W/"66867220-4d7" vary Accept-Encoding x-frame-options DENY content-type application/javascript cache-control max-age=172800, public cf-ray 89e19bf99bd45bf5-FRA expires Sat, 06 Jul 2024 19:44:19 GMT
GET H2	200	index.js Show response tags.remixd.com/player/v5/	34 KB 10 KB	134ms 44ms	Script text/javascript	18.66.122.52 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.remixd.com/player/v5/index.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.52 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-52.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:19 GMT content-encoding gzip via 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P2 age 18 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 10041 last-modified Tue, 31 Oct 2023 15:34:26 GMT server AmazonS3 etag "57b6f8ad4125903b7e06bb427c232d10" vary Accept-Encoding content-type text/javascript cache-control public,max-age=1800 accept-ranges bytes x-amz-cf-id LXLcrZ3HHAUX-vZtFTscp99RCAAe-wCJkNJz0gAkmsZc6WCKaoVmuw==
GET H2	200	js_O40j1Rj3SRByEkq45U7DZLlm2gVdyVYzPfFrl_gpJOM.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	156 KB 46 KB	73ms 71ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_O40j1Rj3SRByEkq45U7DZLlm2gVdyVYzPfFrl_gpJOM.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1fcef0716825e85fb5a12018e61d82ba24f358254c0f6ed5cb1bae3d3a920904 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 241 date Thu, 04 Jul 2024 19:44:19 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 780665 cf-polished origSize=213514 x-cache HIT x-ah-environment prod x-request-id v-42b99f5a-1f1d-11ef-b906-cb394fd5b9f4 cf-bgj minify last-modified Mon, 18 Mar 2024 09:35:43 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 89e19bf99bd65bf5-FRA expires Thu, 27 Jun 2024 12:04:23 GMT
GET H2	200	crain_pelcro_user.js Show response www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/	25 KB 7 KB	436ms 434ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/crain_pelcro_user.js?sfxuxi Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c37c8810ea07ed8714faeac29f84685d20947a848d1586f94f46f352e15dc2fd Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT via varnish x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding br cf-polished origSize=36497 x-cache MISS x-ah-environment prod x-request-id v-20d900f4-378e-11ef-a5b0-e32626d14f00 cf-bgj minify last-modified Tue, 25 Jun 2024 09:35:34 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control public, max-age=1209600 cf-ray 89e19bfbde2b5bf5-FRA expires Thu, 18 Jul 2024 19:44:20 GMT
GET H2	200	crain_pelcro_order.js Show response www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/	1 KB 728 B	433ms 431ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/crain_pelcro_order.js?sfxuxi Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c03d980fed6f86344148c1d33e311ffe17b84985ec47519e62556e3dd82d8f7f Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 333 date Thu, 04 Jul 2024 19:44:20 GMT via varnish x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding br cf-polished origSize=1938 x-cache HIT x-ah-environment prod x-request-id v-20f51686-378e-11ef-b5ae-73cbcc8a5ef8 cf-bgj minify last-modified Mon, 06 Mar 2023 09:00:01 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control public, max-age=1209600 cf-ray 89e19bfbde2e5bf5-FRA expires Thu, 18 Jul 2024 19:44:20 GMT
GET H2	200	js_VeG6sdB9KL0SkygnV0snWskL9yUMtW92OpsiUoSkmSk.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	2 MB 507 KB	79ms 78ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_VeG6sdB9KL0SkygnV0snWskL9yUMtW92OpsiUoSkmSk.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b748edd58399eeaa025144ec3dd6da3bc75e4f2b5aeafa2ee8372d1e666dee06 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 22 date Thu, 04 Jul 2024 19:44:19 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 299399 cf-polished origSize=2046142 x-cache HIT x-ah-environment prod x-request-id v-8c451bb2-377e-11ef-83c2-17dd0adc5be8 cf-bgj minify last-modified Mon, 01 Jul 2024 07:27:27 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 89e19bf99bda5bf5-FRA expires Mon, 15 Jul 2024 07:50:13 GMT
GET H2	200	main.min.js Show response js.pelcro.com/sdk/	305 KB 88 KB	145ms 44ms	Script text/javascript	2600:9000:2491:f200:c:b42a:3740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.pelcro.com/sdk/main.min.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:f200:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 487bcaab8332911b0f473f9ab02c4fe8a85aa61d66b6290e0526640d026374e5 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 06:51:16 GMT content-encoding gzip via 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P7 age 47079 x-amz-server-side-encryption AES256 x-amz-meta-sha256 SHvKq4MykRsPRz+asCxP6Khaph1mtikOBSZkDQJjdOU= x-cache Hit from cloudfront x-amz-meta-sha384 F2eh+OHzha/HxsT43mjilliKj5gtj1mkWnTb3GaLzZ49OWoWXQfV2VoNcymaQDkd last-modified Fri, 26 Apr 2024 12:16:47 GMT server AmazonS3 etag W/"1b0c047b9cf39f0866aeda927ac384ff" vary Accept-Encoding content-type text/javascript; charset=utf-8 x-amz-meta-md5 1b0c047b9cf39f0866aeda927ac384ff x-amz-cf-id Z6ueufGgI3FGrbkNUvb5aWoGPaHzg63DauqRA1D80oLXeOp4Ujm5ZQ==
GET H2	200	js_70Fxbe16cCkPdltpeLUO_SZo4lIvaIYec3Yhl2VT_g8.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	5 KB 2 KB	64ms 63ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_70Fxbe16cCkPdltpeLUO_SZo4lIvaIYec3Yhl2VT_g8.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd98951ca645e807fc1d0bb6f162fdd0016667a9d3a2c88d8f627fac428b9ff1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 12 date Thu, 04 Jul 2024 19:44:19 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 722579 cf-polished origSize=7905 x-cache HIT x-ah-environment prod x-request-id v-3a4af364-28aa-11ef-a4e3-9bca6fff8755 cf-bgj minify last-modified Wed, 12 Jun 2024 10:55:04 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 89e19bf99bdd5bf5-FRA expires Thu, 27 Jun 2024 12:04:23 GMT
GET H2	200	google_analytics.js Show response www.crainsdetroit.com/modules/contrib/google_analytics/js/	4 KB 1 KB	419ms 417ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/modules/contrib/google_analytics/js/google_analytics.js?v=9.5.3 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d8fb7264da35f0a328c76bea44722c24c4a12e7de9b690a2180b5f57e868f53 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 160979 date Thu, 04 Jul 2024 19:44:20 GMT via varnish x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding br cf-polished origSize=8219 x-cache HIT x-ah-environment prod x-request-id v-910ebbfe-d6d9-11ee-bd8b-4b0bd0ebdabd cf-bgj minify last-modified Thu, 28 Jul 2022 07:49:18 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control public, max-age=1209600 cf-ray 89e19bfbde325bf5-FRA expires Thu, 18 Jul 2024 19:44:20 GMT
GET H2	200	js_ySV8cx5Xd25-JgzJg1_GgmeuXnQWMfpNooegsiNDl4c.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	309 KB 94 KB	578ms 577ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_ySV8cx5Xd25-JgzJg1_GgmeuXnQWMfpNooegsiNDl4c.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5897e8e09a85f610e1afffe64f8838900def6ecd2296dccbd2cf006de83c17d Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 67 date Thu, 04 Jul 2024 19:44:19 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 121741 cf-polished origSize=330497 x-cache HIT x-ah-environment prod x-request-id v-74a6ad3e-3785-11ef-af7a-cfbce118ec78 cf-bgj minify last-modified Mon, 17 Jul 2023 11:15:01 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 89e19bf99bde5bf5-FRA expires Mon, 15 Jul 2024 08:39:39 GMT
GET H2	200	js Show response maps.googleapis.com/maps/api/	213 KB 73 KB	162ms 65ms	Script text/javascript	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash bab76781ee5c0ae42829c68e9d3d6d826b13d9421ddc4acac1bc1ab2f5796cb1 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:19 GMT content-encoding gzip x-content-type-options nosniff server scaffolding on HTTPServer2 vary Accept-Language, Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control public, max-age=1800 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74126 x-xss-protection 0
GET H2	200	js_0y1kgs1CxnWcHU_8QsWFUVxqRHbPn3Md0fcceG8YSJI.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	182 KB 60 KB	125ms 125ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_0y1kgs1CxnWcHU_8QsWFUVxqRHbPn3Md0fcceG8YSJI.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ebdc196882aabe86d6f1c932daadfdbfc611daee46d351cb3df6d7c863d1946 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 3 date Thu, 04 Jul 2024 19:44:19 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 793502 cf-polished origSize=271586 x-cache HIT x-ah-environment prod x-request-id v-45788786-3306-11ef-a55c-93a2aeae347e cf-bgj minify last-modified Tue, 25 Jun 2024 15:19:08 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 89e19bf99bdf5bf5-FRA expires Tue, 09 Jul 2024 15:19:10 GMT
GET H2	200	tag Show response btloader.com/ Redirect Chain https://crain-com.videoplayerhub.com/galleryloader.js https://btloader.com/tag?h=crain-com&upapi=true	54 KB 18 KB	155ms 71ms	Script application/javascript	2606:4700:10::6816:4bd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/tag?h=crain-com&upapi=true Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Server 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15f408601ac750718d667c0bc66ca713d6cfa07ad6b1299bdca44546abb97467 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip via 1.1 google cf-cache-status HIT last-modified Thu, 04 Jul 2024 19:16:57 GMT server cloudflare age 1610 etag "ff8d6369c2ffd0c255e790d6ede4c118" vary Origin, Accept-Encoding content-type application/javascript cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 accept-ranges bytes cf-ray 89e19bfd78c23723-FRA content-length 18395 Redirect headers date Thu, 04 Jul 2024 19:44:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FgxWk6N0v%2BfTk6E3VExdQstKBmPJTOmcc3jGkpjomhrsp15kTmSq8IyPCoptt%2BllLtmJ1dSlmKOSHz2GcKX%2FGGXoxHEXvM6q4IXk2OfldgFA2Ho2RIbbdOR%2FwWGwab7Lr9EqovIrJRmPXdwG4tI6w7wEPXDPD21zmas%3D"}],"group":"cf-nel","max_age":604800} content-type text/html location https://btloader.com/tag?h=crain-com&upapi=true cache-control max-age=3600 cf-ray 89e19bfc79019bc2-FRA content-length 167 expires Thu, 04 Jul 2024 20:44:19 GMT
GET H2	200	sitetotal.js Show response static.chartbeat.com/js/sitewidgets/	54 KB 22 KB	162ms 53ms	Script application/x-javascript	2600:9000:2646:1000:18:1fcd:354:4b41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/sitewidgets/sitetotal.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2646:1000:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 879f8ac93353fa4011fb96c803114599fccc3bdf068c906fc2ea35b9e9715d79 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 17:46:01 GMT content-encoding gzip via 1.1 f7bf54ada21ef4f1f7e0646051894136.cloudfront.net (CloudFront) last-modified Fri, 12 Apr 2013 15:40:22 GMT server nginx x-amz-cf-pop FRA60-P5 age 7098 etag W/"51682ae6-d6df" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=86400 cross-origin-resource-policy cross-origin x-amz-cf-id 6M-gFpDo0mYD0anTm-1yXxLBrFCLJ5qRbvNOmvc7ieB74CN_9cVwiA== expires Fri, 05 Jul 2024 17:46:01 GMT
GET H2	200	dashboard.js Show response www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/chartbeat/js/build/	2 KB 985 B	427ms 426ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/chartbeat/js/build/dashboard.js?sfxuxi Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 950fd95b6af4b4974a68ac04a5f146062dccfff965c0b150d8202306c1f6bb9f Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT via varnish x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding br cf-polished origSize=3241 x-cache MISS x-ah-environment prod x-request-id v-20f4f5e8-378e-11ef-8048-13f4f1cc0e55 cf-bgj minify last-modified Mon, 01 Jul 2024 07:29:54 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control public, max-age=1209600 cf-ray 89e19bfbde335bf5-FRA expires Thu, 18 Jul 2024 19:44:20 GMT
GET H2	200	js_h5FhX1PuwYOpXCHHUil1ZYM1Uy-Ao4IDKcVtzPQ-z6U.js Show response www.crainsdetroit.com/sites/cdb_rd/files/js/	48 KB 12 KB	70ms 70ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_h5FhX1PuwYOpXCHHUil1ZYM1Uy-Ao4IDKcVtzPQ-z6U.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2bd04041431d558822068081a612e4d2a488e9796afec463734e974746e8322b Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 119 date Thu, 04 Jul 2024 19:44:19 GMT via varnish x-content-type-options nosniff cf-cache-status HIT content-encoding br age 40373 cf-polished origSize=67821 x-cache HIT x-ah-environment prod x-request-id v-cf5ce0c4-3788-11ef-88d7-6b7ced37c951 cf-bgj minify last-modified Mon, 01 Jul 2024 08:11:17 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control max-age=1209600 cf-ray 89e19bf99be15bf5-FRA expires Mon, 15 Jul 2024 09:03:40 GMT
GET H2	200	crain_pelcro_user_status.js Show response www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/	3 KB 1 KB	426ms 424ms	Script application/javascript	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/crain_pelcro_user_status.js?sfxuxi Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6e1bca811af848f4ad930170f9bc77edcd142fc90badc0218cd8c6dc57f36ed Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 11 date Thu, 04 Jul 2024 19:44:20 GMT via varnish x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding br cf-polished origSize=4140 x-cache HIT x-ah-environment prod x-request-id v-20f586b6-378e-11ef-94a7-97b3fd7f1955 cf-bgj minify last-modified Mon, 05 Feb 2024 10:34:01 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin https://js.trendmd.com cache-control public, max-age=1209600 cf-ray 89e19bfbde345bf5-FRA expires Thu, 18 Jul 2024 19:44:20 GMT
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/	467 KB 145 KB	42ms 42ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash 4416286665bbc024eb7d80114a57625e9f57ea495844950d060293b230599af5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 10:01:26 GMT content-encoding br x-content-type-options nosniff age 34973 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 148860 x-xss-protection 0 server cafe etag 3071004405367439963 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 04 Jul 2025 10:01:26 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	131ms 41ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-2717831-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 04 Jul 2024 18:29:07 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 4512 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 04 Jul 2024 20:29:07 GMT
GET H2	200	icons.svg www.crainsdetroit.com/themes/custom/citybook_rd/dist/	20 KB 7 KB	426ms 425ms	Other image/svg+xml	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crainsdetroit.com/themes/custom/citybook_rd/dist/icons.svg Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0c72f4dff7cebbfb793dee88030ddb9dc7441dc9b5acf793a3de9d6a6fd6a06 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 1987 date Thu, 04 Jul 2024 19:44:20 GMT via varnish x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding br x-cache HIT x-ah-environment prod x-request-id v-32061574-28a7-11ef-9408-fb2d24ce4669 last-modified Thu, 21 Mar 2024 07:34:38 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=1209600 cf-ray 89e19bfbde365bf5-FRA expires Thu, 18 Jul 2024 19:44:20 GMT
GET DATA	200 OK	truncated /	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Type image/gif
GET H2	200	ijwRs572Xtc6ZYQws9YVwnNGfJ7QwOk1.woff2 fonts.gstatic.com/s/publicsans/v15/	26 KB 26 KB	132ms 41ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ7QwOk1.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,300;0,400;0,500;0,700;0,800;0,900;1,300;1,400;1,500;1,700;1,800;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8458e4b4a54eacfd1b843411542fb3c450c0b9cf9552297bfca73fc718a258ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.crainsdetroit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 02 Jul 2024 14:43:14 GMT x-content-type-options nosniff age 190866 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26160 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:51:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 02 Jul 2025 14:43:14 GMT
GET H3	200	logger-1.min.js Show response cdn.lr-intake.com/	845 KB 168 KB	137ms 76ms	Script text/javascript	172.67.135.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.lr-intake.com/logger-1.min.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_VeG6sdB9KL0SkygnV0snWskL9yUMtW92OpsiUoSkmSk.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.135.7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 961584ea1f2fe8afbb803f101ba0b3587244ae6a58c656349e2b58c9ed68b326 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:19 GMT strict-transport-security max-age=31556926 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 88 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230097-FRA last-modified Wed, 03 Jul 2024 19:41:32 GMT server cloudflare x-timer S1720035788.732083,VS0,VE2 etag W/"ac4c21f9e8d75982407152076cd61c1a2e5dfc06be3042bfafc7ccd6ef92ade1-br" vary x-fh-requested-host, accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OKHj8oxVmahnArUc3Rw2Sjsj0cG080pZ8pkjmnDaFU02rM1CmULERBg1Icnp5ca4O4Kt1hfJaPgFFDo4bLpNqn5SvZ2Mx5Mkn0beg1slMLmAatT3coM8CYtAy52nUa1HjAnhAw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 89e19bfc9a1f1915-FRA x-cache-hits 1
GET H2	200	v3 Show response js.stripe.com/	619 KB 152 KB	132ms 46ms	Script text/javascript	108.138.26.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_VeG6sdB9KL0SkygnV0snWskL9yUMtW92OpsiUoSkmSk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.26.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-26-74.fra56.r.cloudfront.net Software Cloudfront / Resource Hash ce3a2c1f166951c17a773f8a1e503d7a416d5430854edf0ad5ea1460bfd92672 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:43:56 GMT content-encoding br via 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 25 x-amz-cf-pop FRA56-P7 x-cache Hit from cloudfront last-modified Wed, 03 Jul 2024 20:43:00 GMT server Cloudfront etag W/"16095b208fce1f9394656811fb5b307e" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id t-wJ0gZ5kUh_AM7pHF74iyDI1-mojzU8PtEJmObYBsgOr1-IXdtaLA==
GET H2	403	crainsdetroit.com Show response pubcast-files.remixd.com/player-configs/	111 B 495 B	234ms 146ms	Fetch application/xml	35.190.38.143 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubcast-files.remixd.com/player-configs/crainsdetroit.com Requested by Host: tags.remixd.com URL: https://tags.remixd.com/player/v5/index.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 143.38.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash 08142330655deb1526dcc56795c92eb5c13012f75b599d5ac68db4027953ed80 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT server UploadServer x-guploader-uploadid ACJd0Nq-oSIGK_ib80HK_aPC1MojuwUI5VbUnlGiJK1UYfQFBRXKg4f753J9iibMnzg53dgsEy2Avp7GEg content-type application/xml; charset=UTF-8 access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Length, Content-Type, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control private, max-age=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111 expires Thu, 04 Jul 2024 19:44:20 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 212 B	49ms 49ms	XHR text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1371089877&t=pageview&_s=1&dl=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&ul=de-de&de=UTF-8&dt=Flagstar%20bank%20paid%20%241%20million%20in%20bitcoin%20to%20a%20ransomware%20group%20%7C%20Crain%27s%20Detroit%20Business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=892440219&gjid=1933174574&cid=381386320.1720122260&tid=UA-2717831-1&_gid=768356763.1720122260&_r=1&gtm=457e4730za200&gcd=13l3l3l2l3&dma_cps=sypham&dma=1&tag_exp=0&did=dMDhkMT&gdid=dMDhkMT&npa=1&z=1968125229 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Content-Type text/plain Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:19 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.crainsdetroit.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/	235 B 525 B	249ms 157ms	XHR application/json	2a04:4e42::714 FASTLY
General Check archive.org Show headers Download Go to Full URL https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=crainsdetroit.com&domain=crainsdetroit.com&path=%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group Requested by Host: static.chartbeat.com URL: https://static.chartbeat.com/js/chartbeat_mab.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42::714 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 192574e33506cbc2db0a4a31e24e7a72abe1bd1fc08f10da2e1e0d789bbed5fe Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 0 date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip via 1.1 varnish (Varnish/6.0), 1.1 varnish age 0 x-cache MISS cross-origin-resource-policy cross-origin content-length 170 x-served-by cache-cph2320057-CPH x-timer S1720122260.081529,VS0,VE115 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type application/json access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 accept-ranges bytes expires Tue, 02 Jul 2024 19:44:20 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 350 B	143ms 47ms	XHR text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2717831-1&cid=381386320.1720122260&jid=892440219&gjid=1933174574&_gid=768356763.1720122260&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1055134961 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 04 Jul 2024 19:44:20 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.crainsdetroit.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	222 KB 59 KB	126ms 41ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 04 Jul 2024 19:44:20 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58293 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2785, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug SewTp4xZ8twHMcTChCBIDI8SwYNCR2msG1tYhpA5dWbvqnYOt5lzvqm59/UPm+/EByP4U8u4qZlhk7finn+oXQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	136ms 41ms	Script application/javascript	146.75.120.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip last-modified Fri, 22 Mar 2024 21:07:24 GMT x-amz-server-side-encryption AES256 etag "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15412 x-served-by cache-iad-kiad7000168-IAD, cache-fra-etou8220085-FRA
GET H2	200	id Show response dpm.demdex.net/	375 B 924 B	176ms 59ms	XHR application/json	54.155.49.201 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=138FFF2554E6E7220A4C98C6%40AdobeOrg&d_nsid=0&ts=1720122260040 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.155.49.201 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-155-49-201.eu-west-1.compute.amazonaws.com Software / Resource Hash 210db4168cbf117cd01bfdbee793a6a75cd08e31e80345d0beb3c9aaaa5627a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Content-Type application/x-www-form-urlencoded Response headers dcs dcs-prod-irl1-1-v062-09fd8b58e.edge-irl1.demdex.com 2 ms pragma no-cache date Thu, 04 Jul 2024 19:44:20 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-tid G1COs9BDQc8= vary Origin content-type application/json;charset=utf-8 p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" access-control-allow-origin https://www.crainsdetroit.com cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private access-control-allow-credentials true content-length 316 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	js Show response www.googletagmanager.com/gtag/	227 KB 82 KB	57ms 56ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-593664384&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-2717831-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d0c4cce3247ac912423f3d1f610550fe1766b9d6d1cb2b6de16dd989b91a0bfc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 84220 x-xss-protection 0 last-modified Thu, 04 Jul 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 04 Jul 2024 19:44:20 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	268 KB 93 KB	72ms 71ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-R975N3VDSQ&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-2717831-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7f06ec32b6d8eabe0eb454e5561455faa529bef2e5f9ab117b61126c484acec2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 95469 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 04 Jul 2024 19:44:20 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	268 KB 93 KB	80ms 80ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-R975N3VDSQ&l=dataLayer Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 18873eea132738696c15498e64d9aedc8fcd9b5765fdbf427c4a798cec076eb3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 95406 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 04 Jul 2024 19:44:20 GMT
GET H2	200	tag.aspx Show response ml314.com/	37 KB 12 KB	139ms 42ms	Script application/javascript	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ml314.com/tag.aspx?46 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 773a28cc9ac8062b38482769d1f03d92a6487d5775d439cff1c8b5be61fdd6d7 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:19:23 GMT via 1.1 google content-encoding br age 1497 x-guploader-uploadid ACJd0NpBeT6Z-Ts77hXkcaeWdP0-eK5E_7XDVHW33PNNFYgiu-D4crA9qQnpqNbOjkUNnJHn1uo x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12140 last-modified Wed, 12 Jun 2024 23:47:10 GMT server UploadServer vary Accept-Encoding x-goog-generation 1718236030191817 x-goog-hash crc32c=jdP4zA==, md5=YRx2m1aKFpugF5vA5Ps9ng== content-type application/javascript cache-id FRA-fa985ced cache-control public,max-age=3600 x-cache-hit hit x-goog-stored-content-length 37568 accept-ranges bytes
GET H2	200	get Show response vi.ml314.com/	906 B 756 B	147ms 61ms	Script application/javascript	35.201.104.135 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://vi.ml314.com/get?eid=69120&tk=weP6qvbwC4vTzjKxXoXB2fkYVMrqAXGxMEdSJ6g2fHRUg3d&fp= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 135.104.201.35.bc.googleusercontent.com Software Google Frontend / Resource Hash 367218736c99aca2872ab64397b9e81064b347bc47f4d32636c81ccb4915c8b7 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=2592000 content-encoding br via 1.1 google date Thu, 04 Jul 2024 19:44:20 GMT server Google Frontend vary Accept-Encoding content-type application/javascript cache-control private,max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	LogRocket.min.js Show response cdn.lr-ingest.com/	113 KB 30 KB	129ms 65ms	Script text/javascript	172.67.153.27 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.lr-ingest.com/LogRocket.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.153.27 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f349faee5d260be3368dc35ad96d3f8b17af54671d123e9cb171a35b7c3d6410 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://www.crainsdetroit.com/ Origin https://www.crainsdetroit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT strict-transport-security max-age=31556926 content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230126-FRA last-modified Wed, 03 Jul 2024 19:41:32 GMT server cloudflare x-timer S1720039793.602892,VS0,VE0 etag W/"662e040d56b958d42c270c7c74db54eb1a75e263650713850b07f3a9e9042691-br" vary x-fh-requested-host, accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vWHoUNk7FHpasM2drELW%2FXSJ6gT%2BolYJIbC0gLfaYQXEiXQmSSLJFBuk3b2ajvZxzskdQPfSke8ZU4M7%2Fy8vplSNTG8fFmHXJuCp9tMmXkSe2BTMY1k7o5OTmUYRpVyIUe13ig%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 89e19bfdce72905e-FRA x-cache-hits 3
GET H2	200	notice Show response consent.trustarc.com/	36 KB 11 KB	166ms 74ms	Script text/javascript	13.225.78.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://consent.trustarc.com/notice?domain=crain.com&c=teconsent&text=true&pcookie=true&cdn=1&gtm=true&js=bb&noticeType=bb&privacypolicylink=%2Fprivacy-policy&cookieLink=%2Fprivacy-policy Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-57.fra2.r.cloudfront.net Software / Resource Hash 30d0cef1d10e7c1c64b5884a6ca08ae7ef9bc813db922b5f168dcab57876e04c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.crainsdetroit.com/ Origin https://www.crainsdetroit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip via 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop FRA2-C2 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript; charset=UTF-8 access-control-allow-origin * access-control-expose-headers * cache-control max-age=3600 x-amz-cf-id DRyP9vvoCfUAO8IgHltsXPT9-CF7CBGsfRdC8zLtgavDXJgESFkMcw==
GET H2	200	site Show response www.pelcro.com/api/v1/sdk/	11 KB 2 KB	187ms 187ms	XHR application/json	2606:4700:10::6816:958 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/site?site_id=5070&language=en Requested by Host: js.pelcro.com URL: https://js.pelcro.com/sdk/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42a5cf957cd4ef3d5f7dc4e73b6692f8bb589113a49986f4c68b8fdb64d8a330 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json Cache-Control max-age=0 Referer https://www.crainsdetroit.com/ X-Pelcro-Sdk-Version 2.17.0 Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Thu, 04 Jul 2024 19:39:37 GMT server cloudflare vary Accept-Encoding content-language en access-control-allow-origin * content-type application/json; charset=utf-8 cache-control max-age=0 cf-ray 89e19c00d854916a-FRA expires Thu, 04 Jul 2024 19:39:37 GMT
OPTIONS H2	204	site www.pelcro.com/api/v1/sdk/ Frame	0 0	533ms 433ms	Preflight	2606:4700:10::6816:958 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/site?site_id=5070&language=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers cache-control,x-pelcro-sdk-version Access-Control-Request-Method GET Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers cache-control,x-pelcro-sdk-version access-control-allow-methods GET access-control-allow-origin * access-control-max-age 0 cache-control max-age=0 cf-cache-status DYNAMIC cf-ray 89e19bfe1bb2916a-FRA date Thu, 04 Jul 2024 19:44:20 GMT expires Thu, 04 Jul 2024 19:44:20 GMT referrer-policy strict-origin-when-cross-origin server cloudflare vary Access-Control-Request-Method, Access-Control-Request-Headers x-content-type-options nosniff
GET H3	200	gen_204 Show response maps.googleapis.com/maps/api/mapsjs/	3 B 45 B	137ms 58ms	XHR application/json	172.217.18.10 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.10 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f10.1e100.net Software scaffolding on HTTPServer2 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip x-content-type-options nosniff server scaffolding on HTTPServer2 vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://www.crainsdetroit.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23 x-xss-protection 0
GET H2	200	v2 Show response mb.moatads.com/yi/	605 B 682 B	228ms 86ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqqRb9TZjaOdT2EB%2BBOA3JNdQP%2Fi2v2zr%2Bdj46WSY9fIj4B2PAB1iav4pxs%3D&rs=1-cQYmwN5deVpMDA%3D%3D&sc=1&os=1-DQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&pcode=crainprebidheader782626518086&rx=690224576986&callback=MoatNadoAllJsonpRequest_8048505 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash 6a8a6fe54b616c11a5d2363b6fabe07c93b6b0aa158013b346e864648c831c49 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT server istio-envoy etag "051d306a46b2e5f52609273234e0d12c4c62383e" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 33 timing-allow-origin * content-length 605
GET H2	200	n.js Show response mb.moatads.com/	85 B 263 B	176ms 64ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqqRb9TZjaOdT2EB%2BBOA3JNdQP%2Fi2v2zr%2Bdj46WSY9fIj4B2PAB1iav4pxs%3D&rs=1-cQYmwN5deVpMDA%3D%3D&sc=1&os=1-DQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&i=CRAIN_PREBID_HEADER1&hp=1&sst=1&wf=1&pxm=3&sgs=3&vb=0&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1720122260074&de=660305225930&rx=690224576986&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=1&cb=1&cu=1720122260074&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A-%3A-%3A0%3A0&fs=208210&na=307559107&cs=0&callback=MoatDataJsonpRequest_8048505 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash 63f7f4b3319953dcf8a36d0139f23d3df7fce0c1a1adbf9a2cf3fd1055edcd61 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT server istio-envoy etag "07701c2f5fbc96ca3a39d6624b3ed29b926602c4" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 10 timing-allow-origin * content-length 85
GET H2	200	iframe.html z.moatads.com/hd09824092/ Frame 2912	0 0	120ms 43ms	Document text/html	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/hd09824092/iframe.html Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes access-control-allow-credentials true access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=3446 content-encoding gzip content-length 803 content-md5 Spy8LlvBZDE9rOQqWL7xQQ== content-type text/html date Thu, 04 Jul 2024 19:44:20 GMT etag 0d341092-8e0f-4735-ae34-f388ff501eed last-modified Thu, 21 Mar 2024 17:22:14 GMT opc-meta-btime 2021-01-26T22:41:39Z opc-meta-mtime 1611700899 opc-request-id iad-1:iYaHZIcKsZiQsRRW1QohMTyfudXax_SNk12jPcrbtHzhbwSM-ygOOdh1u7H4De-w storage-tier Standard strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding version-id 5af5eb63-417c-4960-9068-358f7e3e1642 x-api-id native x-content-type-options nosniff
GET H2	200	controller-with-preconnect-6a259ce9c1cfd6bc93b8b95f1a5f50b3.html js.stripe.com/v3/ Frame E60B	0 0	137ms 43ms	Document text/html	108.138.26.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-with-preconnect-6a259ce9c1cfd6bc93b8b95f1a5f50b3.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.26.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-26-74.fra56.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes access-control-allow-origin * age 22 cache-control max-age=60, stale-while-revalidate=900 content-length 651 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 04 Jul 2024 19:43:59 GMT etag "6a259ce9c1cfd6bc93b8b95f1a5f50b3" last-modified Wed, 03 Jul 2024 20:04:08 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront) x-amz-cf-id aRSKF5Me60adMRC3nFMKDbN7wjyAe9Y5id6CIhXQzkoyW1OKSCLUEQ== x-amz-cf-pop FRA56-P7 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	websiteconfig Show response btloader.com/	807 B 661 B	251ms 168ms	Fetch application/json	2606:4700:10::6816:4bd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/websiteconfig?bt_env=prod&o=5764463032532992&w=crainsdetroit.com Requested by Host: crain-com.videoplayerhub.com URL: https://crain-com.videoplayerhub.com/galleryloader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc56fb659f00b5389685d386bc75d637f262741b1f18d3ecc0e05d4b901f7c7d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip via 1.1 google cf-cache-status DYNAMIC last-modified Thu, 04 Jul 2024 19:43:34 GMT server cloudflare etag "68d0db7480847c7587dc3f70df732580" vary Origin content-type application/json access-control-allow-origin * cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 cf-ray 89e19bfe9c519f4e-FRA content-length 397
GET H2	204	state Show response api.btloader.com/mw/	0 101 B	243ms 153ms	Fetch	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/mw/state?bt_env=prod Requested by Host: crain-com.videoplayerhub.com URL: https://crain-com.videoplayerhub.com/galleryloader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-origin * date Thu, 04 Jul 2024 19:44:20 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
GET H2	200	px.gif ad-delivery.net/	43 B 336 B	140ms 55ms	Image image/gif	2606:4700:20::ac43:4513 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=2 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1572771 x-guploader-uploadid ABPtcPqRtnRhbEjR725uVT1Yizf1XtfvDbBWoyIkpVjboRSmpGBLY2bXWXB9v_YhC8s4Mtbu9MUNtSfBrA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=08h8Unfmginrs3uQJI1ygd%2BPK9Ezw6Ooz3Z%2BPwTaI8u3ZpO3c97GeqyKNUOi8D7ptMYTVadR7CbS6QDKZmb1Ug6npobSNvYFSGQYjTk7xOpTGq8iBKcJvlLkReUvsAIu0Vn3opmzGqQ7WdVgsw%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 89e19bfe9f6c3a5c-FRA expires Sun, 16 Jun 2024 15:15:37 GMT
GET H3	200	favicon.ico ad.doubleclick.net/	1 KB 130 B	93ms 39ms	Image image/x-icon	142.250.185.70 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f6.1e100.net Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 14:45:33 GMT content-encoding gzip x-content-type-options nosniff age 17927 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 104 x-xss-protection 0 last-modified Tue, 08 May 2012 13:08:06 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/x-icon access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 05 Jul 2024 14:45:33 GMT
GET H2	200	px.gif ad-delivery.net/	43 B 921 B	115ms 52ms	Image image/gif	2606:4700:20::ac43:4513 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=1&e=0.7408820225510062 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1572771 x-guploader-uploadid ABPtcPqRtnRhbEjR725uVT1Yizf1XtfvDbBWoyIkpVjboRSmpGBLY2bXWXB9v_YhC8s4Mtbu9MUNtSfBrA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HzR04npxbbDvb1dyPAd3mtJlCBoeQiT2zu4kwBwUfbZ7acjQ7vPhiOF529NLmtzcvmaPbRxqF6ZlDH8xVa42y4%2FzS%2B%2B5sL11%2BMyntpOdRf1CJmjjPqwLcOfuF1%2Bj2HUca9bMBDqkLq371r2peA%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 89e19bfe9f733a5c-FRA expires Sun, 16 Jun 2024 15:15:37 GMT
GET BLOB	200 OK	928cf139-9df2-4e2b-9c73-7ff1862a460c https://www.crainsdetroit.com/	471 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://www.crainsdetroit.com/928cf139-9df2-4e2b-9c73-7ff1862a460c Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash fa8309b664ade8f3f20ed3a9b90c1481a49d6557ecd5280c8a1bf729ca2131bd Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Length 482471 Content-Type
GET H2	200	dest5.html craommunications.demdex.net/ Frame ABFC	0 0	184ms 54ms	Document text/html	52.212.215.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://craommunications.demdex.net/dest5.html?d_nsid=0 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.212.215.24 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-212-215-24.eu-west-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding gzip content-type text/html;charset=UTF-8 date Thu, 04 Jul 2024 19:44:20 GMT dcs dcs-prod-irl1-1-v062-0d2d75d82.edge-irl1.demdex.com 0 ms expires Thu, 01 Jan 1970 00:00:00 UTC last-modified Wed, 3 Jul 2024 06:32:08 GMT p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" pragma no-cache strict-transport-security max-age=31536000; includeSubDomains vary accept-encoding x-tid HRo7EC1YQjk=
GET H2	200	ibs:dpid=411&dpuuid=Zob7lAAAAJLSBgN- dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=15690120270934384333801962937290028283 https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zob7lAAAAJLSBgN-	42 B 715 B	61ms 61ms	Image image/gif	54.155.49.201 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zob7lAAAAJLSBgN- Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Server 54.155.49.201 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-155-49-201.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers dcs dcs-prod-irl1-2-v062-071805ff3.edge-irl1.demdex.com 5 ms pragma no-cache date Thu, 04 Jul 2024 19:44:20 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid q3xpSt7XQDY= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zob7lAAAAJLSBgN- Date Thu, 04 Jul 2024 19:44:20 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H2	200	utsync.ashx Show response ml314.com/	62 B 254 B	65ms 64ms	Script application/javascript	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=69120&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&pv=1720122260235_im0owgokh&bl=de-de&cb=205884&return=&ht=&d=&dc=&si=1720122260235_im0owgokh&cid=&s=1600x1200&rp=&v=2.7.3.180 Requested by Host: ml314.com URL: https://ml314.com/tag.aspx?46 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:20 GMT via 1.1 google, 1.1 google server Google Frontend content-type application/javascript p3p CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0
GET H3	200	logger-1.min.js Show response cdn.lr-ingest.com/	845 KB 168 KB	114ms 65ms	Script text/javascript	172.67.153.27 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.lr-ingest.com/logger-1.min.js Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.153.27 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 961584ea1f2fe8afbb803f101ba0b3587244ae6a58c656349e2b58c9ed68b326 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT strict-transport-security max-age=31556926 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 222 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230035-FRA last-modified Wed, 03 Jul 2024 19:41:32 GMT server cloudflare x-timer S1720035723.063002,VS0,VE2 etag W/"ac4c21f9e8d75982407152076cd61c1a2e5dfc06be3042bfafc7ccd6ef92ade1-br" vary x-fh-requested-host, accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vEozSsmHV95SDc%2F%2FhSSzH77965zCl%2BtWmNC7yh8XruhsUjiwY%2BxBH2BEtGygbK4CKubhyu4muGiNzx0VQC7Ex4jPx7dWl%2BqGHHLW5XV2TBn5eXNlpWqEeJD82Hy6hUpYAbMNhg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 89e19bfef8e69a1e-FRA x-cache-hits 1
GET H2	200	quant.js Show response secure.quantserve.com/	23 KB 10 KB	150ms 48ms	Script application/javascript	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip etag "tIg8n6xaLBY4WwNLLw9OGA==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Thu, 11 Jul 2024 19:44:20 GMT
GET H2	200	hotjar-1906609.js Show response static.hotjar.com/c/	9 KB 4 KB	165ms 72ms	Script application/javascript	18.66.102.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1906609.js?sv=6 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-51.fra56.r.cloudfront.net Software / Resource Hash 6fd5bbc095ddab5629259d4ce7427663d6dc0280778cd48516414bb5d4575bf8 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Thu, 04 Jul 2024 19:44:20 GMT via 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 etag W/b4e3d79d6b098fc7e8284daaedc0bac5 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id Q2qXZEE7MollT_gaMwNYeU5DSFuE45CMgPFjLAj3fKeRDLJVmkUjcA==
GET H2	200	chartbeat.js Show response static.chartbeat.com/js/	38 KB 15 KB	47ms 47ms	Script application/x-javascript	2600:9000:2646:1000:18:1fcd:354:4b41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/chartbeat/js/build/dashboard.js?sfxuxi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2646:1000:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 16:20:09 GMT content-encoding gzip via 1.1 f7bf54ada21ef4f1f7e0646051894136.cloudfront.net (CloudFront) last-modified Wed, 05 Jun 2024 00:13:00 GMT server nginx x-amz-cf-pop FRA60-P5 age 12251 etag W/"665fad8c-9895" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=86400 cross-origin-resource-policy cross-origin x-amz-cf-id FAmL1eT558KYRN0FT7ov14cXzAJvMxNNmZVOVVMaNEB8owaKqUoL5Q== expires Fri, 05 Jul 2024 16:20:09 GMT
GET H2	200	zcpt.js Show response js-tag.zemanta.com/	8 KB 3 KB	157ms 60ms	Script application/javascript	2606:4700:10::ac43:247d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-tag.zemanta.com/zcpt.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding br cf-cache-status HIT last-modified Tue, 18 Apr 2023 08:53:31 GMT server cloudflare x-amz-request-id S6Q2B68RCPCRWY7J age 7170 etag W/"6376a488d713d6cf8cf3d1ebfb5e6361" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript cache-control max-age=14400 cf-ray 89e19bff4eba35e0-FRA x-amz-id-2 1+OR4J+zCmPFXcmJqOeUoVhZe0ATBpZ/JKeQ6TOflmC7PNNgzbFlE+ffdYD0QbTAthrSuVDdpsU=
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	38 KB 14 KB	134ms 42ms	Script application/javascript	2a02:26f0:3500:10::210:a99 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 18 Jun 2024 16:46:52 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=29190 accept-ranges bytes content-length 14004
GET H2	200	RCa1ef3faa49e84abf89a7410820c6c505-source.min.js Show response assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/	377 B 508 B	51ms 51ms	Script application/x-javascript	2a02:26f0:3500:58f::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/RCa1ef3faa49e84abf89a7410820c6c505-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash b4910ab351d6b75afc3397714f5d0ede5809dfd642fbc43ef390e44519c2b4d6 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip last-modified Mon, 26 Feb 2024 11:48:25 GMT server AkamaiNetStorage etag "2802d3aea24d254dd967b5eff9bf953e:1708948105.733511" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://www.crainsdetroit.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 247 expires Thu, 04 Jul 2024 20:44:20 GMT
GET H2	200	RC78c47e69cfbf44d8bcc4b5ba97685ba4-source.min.js Show response assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/	401 B 515 B	52ms 51ms	Script application/x-javascript	2a02:26f0:3500:58f::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/ba845b47489d/RC78c47e69cfbf44d8bcc4b5ba97685ba4-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 2658d58658e760341eb4e0233a076241d20647c97b71e1b64c57c3ca263578bd Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip last-modified Mon, 26 Feb 2024 11:48:25 GMT server AkamaiNetStorage etag "2802d3aea24d254dd967b5eff9bf953e:1708948105.733511" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://www.crainsdetroit.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 254 expires Thu, 04 Jul 2024 20:44:20 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	199ms 66ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Thu, 04 Jul 2024 19:44:19 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 5D1833997EEA47E98F0FD084DC71F0C7 Ref B: FRA31EDGE0506 Ref C: 2024-07-04T19:44:20Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	adsct t.co/i/	43 B 377 B	345ms 218ms	Image image/gif	93.184.221.165 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=5b8bbacc-eeca-4ad9-8c78-8f2a75e68be4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=44621507-5c2e-4a29-aa8f-9f602cb3c002&tw_document_href=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4r93&type=javascript&version=2.3.30 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-response-time 175 date Thu, 04 Jul 2024 19:44:20 GMT strict-transport-security max-age=0 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 61fd4ea57918263b cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash dcad1b6b6390362d683efecf2f5717bc0052e7da6050e4df9af422ca6e3d68d2 content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 393 B	252ms 150ms	Image image/gif	104.244.42.195 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=5b8bbacc-eeca-4ad9-8c78-8f2a75e68be4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=44621507-5c2e-4a29-aa8f-9f602cb3c002&tw_document_href=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4r93&type=javascript&version=2.3.30 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.195 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-response-time 109 date Thu, 04 Jul 2024 19:44:20 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id cb7ee076e3df2828 cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash 47d2e9c7a660e2130b6a479ddb37ea1e354103b2eb4c738882be8c55c3df0d3f content-length 43
GET H2	200	spm.v1.min.js Show response ak.sail-horizon.com/spm/	103 KB 34 KB	143ms 44ms	Script application/javascript	18.66.112.95 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ak.sail-horizon.com/spm/spm.v1.min.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_70Fxbe16cCkPdltpeLUO_SZo4lIvaIYec3Yhl2VT_g8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.95 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-95.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 304a596bb9715360b71c3002d94553e04943f56dffbbefcf5c3ce3efc60db4a5 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:42:40 GMT content-encoding gzip via 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront) last-modified Thu, 06 Jun 2024 16:53:02 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 100 x-amz-server-side-encryption AES256 etag W/"0a63286546fdaeb63f5762369bd1c4ff" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=600; must-revalidate x-amz-cf-id 0U7OMqglvqeodYoI7XaW_b0fCdmtxCg5UixjU3vPCnkJIgrf3GEgJw==
GET H3	200	ebx.js Show response applets.ebxcdn.com/	464 B 989 B	122ms 61ms	Script application/javascript	172.67.212.172 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://applets.ebxcdn.com/ebx.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_lyb0K5ITaniwcgo-uFqLgufjqgYVW6mPAkzWFQRWKOQ.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.212.172 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding br x-amzn-remapped-content-length 464 cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1126 x-amzn-requestid 7a0eaf34-5553-4399-9b5a-1a30a93f2f56 x-amz-apigw-id aZuPGFUdjoEEjEg= alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed Aug 30 13:25:09 GMT 2023 server cloudflare x-amzn-trace-id Root=1-6686f72d-17ee370d18383d5e6dec7fe2;Parent=6f3170a228662115;Sampled=0;lineage=7936cbcf:0 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jmWlpq%2BisMMb3KNIl1CSJM%2F7RqsnamBm3RdwftQb62tcWVdltmHTJpwkIu5F9CHe5RPBYyaCATIjx9fM%2BwWK4yr7JLDOssvQT%2FHt7x4CASNTIO1UK1LjfeHPKCaCDR1LuQ4bnWw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=7200 cf-ray 89e19bff89e6366c-FRA
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html js.stripe.com/v3/ Frame 93BE	0 0	43ms 43ms	Document text/html	108.138.26.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.26.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-26-74.fra56.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes access-control-allow-origin * age 2363 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 04 Jul 2024 19:04:57 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Fri, 14 Jun 2024 20:01:05 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront) x-amz-cf-id JJC4RiS_stXxyL_SXbmYsRm00N5dF7HDSY1WCKZg_XOxREFuzcSEog== x-amz-cf-pop FRA56-P7 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	v1.7-518 Show response consent.trustarc.com/asset/notice.js/v/	93 KB 27 KB	47ms 46ms	Script text/javascript	13.225.78.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://consent.trustarc.com/asset/notice.js/v/v1.7-518 Requested by Host: consent.trustarc.com URL: https://consent.trustarc.com/notice?domain=crain.com&c=teconsent&text=true&pcookie=true&cdn=1&gtm=true&js=bb&noticeType=bb&privacypolicylink=%2Fprivacy-policy&cookieLink=%2Fprivacy-policy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-57.fra2.r.cloudfront.net Software / Resource Hash d7d5fd37104b920289011c87a92c7e3681251179c9fd1ff79a47ab93e128424b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.crainsdetroit.com/ Origin https://www.crainsdetroit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma public date Thu, 04 Jul 2024 19:08:32 GMT content-encoding gzip via 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 13 Jun 2024 04:06:42 GMT x-amz-cf-pop FRA2-C2 age 2148 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript access-control-allow-origin * access-control-expose-headers * cache-control max-age=2592000 x-amz-cf-id VRwdyFshe7Jffe-yiRjo_bz-wg9Ztb0Ym84Q9iwNGYucOH4UFYI9Mg==
GET H2	200	log consent.trustarc.com/	43 B 1 KB	156ms 72ms	Image image/gif	13.225.78.57 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://consent.trustarc.com/log?domain=crain.com&country=de&state=&behavior=implied&session=af03e44a-ba7b-470e-b894-aacb0acc4e50&userType=NEW&c=aff9 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-57.fra2.r.cloudfront.net Software / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-security-policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains via 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop FRA2-C2 cross-origin-embedder-policy unsafe-none x-cache Miss from cloudfront cross-origin-resource-policy cross-origin content-length 43 x-xss-protection 1; mode=block pragma no-cache referrer-policy strict-origin-when-cross-origin cross-origin-opener-policy cross-origin expect-ct enforce, max-age=60 x-frame-options SAMEORIGIN vary Origin content-type image/gif cache-control private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy geolocation=(), camera=(), speaker=(), microphone=(), vibrate=() x-amz-cf-id 572XuA4TSq-o6pS4rWnQsjof56zzVVrUC-6T3_p8_wRMFuRAapiNjg== expires Mon, 26 Jul 1997 05:00:00 GMT
POST H2	200	delivery Show response craommunications.tt.omtrdc.net/rest/v1/	359 B 853 B	215ms 70ms	XHR application/json	66.235.152.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://craommunications.tt.omtrdc.net/rest/v1/delivery?client=craommunications&sessionId=fba5bcae3d8442799407d0d616c83dce&version=2.10.2 Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.235.152.221 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-66-235-152-221.data.adobedc.net Software jag / Resource Hash e9da470ecc79565712d31d4fcb5ae3bea8e2155e5a6af91b6b8002cebd62da20 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Content-Type text/plain Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31536000; includeSubDomains accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List server jag x-content-type-options nosniff vary origin,access-control-request-method,access-control-request-headers,accept-encoding content-type application/json;charset=UTF-8 access-control-allow-origin https://www.crainsdetroit.com cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block x-request-id 9fe062b0-e681-4572-ac7d-053cf68bac13
OPTIONS H2	204	authorization www.pelcro.com/api/v1/sdk/members/ip/ Frame	0 0	685ms 685ms	Preflight	2606:4700:10::6816:958 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers cache-control,x-pelcro-sdk-version Access-Control-Request-Method GET Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers cache-control,x-pelcro-sdk-version access-control-allow-methods GET access-control-allow-origin * access-control-max-age 0 cache-control max-age=0 cf-cache-status DYNAMIC cf-ray 89e19bff2d52916a-FRA date Thu, 04 Jul 2024 19:44:20 GMT expires Thu, 04 Jul 2024 19:44:20 GMT referrer-policy strict-origin-when-cross-origin server cloudflare vary Access-Control-Request-Method, Access-Control-Request-Headers x-content-type-options nosniff
OPTIONS H2	200	country www.pelcro.com/api/v1/sdk/geo/ Frame	0 0	89ms 89ms	Preflight	2606:4700:10::6816:958 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/geo/country?site_id=5070&language=en&locale=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers cache-control,x-pelcro-sdk-version Access-Control-Request-Method GET Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers cache-control,x-pelcro-sdk-version access-control-allow-methods OPTIONS,GET access-control-allow-origin * access-control-max-age 86400 cf-ray 89e19bff2d5f916a-FRA content-length 0 date Thu, 04 Jul 2024 19:44:20 GMT server cloudflare vary Accept-Encoding
GET H2	404	authorization Show response www.pelcro.com/api/v1/sdk/members/ip/	76 B 161 B	413ms 412ms	XHR application/json	2606:4700:10::6816:958 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee2057b29ca580da0aab4aa5c20f0cf9204c5e80025bbcaa343ecefbf0b0f420 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json Cache-Control max-age=0 Referer https://www.crainsdetroit.com/ X-Pelcro-Sdk-Version 2.17.0 Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:21 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-language en access-control-allow-origin * content-type application/json; charset=utf-8 cache-control no-cache, private cf-ray 89e19c037d3c916a-FRA
GET H2	200	country Show response www.pelcro.com/api/v1/sdk/geo/	5 KB 2 KB	103ms 103ms	XHR application/json	2606:4700:10::6816:958 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/geo/country?site_id=5070&language=en&locale=en Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cc992fa8e1adf627310b99e6a2d4c29d191a71af0cbf98867e99146d8853d99 Request headers Accept application/json Cache-Control max-age=0 Referer https://www.crainsdetroit.com/ X-Pelcro-Sdk-Version 2.17.0 Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding br server cloudflare x-cache-key en-DE x-cache-status hit access-control-max-age 86400 access-control-allow-methods OPTIONS,GET content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=0 vary Accept-Encoding cf-ray 89e19bffbe60916a-FRA
GET H2	200	micro-logo.svg www.crainsdetroit.com/themes/custom/citybook_rd/images/cdb/	4 KB 1 KB	428ms 428ms	Image image/svg+xml	2606:4700::6812:b93b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.crainsdetroit.com/themes/custom/citybook_rd/images/cdb/micro-logo.svg Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb947a7f8ed92bb31038d96a8e36f2f844bb8c8c925ea96183a0d647748cd5c9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-cache-hits 10 date Thu, 04 Jul 2024 19:44:20 GMT via varnish x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding br x-cache HIT x-ah-environment prod x-request-id v-0fbb780a-f39c-11ee-85e9-3341b37fc536 last-modified Mon, 13 Feb 2023 08:12:37 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=1209600 cf-ray 89e19bff39ea5bf5-FRA expires Thu, 18 Jul 2024 19:44:20 GMT
GET H2	200	2JEN3RX.jpg s3-rd-prod.crainsdetroit.com/styles/1024x512/s3/	36 KB 36 KB	636ms 499ms	Image image/jpeg	2606:4700::6812:b83b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s3-rd-prod.crainsdetroit.com/styles/1024x512/s3/2JEN3RX.jpg Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b4f22f30d39cb4bcedecf40d500aa953c8d891970f73e0b9b61d97c4666330b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:21 GMT cf-cache-status MISS last-modified Wed, 13 Mar 2024 14:52:32 GMT server cloudflare x-amz-request-id SN2EM5V59Z19SZGC etag "068ae438ea24e57c10b4d16a64680f4a" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type image/jpeg cache-control public, max-age=3600 accept-ranges bytes cf-ray 89e19c006e7e3623-FRA content-length 36920 x-amz-id-2 4Nw58uaTmt3onCVPcbLGeh0AXsHUAEQFpxm4TiddlpbD6lv7GXJhDfedN3Msth7WQl4jqslxrNk= expires Thu, 04 Jul 2024 20:44:20 GMT
GET H2	200	637988649571323 Show response connect.facebook.net/signals/config/	69 KB 14 KB	108ms 108ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/637988649571323?v=2.9.160&r=stable&domain=www.crainsdetroit.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f3932bdbe25901e065fa66e3ee060ab025d597d5286e27a9f6a4bf8ef625c736 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 04 Jul 2024 19:44:20 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=40, rtx=0, c=64, mss=1297, tbw=63834, tp=-1, tpl=-1, uplat=68, ullat=0 pragma public x-fb-debug x5e2jgZvxTxOHkkCNuCwg38lFjQLx8J1U2+Xikjqay81BXaXH6sAEL9VTsQeEudqobrzdr0lFD3zfmfCTN7Chg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	cci-firstTouchCookie.js Show response crain-global.s3.amazonaws.com/global/js/	3 KB 4 KB	396ms 137ms	Script application/javascript	3.5.27.119 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://crain-global.s3.amazonaws.com/global/js/cci-firstTouchCookie.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.27.119 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash a52bf805948390e3ecf0ee9bf232f1563a9d8cae24a20152845730f355adedbb Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Date Thu, 04 Jul 2024 19:44:21 GMT Last-Modified Tue, 26 Sep 2023 14:12:59 GMT Server AmazonS3 x-amz-request-id SN20Q5AKH36CX1B5 ETag "b79b890f95a91ffbf5a1e0c99ee5eeed" x-amz-server-side-encryption AES256 Content-Type application/javascript Accept-Ranges bytes Content-Length 3185 x-amz-id-2 LqjeZ1v2IjaN04mXOAURWGcoM9hxthyqvbTyxb+QF4Po9foLlqdMGGX2cvLMvXoeuk3kpRouYcPfiyy3Ljxex8LKc0IZyTfLHS6AxWhogbU=
GET H2	200	ping ping.chartbeat.net/	43 B 201 B	367ms 121ms	Image image/gif	54.166.90.195 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=crainsdetroit.com&p=%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&u=Ddcs-ZDdEPbvBtzbio&d=crainsdetroit.com&g=25465&g0=No%20Section&g1=Anna%20Fifelski&n=1&f=00001&c=0&x=0&m=0&y=4727&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&b=4026&t=D3Zp3JCuglqJw6_JEDKSW4wRtixa&V=147&i=Flagstar%20bank%20paid%20%241%20million%20in%20bitcoin%20to%20a%20ransomware%20group%20%7C%20Crain%27s%20Detroit%20Business&tz=-120&_acct=anon&sn=1&sv=DFm1pgDmuQawDCt3Q1DlMqAPBG9rFX&sr=external&sd=1&im=067b0fff&_ Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.166.90.195 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-166-90-195.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers content-type image/gif pragma no-cache date Thu, 04 Jul 2024 19:44:20 GMT cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-length 43 expires 0
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/	406 KB 60 KB	319ms 237ms	XHR text/plain	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=2359028514546934&correlator=2676647881902755&eid=31085018%2C31085076%2C21065725%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407020101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=105554924%2Ccdb%2Cbanking-finance%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%2C1200x250%7C970x90%7C970x250%7C728x90%2C1x1%2C970x90%7C728x90%2C300x250%2C300x250%7C300x600%2C300x250%2C320x50%2C300x250%2C970x90%7C970x250%7C728x90&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0&ifi=1&sfv=1-0-40&ists=640&eri=33&sc=1&abxe=1&dt=1720122260372&lmt=1720122256&adxs=0%2C0%2C740%2C255%2C1120%2C1120%2C1120%2C1120%2C1120%2C160&adys=0%2C112%2C2046%2C2213%2C283%2C949%2C949%2C949%2C949%2C3828&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C0%7C0%7C0%7C0%7C0%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&vis=1&psz=1600x0%7C1600x0%7C0x0%7C970x0%7C320x0%7C320x0%7C320x0%7C320x0%7C320x0%7C1280x0&msz=1600x0%7C1600x0%7C0x0%7C970x0%7C320x0%7C320x0%7C320x0%7C320x0%7C320x0%7C1280x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&topics=5&tps=5&htps=5&nt=1&dlt=1720122259359&idt=588&prev_scp=m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3Dinterstitial%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_gv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26pos%3DLB_01%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DINREAD%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DLB_02%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DREC_01%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DREC_02%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DREC_03%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DNTV_01%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DREC_04%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26pos%3DLB_03%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26bmb%3Dind_27%252Cre_3%252Csz_3%252Cid_1%252Cid_3%252Cid_4&adks=4098982664%2C4083305776%2C675252686%2C3076419833%2C3207770080%2C3712854421%2C1228619621%2C1206303758%2C2528962531%2C700628101&frm=20&eoidce=1 Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 46347da80e90ab1a94be84c4bc9a9842d5aa4660828a2f6b3869d68e38260ccb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2,-2,-2,-2,-2,-2,-2,-2 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61793 x-xss-protection 0 google-lineitem-id -2,6727407095,-2,6437715829,6439686130,6728136603,6354644058,6726293698,6354644058,6091333837 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,138476415646,-2,138465745439,138458479623,138476348877,138442311334,138475708452,138441589527,138402123355 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.crainsdetroit.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 3112c522fd5c70d94d7c8ed7599efd7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BFAF	0 0	163ms 46ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://3112c522fd5c70d94d7c8ed7599efd7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 04 Jul 2024 19:44:20 GMT expires Thu, 04 Jul 2024 19:44:20 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	200	s01047565923930 Show response crain.112.2o7.net/b/ss/craindetroit/1/JS-2.20.0/	43 B 393 B	169ms 56ms	XHR image/gif	63.140.62.27 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://crain.112.2o7.net/b/ss/craindetroit/1/JS-2.20.0/s01047565923930 Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.62.27 , United States, ASN15224 (OMNITURE, US), Reverse DNS ip-63-140-62-27.data.adobedc.net Software jag / Resource Hash 55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:20 GMT x-content-type-options nosniff last-modified Fri, 05 Jul 2024 19:44:20 GMT server jag etag 3693934427573977088-4618360177028553167 vary * p3p CP="This is not a P3P policy" access-control-allow-origin https://www.crainsdetroit.com content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Wed, 03 Jul 2024 19:44:20 GMT
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 811 B	303ms 220ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=2832529&time=1720122260395&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Accept * Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 6F23539DEA4645E4BB2BEBD716098E70 Ref B: FRAEDGE1119 Ref C: 2024-07-04T19:44:20Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-lor1 access-control-allow-origin * x-cache CONFIG_NOCACHE content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYccSxP4Xix9MotOyufRg== x-fs-uuid 00061c712c4fe178b1f4ca2d3b2b9f46
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1720122260395&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1720122260395&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&e_ip...	0 265 B	550ms 463ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1720122260395&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&e_ipv6=AQIqlZb5oioo4AAAAZB_RrxwXudt2BaK_-40pRglDEctdQBwklx7ERLH2o_M-x07zY-JCjcQ Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:21 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 699E0645F5044FF4958456951068DA67 Ref B: DUS30EDGE0917 Ref C: 2024-07-04T19:44:20Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAYccSxYWY1MpJOLyfpdiQ== Redirect headers date Thu, 04 Jul 2024 19:44:19 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 62BCE61142D54F3695C0965DDC431432 Ref B: FRAEDGE2012 Ref C: 2024-07-04T19:44:20Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1720122260395&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&e_ipv6=AQIqlZb5oioo4AAAAZB_RrxwXudt2BaK_-40pRglDEctdQBwklx7ERLH2o_M-x07zY-JCjcQ x-li-proto http/2 content-length 0 x-li-uuid AAYccSxP+AAT3ENxYm/hCg==
GET H2	200	rules-p-J_kXLtyWmukpz.js Show response rules.quantcount.com/	160 B 641 B	126ms 40ms	Script application/javascript	2600:9000:223c:7000:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-J_kXLtyWmukpz.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:7000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b022a884114de14db9cefdd4d2554c1f281ae12820f33976f3c7e768f7998fbc Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:26:42 GMT via 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 1319 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 160 last-modified Fri, 14 Oct 2022 00:30:53 GMT server AmazonS3 etag "599ac3fe3327eee0bd61b8e478fad20a" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-cf-id RUiwmvSKiPqQuNddnEjU_HpuaAbF_QuvZXo1tdltSpUYCdiawSJpxg==
GET H2	200	get consent.trustarc.com/	127 KB 77 KB	88ms 88ms	Font font/ttf	13.225.78.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://consent.trustarc.com/get?name=OpenSansRegular.ttf Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-57.fra2.r.cloudfront.net Software / Resource Hash a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.crainsdetroit.com/ Origin https://www.crainsdetroit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma public date Thu, 04 Jul 2024 19:31:38 GMT content-encoding gzip via 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop FRA2-C2 age 762 vary Accept-Encoding x-cache Hit from cloudfront content-type font/ttf access-control-allow-origin * access-control-expose-headers * cache-control max-age=2592000 x-amz-cf-id 1NkFZvo5wP3bq29yfSh3MH67t4YAIN-_hqj9zIE9Xjq4DAlGIH6S0A==
GET H2	200	get consent.trustarc.com/	127 KB 74 KB	47ms 46ms	Font font/ttf	13.225.78.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://consent.trustarc.com/get?name=OpenSansBold.ttf Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-57.fra2.r.cloudfront.net Software / Resource Hash 914b98c4be37d22289a09667dc5083f7c625d972fea66a049d73decad7f1df72 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.crainsdetroit.com/ Origin https://www.crainsdetroit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma public date Thu, 04 Jul 2024 18:52:17 GMT content-encoding gzip via 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop FRA2-C2 age 3123 vary Accept-Encoding x-cache Hit from cloudfront content-type font/ttf access-control-allow-origin * access-control-expose-headers * cache-control max-age=2592000 x-amz-cf-id QW7zvxeLbUzWRw2jv6zGETEJfv_ULqa6YRq90cKSjLOBhJrdL4lIfg==
GET H2	200	bannermsg consent.trustarc.com/	43 B 1 KB	72ms 72ms	Image image/gif	13.225.78.57 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://consent.trustarc.com/bannermsg?action=views&domain=crain.com&behavior=implied&country=de&language=de&rand=0.9698280015163037&session=af03e44a-ba7b-470e-b894-aacb0acc4e50&userType=NEW Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-57.fra2.r.cloudfront.net Software / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-security-policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains via 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop FRA2-C2 cross-origin-embedder-policy unsafe-none x-cache Miss from cloudfront cross-origin-resource-policy cross-origin content-length 43 x-xss-protection 1; mode=block pragma no-cache referrer-policy strict-origin-when-cross-origin cross-origin-opener-policy cross-origin expect-ct enforce, max-age=60 x-frame-options SAMEORIGIN vary Origin content-type image/gif cache-control private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy geolocation=(), camera=(), speaker=(), microphone=(), vibrate=() x-amz-cf-id p4gh2az-3_pp1zGK1f4OTLIvuvopI6m6Tzs_ZvyFlwXvz-6WeIdAlA== expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	country Show response api.btloader.com/	37 B 153 B	153ms 153ms	Fetch application/json	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/country?o=5764463032532992 Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT via 1.1 google vary Origin content-type application/json access-control-allow-origin * cache-control private, max-age=300, stale-while-revalidate=600, stale-if-error=600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37
GET H2	200	/ p1.zemanta.com/v2/p/js/38076/PAGE_VIEW/	26 B 144 B	166ms 154ms	Image image/gif	2606:4700:10::ac43:247d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://p1.zemanta.com/v2/p/js/38076/PAGE_VIEW/?bust=03890791783498486&optOut=false Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC server cloudflare content-type image/gif x-robots-tag none cf-ray 89e19c00080235e0-FRA content-length 26
GET H2	200	modules.e4b2dc39f985f11fb1e4.js Show response script.hotjar.com/	223 KB 56 KB	130ms 44ms	Script application/javascript	13.32.27.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1906609.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.54 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-54.fra56.r.cloudfront.net Software / Resource Hash 619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Mon, 01 Jul 2024 08:11:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 300793 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 56291 last-modified Mon, 01 Jul 2024 08:10:34 GMT etag "ca025d2d8ae4b3dc51e058b782590501" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id HlssvlNMMp8EMzekPed3np1XzczYr7TLpna8Mwa8708jvw5ErBXdfw==
GET H2	204	pv Show response api.btloader.com/	0 66 B	152ms 152ms	XHR text/plain	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/pv?tid=CFl8az9O&w=5661028241113088&o=5764463032532992&cv=2.1.46-1-ge6dd43d&widget=false&checksum=854dcbc9&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&sid=j1KZV58jc&pm=false&upapi=true Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-origin * date Thu, 04 Jul 2024 19:44:20 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
GET H3	200	scripts.js Show response applets.ebxcdn.com/applets/www.crainsdetroit.com/	2 KB 2 KB	241ms 199ms	XHR text/javascript	172.67.212.172 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://applets.ebxcdn.com/applets/www.crainsdetroit.com/scripts.js Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.212.172 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30cc81680ac73a0ed5dd4570067c32dc4867a4879e3003e695a672315d3f1a24 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amzn-requestid 6cd82577-9266-4de4-8d20-24c8530ad238 x-amz-apigw-id aZw_QGGrjoEEUOA= content-length 1572 alt-svc h3=":443"; ma=86400 last-modified Wed, 10 Jan 2024 12:58:56 GMT server cloudflare etag aV3RLxUawR+XrKqGWhCg3g== x-amzn-trace-id Root=1-6686fb94-0cd6e0562e3711651e677afd;Parent=21f5ecec14e8301d;Sampled=0;lineage=388d0713:0 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iBmg9HfZzASpuoN%2BsZu4PKTpdrdM3SsGTMzj2sOqP2hkDKMBqfbs8M%2FIPRjjBf1nxGSsEgt7rKluh7conqAUb83CmfSQn6RhM59gDISdFkBhPCcWGv2KXX7JQrBIC4YCT0jPr1k%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=300, no-transform accept-ranges bytes cf-ray 89e19c0028b39b74-FRA
GET H2	200	187044856.js Show response bat.bing.com/p/action/	1 KB 844 B	64ms 63ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/187044856.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7a14a0fe551572acdc43f34050492d8bd9ffb0e9e312532308fed7b8322c2903 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Thu, 04 Jul 2024 19:44:19 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 0F990CCFDEDC4A56B62C1E07026DDB1F Ref B: FRA31EDGE0506 Ref C: 2024-07-04T19:44:20Z vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 cache-control private,max-age=60
GET H2	204	0 bat.bing.com/action/	0 287 B	102ms 102ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=187044856&tm=al001&Ver=2&mid=c132cc60-0078-45e7-875c-edb20e09ff6a&sid=ce8e26d03a3d11efa7773bc673a3291e&vid=ce8e5c303a3d11ef9ca9f1e3b1608a86&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Flagstar%20bank%20paid%20%241%20million%20in%20bitcoin%20to%20a%20ransomware%20group%20%7C%20Crain%27s%20Detroit%20Business&p=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&r=&lt=3946&pt=1720122256327,,,,,0,23,23,23,144,64,144,3028,3037,3032,3772,3925,3946,,,&pn=0,0&evt=pageLoad&sv=1&rn=929338 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 04 Jul 2024 19:44:19 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 15FEED51094E4A00AB91D029068F3661 Ref B: FRA31EDGE0506 Ref C: 2024-07-04T19:44:20Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	126ms 40ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=637988649571323&ev=PageView&dl=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&rl=&if=false&ts=1720122260468&sw=1600&sh=1200&v=2.9.160&r=stable&a=adobe_launch&ec=0&o=4126&fbp=fb.1.1720122260467.75982426130398745&cs_est=true&ler=empty&cdl=API_unavailable&it=1720122260340&coo=false&rqm=GET Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2835, tp=-1, tpl=-1, uplat=1, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 04 Jul 2024 19:44:20 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	141ms 74ms	Image image/png	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=637988649571323&ev=PageView&dl=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&rl=&if=false&ts=1720122260468&sw=1600&sh=1200&v=2.9.160&r=stable&a=adobe_launch&ec=0&o=4126&fbp=fb.1.1720122260467.75982426130398745&cs_est=true&ler=empty&cdl=API_unavailable&it=1720122260340&coo=false&rqm=FGET Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Thu, 04 Jul 2024 19:44:20 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3153, tp=-1, tpl=-1, uplat=32, ullat=0 pragma no-cache x-fb-debug oItGG0B9FGPjdPJ69/4sXqBZT7UtszCEX0d9YtwLfueZn0Iyq5efiqOFOYMKo5NXUCmFkF1ULsOXaaNaz1WlKg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	simple Show response api.sail-personalize.com/v1/personalize/	289 B 498 B	169ms 169ms	Fetch application/json	99.83.154.140 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=1&okv=%7B%7D Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.83.154.140 , United States, ASN16509 (AMAZON-02, US), Reverse DNS aa7557bb34ea5624b.awsglobalaccelerator.com Software / Resource Hash d930567603f0f6cca71053cb82eb441ce4c620c379319fd6c89bbbabee80dfd1 Request headers x-lib-version v1.0.1 Accept-Language de-DE,de;q=0.9;q=0.9 authorization Bearer 9e4ef7ae863f721d8ef0aa6f15b0ac85 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 content-type application/json accept application/json Referer https://www.crainsdetroit.com/ x-referring-url https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT content-encoding gzip allowedorigins * vary Accept-Encoding content-type application/json access-control-allow-origin * allowedmethods GET,OPTIONS cache-control no-store access-control-allow-credentials true allowedheaders Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin content-length 197 expires -1
OPTIONS H2	200	simple api.sail-personalize.com/v1/personalize/ Frame	0 0	401ms 129ms	Preflight text/plain	99.83.154.140 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=1&okv=%7B%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.83.154.140 , United States, ASN16509 (AMAZON-02, US), Reverse DNS aa7557bb34ea5624b.awsglobalaccelerator.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,x-lib-version,x-referring-url Access-Control-Request-Method GET Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL access-control-allow-methods OPTIONS,GET,POST,PUT,DELETE access-control-allow-origin https://www.crainsdetroit.com access-control-max-age 1800 allow HEAD,GET,OPTIONS content-length 18 content-type text/plain date Thu, 04 Jul 2024 19:44:20 GMT
GET BLOB	200 OK	ad284df1-eecc-428e-867f-38e244015d25 https://www.crainsdetroit.com/	471 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://www.crainsdetroit.com/ad284df1-eecc-428e-867f-38e244015d25 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash fa8309b664ade8f3f20ed3a9b90c1481a49d6557ecd5280c8a1bf729ca2131bd Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Length 482471 Content-Type
GET H2	200	187044856 Show response bat.bing.com/p/insights/t/	712 B 1003 B	179ms 178ms	Script application/x-javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/insights/t/187044856 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/187044856.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 1292bac027e94618dac0a597282f8d0546114e2a43693a977efb078902a021d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers expires -1 strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Thu, 04 Jul 2024 19:44:19 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 89A8053418DF4804AA038BEB3A099E1F Ref B: FRA31EDGE0506 Ref C: 2024-07-04T19:44:20Z vary Accept-Encoding x-azure-ref 20240704T194420Z-168c66d77575t4q9027hv2w62400000003f0000000004h9s content-type application/x-javascript x-cache CONFIG_NOCACHE cache-control no-cache, no-store accept-ranges bytes content-length 604 request-context appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
GET H2	200	pixel;r=1419655033;rf=0;a=p-J_kXLtyWmukpz;url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group;uht=2;fpan=1;fpa=P0-255584366-17201222604... pixel.quantserve.com/	35 B 409 B	58ms 48ms	Image image/gif	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=1419655033;rf=0;a=p-J_kXLtyWmukpz;url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group;uht=2;fpan=1;fpa=P0-255584366-1720122260400;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=pai;gdpr=0;ref=;d=crainsdetroit.com;dst=1;et=1720122260616;tzo=-120;ogl=site_name.Crain's%20Detroit%20Business%2Ctype.article%2Curl.https%3A%2F%2Fwww%252Ecrainsdetroit%252Ecom%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitco%2Ctitle.Flagstar%20paid%20%241M%20bitcoin%20ransom%20after%20cyberattack%20in%202021%252C%20court%20filings%20show%2Cimage.https%3A%2F%2Fs3-rd-prod%252Ecrainsdetroit%252Ecom%2Fstyles%2F1200x630%2Fs3%2F2JEN3RX%252Ejpg%2Cimage%3Aurl.https%3A%2F%2Fs3-rd-prod%252Ecrainsdetroit%252Ecom%2Fstyles%2F1200x630%2Fs3%2F2JEN3RX%252Ejpg%2Cupdated_time.2024-03-13T12%3A21%3A03-04%3A00;ses=1a815f10-b126-421a-8c47-0106e08218bc;mdl= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:20 GMT attribution-reporting-register-trigger {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]} p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame D209	23 KB 9 KB	182ms 100ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 10:19:32 GMT content-encoding br x-content-type-options nosniff age 33888 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9191 x-xss-protection 0 server cafe etag 8778699909409299010 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 18 Jul 2024 10:19:32 GMT
GET H3	200	window_focus_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame D209	3 KB 1 KB	180ms 98ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 10:19:32 GMT content-encoding br x-content-type-options nosniff age 33888 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1229 x-xss-protection 0 server cafe etag 16544991220582087243 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 18 Jul 2024 10:19:32 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D209	205 KB 63 KB	122ms 41ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:19:32 GMT content-encoding br x-content-type-options nosniff age 1488 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64446 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 04 Jul 2024 20:19:32 GMT
GET H2	200	moatad.js Show response z.moatads.com/craindfp44917164363/ Frame D209	10 KB 5 KB	41ms 41ms	Script application/x-javascript	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/craindfp44917164363/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software / Resource Hash 759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Thu, 04 Jul 2024 19:44:20 GMT content-md5 vhllMQq6aHL0wqgkGTf5Aw== storage-tier Standard content-length 3856 opc-meta-btime 2024-04-22T05:24:19Z opc-meta-mtime 1713763459 last-modified Mon, 22 Apr 2024 19:37:07 GMT opc-request-id iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m x-api-id native etag 001ba0e4-6408-48ba-b7a3-18af31904bce vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 438c0f49-c157-4286-81f2-36c01f2a344f access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=37948 access-control-allow-credentials true accept-ranges bytes
GET H2	200	3816578092049288920 tpc.googlesyndication.com/simgad/ Frame D209	48 KB 48 KB	193ms 98ms	Image image/jpeg	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3816578092049288920 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 090aacbb90b265ededde0cabe232448fade91f47a99f3c27c86a10a76153fc4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers expires Wed, 02 Jul 2025 17:07:31 GMT date Tue, 02 Jul 2024 17:07:31 GMT x-content-type-options nosniff age 182209 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48910 x-xss-protection 0 last-modified Fri, 17 May 2024 17:48:17 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 8C2D	23 KB 0	166ms 166ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 10:19:32 GMT content-encoding br x-content-type-options nosniff age 33888 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9191 x-xss-protection 0 server cafe etag 8778699909409299010 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 18 Jul 2024 10:19:32 GMT
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 8C2D	41 KB 14 KB	118ms 41ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 12:51:31 GMT content-encoding br x-content-type-options nosniff age 24769 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jul 2025 12:51:31 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8C2D	205 KB 0	105ms 105ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:19:32 GMT content-encoding br x-content-type-options nosniff age 1488 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64446 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 04 Jul 2024 20:19:32 GMT
GET H2	200	moatad.js Show response z.moatads.com/craindfp44917164363/ Frame 8C2D	10 KB 0	23ms 23ms	Script application/x-javascript	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/craindfp44917164363/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software / Resource Hash 759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip x-content-type-options nosniff content-md5 vhllMQq6aHL0wqgkGTf5Aw== storage-tier Standard content-length 3856 opc-meta-btime 2024-04-22T05:24:19Z opc-meta-mtime 1713763459 last-modified Mon, 22 Apr 2024 19:37:07 GMT opc-request-id iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m x-api-id native etag 001ba0e4-6408-48ba-b7a3-18af31904bce vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 438c0f49-c157-4286-81f2-36c01f2a344f access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=37948 access-control-allow-credentials true accept-ranges bytes
GET H2	200	6505911072655164742 s0.2mdn.net/simgad/ Frame 8C2D	47 KB 48 KB	193ms 100ms	Image image/jpeg	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/6505911072655164742 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2979e593a9290d8c2916b62e49428137930e24e2e8b0bed192c5569d739f918c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers allow-fenced-frame-automatic-beacons true date Thu, 04 Jul 2024 19:44:20 GMT x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48347 x-xss-protection 0 last-modified Fri, 23 Feb 2024 18:56:33 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Jul 2025 19:44:20 GMT
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 9BBE	23 KB 0	163ms 162ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 10:19:32 GMT content-encoding br x-content-type-options nosniff age 33888 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9191 x-xss-protection 0 server cafe etag 8778699909409299010 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 18 Jul 2024 10:19:32 GMT
GET H3	200	window_focus_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame 9BBE	3 KB 0	159ms 159ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 10:19:32 GMT content-encoding br x-content-type-options nosniff age 33888 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1229 x-xss-protection 0 server cafe etag 16544991220582087243 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 18 Jul 2024 10:19:32 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9BBE	205 KB 0	101ms 101ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:19:32 GMT content-encoding br x-content-type-options nosniff age 1488 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64446 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 04 Jul 2024 20:19:32 GMT
GET H2	200	moatad.js Show response z.moatads.com/craindfp44917164363/ Frame 9BBE	10 KB 0	18ms 18ms	Script application/x-javascript	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/craindfp44917164363/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software / Resource Hash 759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip x-content-type-options nosniff content-md5 vhllMQq6aHL0wqgkGTf5Aw== storage-tier Standard content-length 3856 opc-meta-btime 2024-04-22T05:24:19Z opc-meta-mtime 1713763459 last-modified Mon, 22 Apr 2024 19:37:07 GMT opc-request-id iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m x-api-id native etag 001ba0e4-6408-48ba-b7a3-18af31904bce vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 438c0f49-c157-4286-81f2-36c01f2a344f access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=37948 access-control-allow-credentials true accept-ranges bytes
GET H2	200	16400244981329198933 tpc.googlesyndication.com/simgad/ Frame 9BBE	92 KB 92 KB	194ms 122ms	Image image/jpeg	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/16400244981329198933 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0385245653350a6485914c534a36b198879e763872aac60fceccd565808ade5e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers expires Fri, 04 Jul 2025 16:29:05 GMT date Thu, 04 Jul 2024 16:29:05 GMT x-content-type-options nosniff age 11715 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 94409 x-xss-protection 0 last-modified Mon, 19 Jun 2023 19:29:48 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame DC6B	23 KB 0	159ms 159ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 10:19:32 GMT content-encoding br x-content-type-options nosniff age 33888 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9191 x-xss-protection 0 server cafe etag 8778699909409299010 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 18 Jul 2024 10:19:32 GMT
GET H3	200	window_focus_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame DC6B	3 KB 0	157ms 157ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 10:19:32 GMT content-encoding br x-content-type-options nosniff age 33888 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1229 x-xss-protection 0 server cafe etag 16544991220582087243 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 18 Jul 2024 10:19:32 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DC6B	205 KB 0	96ms 96ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:19:32 GMT content-encoding br x-content-type-options nosniff age 1488 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64446 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 04 Jul 2024 20:19:32 GMT
GET H2	200	moatad.js Show response z.moatads.com/craindfp44917164363/ Frame DC6B	10 KB 0	15ms 15ms	Script application/x-javascript	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/craindfp44917164363/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software / Resource Hash 759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip x-content-type-options nosniff content-md5 vhllMQq6aHL0wqgkGTf5Aw== storage-tier Standard content-length 3856 opc-meta-btime 2024-04-22T05:24:19Z opc-meta-mtime 1713763459 last-modified Mon, 22 Apr 2024 19:37:07 GMT opc-request-id iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m x-api-id native etag 001ba0e4-6408-48ba-b7a3-18af31904bce vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 438c0f49-c157-4286-81f2-36c01f2a344f access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=37948 access-control-allow-credentials true accept-ranges bytes
GET H2	200	350966017200814153 tpc.googlesyndication.com/simgad/ Frame DC6B	42 KB 42 KB	240ms 173ms	Image image/jpeg	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/350966017200814153 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b49663b9bdc39b20c8db4e981ff1328909d930c2af0007a2c64cf484cc645d93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers allow-fenced-frame-automatic-beacons true date Thu, 04 Jul 2024 19:44:20 GMT x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42908 x-xss-protection 0 last-modified Thu, 23 May 2024 17:40:12 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 04 Jul 2025 19:44:20 GMT
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 8F39	23 KB 0	156ms 156ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 10:19:32 GMT content-encoding br x-content-type-options nosniff age 33888 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9191 x-xss-protection 0 server cafe etag 8778699909409299010 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 18 Jul 2024 10:19:32 GMT
GET H3	200	window_focus_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame 8F39	3 KB 0	154ms 154ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 10:19:32 GMT content-encoding br x-content-type-options nosniff age 33888 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1229 x-xss-protection 0 server cafe etag 16544991220582087243 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 18 Jul 2024 10:19:32 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8F39	205 KB 0	93ms 93ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:19:32 GMT content-encoding br x-content-type-options nosniff age 1488 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64446 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 04 Jul 2024 20:19:32 GMT
GET H2	200	moatad.js Show response z.moatads.com/craindfp44917164363/ Frame 8F39	10 KB 0	16ms 16ms	Script application/x-javascript	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/craindfp44917164363/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software / Resource Hash 759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip x-content-type-options nosniff content-md5 vhllMQq6aHL0wqgkGTf5Aw== storage-tier Standard content-length 3856 opc-meta-btime 2024-04-22T05:24:19Z opc-meta-mtime 1713763459 last-modified Mon, 22 Apr 2024 19:37:07 GMT opc-request-id iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m x-api-id native etag 001ba0e4-6408-48ba-b7a3-18af31904bce vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 438c0f49-c157-4286-81f2-36c01f2a344f access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=37948 access-control-allow-credentials true accept-ranges bytes
GET H2	200	12328937770629736648 tpc.googlesyndication.com/simgad/ Frame 8F39	51 B 397 B	114ms 51ms	Image image/gif	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12328937770629736648 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a926196a97d8e400c8c714bcc663de7e30e226928ed7432e3c8f03ba9183eab3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers expires Wed, 02 Jul 2025 16:01:59 GMT date Tue, 02 Jul 2024 16:01:59 GMT x-content-type-options nosniff age 186141 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51 x-xss-protection 0 last-modified Wed, 13 Apr 2016 17:30:40 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H2	200	container.html 3112c522fd5c70d94d7c8ed7599efd7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 980A	0 0	0ms 0ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://3112c522fd5c70d94d7c8ed7599efd7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 04 Jul 2024 19:44:20 GMT expires Thu, 04 Jul 2024 19:44:20 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	12328937770629736648 tpc.googlesyndication.com/simgad/ Frame D631	51 B 0	102ms 102ms	Image image/gif	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12328937770629736648 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a926196a97d8e400c8c714bcc663de7e30e226928ed7432e3c8f03ba9183eab3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers expires Wed, 02 Jul 2025 16:01:59 GMT date Tue, 02 Jul 2024 16:01:59 GMT x-content-type-options nosniff age 186141 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51 x-xss-protection 0 last-modified Wed, 13 Apr 2016 17:30:40 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame D631	23 KB 0	143ms 143ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 10:19:32 GMT content-encoding br x-content-type-options nosniff age 33888 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9191 x-xss-protection 0 server cafe etag 8778699909409299010 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 18 Jul 2024 10:19:32 GMT
GET H3	200	window_focus_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame D631	3 KB 0	142ms 141ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 10:19:32 GMT content-encoding br x-content-type-options nosniff age 33888 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1229 x-xss-protection 0 server cafe etag 16544991220582087243 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 18 Jul 2024 10:19:32 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D631	205 KB 0	80ms 80ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:19:32 GMT content-encoding br x-content-type-options nosniff age 1488 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64446 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 04 Jul 2024 20:19:32 GMT
GET H2	200	moatad.js Show response z.moatads.com/craindfp44917164363/ Frame D631	10 KB 0	3ms 3ms	Script application/x-javascript	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/craindfp44917164363/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software / Resource Hash 759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip x-content-type-options nosniff content-md5 vhllMQq6aHL0wqgkGTf5Aw== storage-tier Standard content-length 3856 opc-meta-btime 2024-04-22T05:24:19Z opc-meta-mtime 1713763459 last-modified Mon, 22 Apr 2024 19:37:07 GMT opc-request-id iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m x-api-id native etag 001ba0e4-6408-48ba-b7a3-18af31904bce vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 438c0f49-c157-4286-81f2-36c01f2a344f access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=37948 access-control-allow-credentials true accept-ranges bytes
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame C0FF	23 KB 0	143ms 143ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 10:19:32 GMT content-encoding br x-content-type-options nosniff age 33888 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9191 x-xss-protection 0 server cafe etag 8778699909409299010 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 18 Jul 2024 10:19:32 GMT
GET H3	200	window_focus_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame C0FF	3 KB 0	139ms 139ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 10:19:32 GMT content-encoding br x-content-type-options nosniff age 33888 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1229 x-xss-protection 0 server cafe etag 16544991220582087243 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 18 Jul 2024 10:19:32 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C0FF	205 KB 0	78ms 78ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:19:32 GMT content-encoding br x-content-type-options nosniff age 1488 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64446 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 04 Jul 2024 20:19:32 GMT
GET H2	200	moatad.js Show response z.moatads.com/craindfp44917164363/ Frame C0FF	10 KB 0	0ms 0ms	Script application/x-javascript	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/craindfp44917164363/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software / Resource Hash 759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT content-encoding gzip x-content-type-options nosniff content-md5 vhllMQq6aHL0wqgkGTf5Aw== storage-tier Standard content-length 3856 opc-meta-btime 2024-04-22T05:24:19Z opc-meta-mtime 1713763459 last-modified Mon, 22 Apr 2024 19:37:07 GMT opc-request-id iad-1:kQG3F9T20odz2mCgXBBGW_ynPK1zMzGfM6dLqaoZkFHxJ_a9sIL2OZss5n8kH02m x-api-id native etag 001ba0e4-6408-48ba-b7a3-18af31904bce vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 438c0f49-c157-4286-81f2-36c01f2a344f access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=37948 access-control-allow-credentials true accept-ranges bytes
GET H2	200	18256354491650367849 tpc.googlesyndication.com/simgad/ Frame C0FF	56 KB 57 KB	87ms 52ms	Image image/jpeg	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/18256354491650367849 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f0af82fc463fc150f483e2fca58459c45d12fd72a77c40dfb7acbd5b21c26c5b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers expires Tue, 01 Jul 2025 04:23:33 GMT date Mon, 01 Jul 2024 04:23:33 GMT x-content-type-options nosniff age 314447 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57755 x-xss-protection 0 last-modified Thu, 25 Aug 2022 15:45:11 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame D209	0 26 B	141ms 110ms	Image image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstYyX9TXPHqvqznuznV1qt-z0zqkpXhXXhRsCZe8188vtS_oRM-nCH2q3DRbYlfgM-7dB5l1IuHuvvlPNAIxY4FcZ7EPf5S0nvFKZZbOCEWVYAlrP8D9fDCEpZid0eaSw0kp83FPY67ANtLralypHn-OXdhFjirGLJoQI6kOWd_2eNpPWZBlNRQpNSkQFDO9LKSfjloDk-mWhS4eDItlqGJfqdjy--kHfhflbGhUc56XYL6apZBZjOR_SFCD3vQzm94S70CtznVpIUh6qGGWN9h0e6_YX15AfUvMXH0Yz3XKjYroVvCYNWr4D0czpYC7ACiiv6q9Q08xqx4RypxJgnCbRvegFzQZKqZYAhhHvtrxahExY4pFfomwDqfKT4j15EimDmJPh4&sig=Cg0ArKJSzIunNO35tL2HEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 8C2D	0 26 B	141ms 110ms	Image image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv7YkAkq8e7TqVBfuuKBp_I5RP_duqiTVw4_gZAqkSXobW-FIzMMhBLCTGXpCObhozh5GoK5FMJkP4R8hfYwb7oc_UpMACrDlYvJBhsYrJrCUC87EgnqQnDbNN5I60yPNGEtHg0VAZ2fw-LXqCn-YObIxHZE8YljLvOv-izNiNY1VYrzhWxxNXvKAr9OfrKbcykB-GxXpVlNLIuzoxoTVoJqns6xMR2Yy5KEZwKWLiWF2AOB91QpEDzFe-xR0Ni59otdK_NZmgBLD9m-kA2FSGuerdUGEPYEBEQwzsbbX1Z8vJ5IDYAJ_u002OYgQDBdG6qlOc0bhbP1k9fsmJaKc6v14Xnf9GFJfhczci6BgVF---nDrNFJingN-X9m4K3i1NS-iA_MOAZ0KXuRIcozWV5xE1QLJHShEym21jTwuN8XOcz3H8kT3IvsrGEyCiiE51iPA&sig=Cg0ArKJSzKB4eFmLE6wLEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	utsync.ashx ml314.com/ Frame 8C2D	43 B 59 B	74ms 74ms	Image image/gif	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/utsync.ashx?eid=69120&et=0&dc=CDO_MEDC&cb=2095120370&gdpr=&gdpr_consent= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:20 GMT via 1.1 google server Google Frontend content-type image/gif p3p CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0,Fri, 05 Jul 2024 19:44:20 GMT
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 9BBE	0 26 B	139ms 109ms	Image image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsscaaRRdfRBNnZeotSXPvZQSe0uEHOjElGmtg3dHsThOTdKrephKGut9Ram5gdGo1y0WBHTLGOO_rrNPLyRrS-0u7rTu-lSkgxtZCMnpHGXDbsy1JRMPla34JTwRr2RKj4imXgU_NCPlT4s7bRLHj9w3g7pafbM5fiCKwN_qW8TvGpsM0-ZLEveZLJ9IW4Sr5HG6Cdo-UqbZqIciV32xjX18HO5aOO9zQn6kdTRUa3srBAB76xs97902EUW0S9hKODoBFXkjFktKw_iCC71Ho74D9lJhj9jLb9dPMLuMT4deofvdb6xbuDMnqxKFBGNfG-C20zcbyMXcp9SMwRVCkhTbx2VTyOR6fBadBhmTw2oBd7l8NKyYvK3gbhdPToZTzgMlL6fozU&sig=Cg0ArKJSzGREkexZpRUREAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame DC6B	0 26 B	140ms 110ms	Image image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv4ign-QuqBg5zwdRUFE4joi5IGKo6jtr_i0WIxEGCkB3hNnjGPBD6hl6_xx8PxfxbVjkaopwQDtvi4G_0NT60q7u5pOxOKMls4i5hioRHk1BYmbIljPkXbZYhNl4KiV7duikeGgnICNTHLIkAlQCzBCs64bOMOI1dwR2bkr-dYTsNnbb2eAUv6jiXsoFKx5EnRr5qj3ZG4upSSAOY4ERu7qvK7vCwcU94TwlRVNvdLThRWGkoIIhHFjcwVvZdeFKm-jTjvXBgg1k-I4MBmm2oxskm4CLGXaQqaBu15mRHC-znU62HfEK84NaCYSutk9Z0wuFH9jbjjhky5JzjKSgcybcE3h0rgawzzmhQR5kUeO77s3gqjN9LYc_hl1NCPFvb62dEh81o&sig=Cg0ArKJSzAphuR0KlB1uEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 8F39	0 26 B	139ms 109ms	Image image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvquoOzTr8ktRtv9vBwTMAPLwMpEP4s9LiibbcNo4_DNszr04xDRcVcxwi8adXs_9RuSMPlkkw6TAnU_t_j2w4z-dZTm3H7NfSwWvmegwkNghcgviI0Y94CKnNEbrLsMN5DFKqrVs9MRdndsaybalz6_E9KaQkctNHeu0YRp55vok72OiUK4e2cUuaizHb2cRbANy4z5QLiD-2dsA0IctMFc9e0HXd_ZkcWsIjpGDfuXpVn5YgnlXefph4g_35yo3EIrL4nQPg2huVitH8VYVs9u9djl4vEmX_DUyy3QsBbs8eOzPq7TUD2AvccHisjTTSQ_g7c2WwXw1l3J1gjklGbjvX619Wn_wUQl-io6VIzIDMZvkKTF8yNMOmXed_2gZoxmxH1SLY&sig=Cg0ArKJSzKZaNKnXLXAsEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame D631	0 26 B	140ms 109ms	Image image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstWRzlpSUFWsaOqWhwGKlVeyV5Fx9knQl_YrYlU1KXuUVgZKjJzndQjhBiJyU1SzD0-JFq1iX3aZ9aepZlTk2oIabuco2bzV1U59Nvu-0Flh1BukjAJdxDpyfblU82vkx2QkeEqcr7vwpmKwvlodb8UapGCh2SEX3qmB9lb0RC02t99f7aSUrA2sYpvqvmLp_d16zui8h6jkXZ1lOxZ75GlXUyi7FL0f2ahetGTokh8OVNoM0RN6lLHmYh9HZLIkSAN33WKJLRBOXbxuv93gQl2Dj3Fib5jP1Pj7XDPzi7NFDzfwCNyr0C2tMsNCngm3ycNH7ghG7OuMxh6y33b3yrp9jtFrvzA98bDXwcnhuMrkGEzUPtO1VilF8S6vJbAESmJCPCmfZc&sig=Cg0ArKJSzGgOppESJGpaEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame C0FF	0 26 B	139ms 109ms	Image image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsunthe6IdHOUcUT5yoekKcrv9GUuc2a2-xqQIz6ZuJs77w4dxJJ7Ngyotemgkgn3Ie4QQtF_XfM6tSS_fXl9ZeGSCvi8_TYzOfw1NquDN0Il4KOzobsjcl5bqT5Lymr9YMpPXB0TU47jKSaJR3ocQQTP3ZA3cRiqOkBzoSO2lnsXWowK9FU_axJ4hEEsWpRGIHP9Vdw1AEb6OgFtKn7xUIVHAmyQcO-yndc3K1dY112jco02OzElObUDdIv6y-A6bCTTu-ZE7ajHlKmuxv0QWFkvEfjjhfEu8F-qVumyjkY9_sDNJ1GrtbuOCEzAvwBMOxgxzJMU2d294MLHNRz-XbWY4NfL2MTCco-QdUOYFhvwI7GSwTmgTQm5TYgR-GXX--SxWWI6zk&sig=Cg0ArKJSzN_0G581X3HfEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET DATA	200 OK	truncated / Frame D209	453 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9435233f49f5fde7b729c757668633d05c3bca4dba149f5a8786fcf92c3a6c9b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 9BBE	558 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2b5c86e8efac29d6d8434ced5d6fdbb3cb3c6efb80dfc1e6fc67a101936f9929 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame DC6B	546 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 959ae898da475359ef38a521f384ddf17a0b76cfc05ae50463854ee848d1fd77 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 8F39	363 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0c8760817bb33f39ac7b7c5b1d66cc91ce550b0f550aa52ba69ac6fab4176915 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame D631	367 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 36b881c78245ab5c59e945230cab68a87e1d4c6ffa6ac14f4bad5c8d2302f2d5 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame C0FF	452 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bf107ab962b92742cc6b40ddba0687bd2e7872701204d0aad9023540e72d5f75 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
OPTIONS H2	200	location www.pelcro.com/api/v1/sdk/ Frame	0 0	76ms 76ms	Preflight	2606:4700:10::6816:958 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/location Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers cache-control,x-pelcro-sdk-version Access-Control-Request-Method GET Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers cache-control,x-pelcro-sdk-version access-control-allow-methods GET access-control-allow-origin * cf-ray 89e19c024ade916a-FRA content-length 0 date Thu, 04 Jul 2024 19:44:20 GMT server cloudflare vary Accept-Encoding
GET H2	200	location Show response www.pelcro.com/api/v1/sdk/	66 B 136 B	87ms 87ms	XHR application/json	2606:4700:10::6816:958 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/location Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d92dc4ef46f39dae0b2908c18f8f0623acfd88bc861da9378e7d2393f092228 Request headers Accept application/json Cache-Control max-age=0 Referer https://www.crainsdetroit.com/ X-Pelcro-Sdk-Version 2.17.0 Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-origin * date Thu, 04 Jul 2024 19:44:20 GMT content-encoding br server cloudflare cf-ray 89e19c02cbf3916a-FRA vary Accept-Encoding content-type application/json; charset=UTF-8
GET H2	200	0.7.32 Show response bat.bing.com/p/insights/s/	35 KB 15 KB	71ms 71ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/insights/s/0.7.32 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/insights/t/187044856 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ad367e536c20c594229b6d90ac4097730886eac4f8e11b07e908e584a62b1268 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Thu, 04 Jul 2024 19:44:19 GMT x-cache CONFIG_NOCACHE x-fd-int-roxy-purgeid 51562430 content-length 14999 last-modified Fri, 10 May 2024 17:30:37 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 5190BDEB2B624ACEBD71DD41A0A53B5D Ref B: FRA31EDGE0506 Ref C: 2024-07-04T19:44:20Z etag W/"0x8DC7116E7C400CE" vary Accept-Encoding x-azure-ref 20240704T194420Z-175547d8978vjknrwu5zfsr29w00000003ag00000000bbs9 content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id fe8f755c-601e-0050-278c-ccec8b000000 cache-control public, max-age=86400 x-ms-version 2018-03-28
GET H2	200	62bHydCX.html tpc.googlesyndication.com/sodar/ Frame A6BD	0 0	120ms 118ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes age 21990 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 04 Jul 2024 13:37:50 GMT expires Fri, 04 Jul 2025 13:37:50 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D209	0 0	192ms 192ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	tag.aspx Show response ml314.com/	37 KB 12 KB	44ms 44ms	Script application/javascript	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ml314.com/tag.aspx?462024 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 773a28cc9ac8062b38482769d1f03d92a6487d5775d439cff1c8b5be61fdd6d7 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:19:23 GMT via 1.1 google content-encoding br age 1497 x-guploader-uploadid ACJd0NpBeT6Z-Ts77hXkcaeWdP0-eK5E_7XDVHW33PNNFYgiu-D4crA9qQnpqNbOjkUNnJHn1uo x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12140 last-modified Wed, 12 Jun 2024 23:47:10 GMT server UploadServer vary Accept-Encoding x-goog-generation 1718236030191817 x-goog-hash crc32c=jdP4zA==, md5=YRx2m1aKFpugF5vA5Ps9ng== content-type application/javascript cache-id FRA-fa985ced cache-control public,max-age=3600 x-cache-hit hit x-goog-stored-content-length 37568 accept-ranges bytes
GET H2	200	ii.js Show response mb.moatads.com/	127 B 202 B	60ms 60ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/ii.js?lineItemId=6727407095&callback=lineItemInfo6727407095Callback_8048505 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash b79a41cc09cf59914dfcf1a9a7dc12380a51564876f512dd9ff4fd30e5c221a0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:20 GMT server istio-envoy etag "fbf0398cf9e5d3ff58abf0f474277c1d96a04e70" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 7 timing-allow-origin * content-length 127
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	51ms 41ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1720122260074&de=589316806318&rx=690224576986&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=2&cb=1&cu=1720122260074&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6727407095%3A138476415646&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3937%3A3937%3A0%3A3772&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&fs=208210&na=816017936&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:21 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame DC6B	0 0	359ms 192ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 8C2D	0 0	76ms 76ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst39t1M8ddKZMd3xtestegRSxWvb_-ADgNyBHtLEDIajABXGGwsVgItquRl1tJ8ElvX82pTzFIy5c-nz8sTv5zIvhkR2K0YP3Rh8j2X2nr-7SoQC4U_9Qd1lU9ejnu9-Mn_xGGL_uYGPHqqU8JYN08z_7-Eqw7c19vjHgs3amYpYgXl6oTL9d82Yy4wVTMoPPdVdqbUBApvn7jKlku5tCtbuNAcvDWS1fO2nJsLHwtKznmaa4tg3lBiVUMAlvipJnflH8HHa7AqGM6UJKZKiFFOvC98GJSQCHxX1yMPKjmkdacnXOabDoZ7EYPEbMhNFwRccHKRDHQcaN6WVCSrRwkn8VQqWIbFgzKwBPwk4h_3JqnhZ-d8-nkF84EFsS9_pxoEjAj3Bq3B18yYsUs&sig=Cg0ArKJSzAdWUIOCOo36EAE&uach_m=%5BUACH%5D&urlfix=1&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:21 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET		gen_204 pagead2.googlesyndication.com/pagead/ Frame 8C2D	0 0
GET DATA	200 OK	truncated / Frame 8C2D	446 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7bf8eb1e5ae84901fa1e39b284bbab11679f277adb7e8e11a4fd96779cfa9816 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET H2	200	pixel.gif px.moatads.com/ Frame 8C2D	43 B 251 B	43ms 42ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&d=CRAINDFP1%3A104555044%3A415459684%3A-&de=703897948343&t=1720122261010&i=MOAT_FEATHER_DEBUG1&gw=craindfp44917164363&cm=10&f=0&bq=0&ar=9cc5b3e58a7-clean&iw=b7274d2&dMoatOQs=moatClientLevel1%3D5380082830%26moatClientLevel2%3D3288784764%26moatClientLevel3%3D6437715829%26moatClientLevel4%3D138465745439%26moatClientSlicer1%3D104555044%26moatClientSlicer2%3D415459684%26zMoatPS%3DLB_02%26zMoatMData%3D1%26zMoatMMV%3DslotNoSlotData%26zMoatMGV%3DslotNoSlotData%26zMoatMSafety%3Dunsafe%26zMoatSZ%3D970x90%26refresh%3D1&fq=1&sy=1&gh=0&wb=0&g=0&na=324586401&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:21 GMT
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame C0FF	0 0	75ms 74ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsspaKbXuzT9YAFj3Eus2OUzaJZpTnMBCpmgDcNTXCBExrU_f-H851Fu0cpthcncx0LCD92vp1RwYJwvxiZlhTbIDzDG3YCyW2v-px4xZszVmSfN41itmdoc1NliYd0b5oUOyLeS7WEjgwWeB_9RhN-QT69W9uI9S_lPAY52A0sVcozGrWy2dmjN7oBhfonFs5S-qB4tzc3jFYGQzc6G4Pv31gxZQ3cLAGo1QlL2VIvlQDK2ElQKph0Z3j97LFyDVi6N5uP6wFU_qx3nlPq6lBHqXATQbCpkZI6d1CgJNRVOrLj6qguYKmnQU1_pVUoCvyIY0eSbEOf6nE8SzjHiGVIe4_8pZu2iXupN57IT081yqX0QIcuQljjH9pysK1s7MgBxdy6SE7H7UQ&sig=Cg0ArKJSzNcTasSN_f10EAE&uach_m=%5BUACH%5D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:21 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C0FF	0 0	710ms 192ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ii.js Show response mb.moatads.com/	42 B 141 B	59ms 59ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/ii.js?lineItemId=6091333837&callback=lineItemInfo6091333837Callback_8048505 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash 1a694f1400e07844d02b432743c7248b4d5d779ec442ceaf15bae405b407df58 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:21 GMT server istio-envoy etag "baa6a67105b754b2f62fefb2e6f01e442dcaa6dd" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 6 timing-allow-origin * content-length 42
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8F39	0 0	885ms 189ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 9BBE	0 0	75ms 75ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu_LcmeWpD7kUDRJEK0_gTmosku0YwVU2JwAZ9MFO93lF_3Wu-bQw_-PQGgjHoDGS8XRuuRaJtjdHtQgu321JNtHclsiRFZ4KDndDkf0WW9POYp6ggGHWkuIlrnZBqikIIjVyLtpKDPAg0IhBMy0_k46KG4dIA8n1YSwy_LRgq99hobIgbvigpQD3_QxKgCUGBSlwDWRUiFuDeDibcHIoBjIEvllvDFITmYwNJXEfY2GWNqQRvnCfY5h9WJlX-bS7BilTj5kRwzwUIHDmLrHhQ3wRHE--ixiiO1hdwl-ngFjFf-pM2Z37W4I-qyZ71fOuBixDey2ZDVpQJpTvWKQddNSyrd2z075Q1tQxFfuOZegI_qAHrtUQrnw5guIBleiJxAFK3b2eWNjA&sig=Cg0ArKJSzMQI4K3RNZscEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:21 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 9BBE	0 0	1058ms 192ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:22 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ii.js Show response mb.moatads.com/	42 B 115 B	60ms 60ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/ii.js?lineItemId=6439686130&callback=lineItemInfo6439686130Callback_8048505 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash 2505f05d9a747ee1bd3fb775a879c18bdf89c0566a6174ff06cf1ae685b3121f Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:21 GMT server istio-envoy etag "125c1f61d6e8d5e27700a78470974299245a7d6e" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 6 timing-allow-origin * content-length 42
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D631	0 0	1234ms 188ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:22 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	204	5070 www.pelcro.com/api/v1/sdk/ecommerce/products/site/ Frame	0 0	325ms 325ms	Preflight	2606:4700:10::6816:958 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/ecommerce/products/site/5070 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers cache-control,x-pelcro-sdk-version Access-Control-Request-Method GET Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers cache-control,x-pelcro-sdk-version access-control-allow-methods GET access-control-allow-origin * access-control-max-age 0 cache-control max-age=0 cf-cache-status DYNAMIC cf-ray 89e19c03de08916a-FRA date Thu, 04 Jul 2024 19:44:21 GMT expires Thu, 04 Jul 2024 19:44:21 GMT referrer-policy strict-origin-when-cross-origin server cloudflare vary Access-Control-Request-Method, Access-Control-Request-Headers x-content-type-options nosniff
GET H2	200	5070 Show response www.pelcro.com/api/v1/sdk/ecommerce/products/site/	17 KB 2 KB	218ms 217ms	XHR application/json	2606:4700:10::6816:958 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/ecommerce/products/site/5070 Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61b93c2e5145487248cd845c1310da68836a27be1e547eb4e2b932ac49426f99 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json Cache-Control max-age=0 Referer https://www.crainsdetroit.com/ X-Pelcro-Sdk-Version 2.17.0 Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:21 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Thu, 04 Jul 2024 19:39:46 GMT server cloudflare vary Accept-Encoding content-language en access-control-allow-origin * content-type application/json; charset=utf-8 cache-control max-age=0 cf-ray 89e19c05e9e7916a-FRA expires Thu, 04 Jul 2024 19:39:46 GMT
GET H2	200	main.min.js Show response js.pelcro.com/ui/plugin/crain-detroit-business/	1 MB 337 KB	44ms 44ms	Script text/javascript	2600:9000:2491:f200:c:b42a:3740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.pelcro.com/ui/plugin/crain-detroit-business/main.min.js Requested by Host: js.pelcro.com URL: https://js.pelcro.com/sdk/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:f200:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 638297b75f75befe7efeb3ab8ef5f20d99e7f32919f68053ead445e50c903e73 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 07:48:55 GMT content-encoding gzip via 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront) last-modified Wed, 01 May 2024 09:33:00 GMT server AmazonS3 x-amz-cf-pop FRA56-P7 age 42927 x-amz-server-side-encryption AES256 etag W/"27a72262018ce16b0f6881c85dbf49be" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 x-amz-cf-id 2r5igvxcWOZixxgoWJ2NKBZH-0kBFncKdSc1MpjEGkXC6O8bwsS9Jw==
POST H2	204	h Show response bat.bing.com/p/insights/c/	0 214 B	136ms 136ms	XHR text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/insights/c/h Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept application/x-webinsights-gzip Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 04 Jul 2024 19:44:20 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 91662F82C16548A48B010C76C8A8F3E1 Ref B: FRA31EDGE0506 Ref C: 2024-07-04T19:44:21Z vary Origin x-cache CONFIG_NOCACHE access-control-allow-origin https://www.crainsdetroit.com access-control-allow-credentials true request-context appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame D209	0 0	75ms 74ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstpnnlpL2k4Rsz8HKJmCKcsnSEXtveFEmDSg5XJb-IW9pNGttrBeVPjXjvzCFyUA13e3J4RhjRPJomSowJvXjWWwjzsLVbdFkWVdZMwnz9ZCluYxvpPK3CXzLULp7nztU2_V_8F6r3CPT2Zs_frEnjfSQX9knHhNV2_aazMf_62hEzYzU75PdSSHFHCiNffSWfWkqqmqlZOXaS5HnNgKGZoMkXZ-7ayfMeapu6pFFF1bhI_idXZdOrFHJYBM9IjxMU0W3GN6s3r2WIQDESh2zg3DrSolqFXXZ0IARPdfcTWwuqSpb-rJaU2AsfniwjCLJFNlUXsPl1CmrPgTIOp-Xu4UzuVspgE8ONGs7jtmr22qcfui1EWFKbCpTD_l_qXOgijUwIEJ4hOcQ&sig=Cg0ArKJSzIZomCQvuucIEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:21 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	58ms 58ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.crainsdetroit.com%2F%2Fbanking-finance%2F-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqqRb9TZjaOdT2EB%2BBOA3JNdQP%2Fi2v2zr%2Bdj46WSY9fIj4B2PAB1iav4pxs%3D&rs=1-cQYmwN5deVpMDA%3D%3D&sc=1&os=1-DQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&bq=11&g=0&h=90&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=112&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1720122260074&de=589316806318&rx=690224576986&cu=1720122260074&m=904&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=112&lb=5061&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3937%3A3937%3A0%3A3772&as=0&ag=71&an=0&gf=71&gg=0&ix=71&ic=71&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=71&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=141&cd=0&ah=141&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6727407095%3A138476415646&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=DOMSEARCH&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=208210&na=1988713395&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:21 GMT
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame DC6B	0 0	74ms 74ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssrkgCRZy-RfJkvaBND7zhmm1h_muLb9ucnOfviT1WeagQ6OcUkCi20jvkc-vkSpGmwa98x9w7xupyr2WzMWFBXMrueLTRmUYlovdtjpIjYSUdAvlKrJO6WAAX7aANxR-8iXnPKSd3NVSVqUvtzO8yr6lueoAnO1uEi6uyTIWM_YgpGE5UKS4qV_A__xgyxl_vUgvtem0SVRwreYJYYXqqhhnYA6QKEQHR7QJiC0iyF_JLXpeF9hvIM9xUB-5tYjT0svC0IP9pYv_uG_7dY1tKG3LE42W_3-S3GUlHOB682DM17XaHXXxEdGWdqxTn6Zb-QygPTT9w8Tz5IyVIQh3KnB61Wohm9uk0WxmB6Xrm7t8WhY3rLZIvvsfGqoRIcMHUVHXGGBFiQgg&sig=Cg0ArKJSzItC_u5Nm1HFEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:21 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 8F39	0 0	75ms 75ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssijWtQzY8Fw32CpyYM06AKrzoLxfdpPfBNNPVH-NkTkZmW4WBoagqteX8NVtlb9WE95d1YMfCc58uJT1UGMWrN1XffCtOuAApjNVlb8ChwOnurfsKAxGbG8tk6DgkZxYus6zjfvoFKseRcVz-RokcHWlSBibIYACXtLf_YmuGk6nGKA1xmLD2NJLUXPin98TPYm9EZxsUANAp_1pec3lxj1BnarljPRahVYhmcqxX4Zx1uPa--PGBfmp4UOfa_mdfQRC1-tltYd0SNAtagR3bwEHDru3j9RWfVB4hdAMTeKww4tXEVM6FEVl3kdcrzXoPYwnGVAGqlCQa4L5d-f-ScfbKyyjNHNRiUxEG-rtCCsrNH2BxiRz3Z6TCwjeh48rKeXkmM4fbQDw&sig=Cg0ArKJSzLjOJYs-OCkKEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:21 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame D631	0 0	74ms 74ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssrRDryAPyQ56evon0g8XjR6G75STst0V1C4wCKgG3_DZVK-vqDodQFxLrK2xDcSDUv5gu_33X8gg5m04WvjP-5iFrsV86eQg_ok5tGIAxD1MErGRzbkLlrTxMCW_SpLDoJCVXlyeymTfqlG-NWdVmGhdOTPDgfAV_X0TuuykYoU2fo_7qMCKAu6wkDXcfa0FmEs9q9ci4XGCvTRxY2j7dVF_B-4SBw3fATQIQd1ZIvWOleNw9vVbT93noOUpNqazQTrs4_OmXfYaUZF7W9LsxqyNQaRO4nUUarW5WXnCgGHKVMIjk9fOjEwfmrHbzMwxxksRvi4vkbViF4e7YuNufqxXq_uBID6XGHmvkNk5WtNSoW8U1I1dyqz5kfqiuJfEovraTJ7AuBFg&sig=Cg0ArKJSzOSI8bpvyyYDEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:21 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	42ms 41ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1720122260074&de=552129213874&rx=690224576986&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=3&cb=1&cu=1720122260074&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6728136603%3A138476348877&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_02&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x600&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3937%3A3937%3A0%3A3772&tz=REC_02&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=1480708398&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:21 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	41ms 41ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1720122260074&de=661053719271&rx=690224576986&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=4&cb=1&cu=1720122260074&ll=2&lm=0&ln=0&em=0&en=0&d=5380082830%3A3288784764%3A6437715829%3A138465745439&zMoatMMV_MAX=slotNoSlotData&zMoatPS=LB_02&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=970x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3937%3A3937%3A0%3A3772&tz=LB_02&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=1176291574&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:21 GMT
OPTIONS H2	204	authorization www.pelcro.com/api/v1/sdk/members/ip/ Frame	0 0	639ms 639ms	Preflight	2606:4700:10::6816:958 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers cache-control,x-pelcro-sdk-version Access-Control-Request-Method GET Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers cache-control,x-pelcro-sdk-version access-control-allow-methods GET access-control-allow-origin * access-control-max-age 0 cache-control max-age=0 cf-cache-status DYNAMIC cf-ray 89e19c0548a2916a-FRA date Thu, 04 Jul 2024 19:44:21 GMT expires Thu, 04 Jul 2024 19:44:21 GMT referrer-policy strict-origin-when-cross-origin server cloudflare vary Access-Control-Request-Method, Access-Control-Request-Headers x-content-type-options nosniff
GET H/1.1	200 OK	apple-pay-sdk.js Show response applepay.cdn-apple.com/jsapi/v1/	162 KB 48 KB	157ms 39ms	Script application/javascript	2a01:b740:a10:f000::209 APPLE-AUSTIN
General Check archive.org Show headers Download Go to Full URL https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js Requested by Host: js.pelcro.com URL: https://js.pelcro.com/sdk/main.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a01:b740:a10:f000::209 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN, US), Reverse DNS Software Apple / Resource Hash afd584eb5736dd0208473226960ee2d03ca960465d28b21bf9e3a610c70899e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers Date Thu, 04 Jul 2024 07:06:14 GMT strict-transport-security max-age=31536000; includeSubdomains x-content-type-options nosniff content-encoding gzip Age 45487 X-Cache hit-fresh, hit-fresh CDNUUID 79496cfe-2ed8-46a9-a26a-18d154fbf2be-6456443432 x-envoy-upstream-service-time 1 Connection keep-alive Content-Length 48790 x-xss-protection 1; mode=block apple-tk false Server Apple apple-seq 0 x-conversation-id 70ff333f-acf3-69bf-e82f-144dfac0cb80 apple-originating-system wp-content-server-prod1-use1 vary Accept-Encoding Content-Type application/javascript access-control-allow-origin * cache-control public, max-age=86400, stale-while-revalidate=86400, s-maxage=86400 access-control-allow-credentials false
GET H2	404	authorization Show response www.pelcro.com/api/v1/sdk/members/ip/	76 B 171 B	441ms 441ms	XHR application/json	2606:4700:10::6816:958 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee2057b29ca580da0aab4aa5c20f0cf9204c5e80025bbcaa343ecefbf0b0f420 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json Cache-Control max-age=0 Referer https://www.crainsdetroit.com/ X-Pelcro-Sdk-Version 2.17.0 Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:22 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-language en access-control-allow-origin * content-type application/json; charset=utf-8 cache-control no-cache, private cf-ray 89e19c093830916a-FRA
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	41ms 41ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1720122260074&de=770921968750&rx=690224576986&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=5&cb=1&cu=1720122260074&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6091333837%3A138402123355&zMoatMMV_MAX=slotNoSlotData&zMoatPS=LB_03&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3937%3A3937%3A0%3A3772&tz=LB_03&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=1341068735&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:21 GMT
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 198 B	186ms 186ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept * Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 04 Jul 2024 19:44:20 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: D047A8826C3E4868900EA3247DB0123E Ref B: FRAEDGE2012 Ref C: 2024-07-04T19:44:21Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 access-control-allow-origin https://www.crainsdetroit.com x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYccSxcQgGIYyG+sQSc3g==
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	54ms 54ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F18256354491650367849&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqqRb9TZjaOdT2EB%2BBOA3JNdQP%2Fi2v2zr%2Bdj46WSY9fIj4B2PAB1iav4pxs%3D&rs=1-cQYmwN5deVpMDA%3D%3D&sc=1&os=1-DQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&bq=11&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1720122260074&de=770921968750&rx=690224576986&cu=1720122260074&m=957&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=5061&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3937%3A3937%3A0%3A3772&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=55&cd=0&ah=55&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6091333837%3A138402123355&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=LB_03&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_03&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=120336769&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:21 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	41ms 41ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1720122260074&de=876603856249&rx=690224576986&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=6&cb=1&cu=1720122260074&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A418459684%3A6354644058%3A138442311334&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_03&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=1x1&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3937%3A3937%3A0%3A3772&tz=REC_03&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=2348665&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:21 GMT
GET		activeview pagead2.googlesyndication.com/pcs/ Frame 8C2D	0 0
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	42ms 41ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1720122260074&de=773010735688&rx=690224576986&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=7&cb=1&cu=1720122260074&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6439686130%3A138458479623&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3937%3A3937%3A0%3A3772&tz=REC_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=505716333&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:21 GMT
GET H2	200	fifelski.jpg s3-rd-prod.crainsdetroit.com/styles/50x62/s3/	1 KB 1 KB	343ms 342ms	Image image/webp	2606:4700::6812:b83b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s3-rd-prod.crainsdetroit.com/styles/50x62/s3/fifelski.jpg Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 256063969466ba06408c5703e49a3bc2ebfed22a20f749823c94ceb9b3945e5b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:21 GMT cf-cache-status REVALIDATED x-amz-request-id KFCMW39F8YP5DTF6 cf-polished qual=85, origFmt=jpeg, origSize=1382 x-amz-server-side-encryption AES256 content-disposition inline; filename="fifelski.webp" content-length 1170 x-amz-id-2 tNW6462xuU/WtiOK8lHXzmbN5cDoYJfq/oj/w1FjuwGUonNCDPkw2s5daZxHpHiQIpauUYk8sW0= cf-bgj imgq:85,h2pri last-modified Wed, 20 Sep 2023 21:33:15 GMT server cloudflare etag "97b3a87012d4d96dfdce25fc631fe98d" vary Accept content-type image/webp cache-control public, max-age=3600 accept-ranges bytes cf-ray 89e19c0638e53623-FRA expires Thu, 04 Jul 2024 20:44:21 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	44ms 44ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16400244981329198933&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqqRb9TZjaOdT2EB%2BBOA3JNdQP%2Fi2v2zr%2Bdj46WSY9fIj4B2PAB1iav4pxs%3D&rs=1-cQYmwN5deVpMDA%3D%3D&sc=1&os=1-DQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&bq=11&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1720122260074&de=773010735688&rx=690224576986&cu=1720122260074&m=990&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4597&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3937%3A3937%3A0%3A3772&as=0&ag=17&an=0&gf=17&gg=0&ix=17&ic=17&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=17&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=33&cd=0&ah=33&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6439686130%3A138458479623&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=1876684816&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:21 GMT
GET H2	200	ii.js Show response mb.moatads.com/	42 B 117 B	57ms 57ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/ii.js?lineItemId=6728136603&callback=lineItemInfo6728136603Callback_8048505 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash 8ab6bead5c7a9e2184af7a21a024c7fdc69af623c1a634dc65c1afeba21bd86f Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:21 GMT server istio-envoy etag "ceea5e294d6a6fb58c2fc4ec25729ab156d1a5b1" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 4 timing-allow-origin * content-length 42
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	59ms 59ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1720122260074&de=488109276712&rx=690224576986&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=8&cb=1&cu=1720122260074&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A418459684%3A6354644058%3A138441589527&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_04&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=1x1&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3937%3A3937%3A0%3A3772&tz=REC_04&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=991358250&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:21 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	42ms 41ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F350966017200814153&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqqRb9TZjaOdT2EB%2BBOA3JNdQP%2Fi2v2zr%2Bdj46WSY9fIj4B2PAB1iav4pxs%3D&rs=1-cQYmwN5deVpMDA%3D%3D&sc=1&os=1-DQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1720122260074&de=552129213874&rx=690224576986&cu=1720122260074&m=1425&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3693&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3937%3A3937%3A0%3A3772&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=194&cd=0&ah=194&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6728136603%3A138476348877&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_02&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x600&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_02&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=983748388&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:21 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	42ms 41ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqqRb9TZjaOdT2EB%2BBOA3JNdQP%2Fi2v2zr%2Bdj46WSY9fIj4B2PAB1iav4pxs%3D&rs=1-cQYmwN5deVpMDA%3D%3D&sc=1&os=1-DQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&h=90&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=112&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1720122260074&de=589316806318&rx=690224576986&cu=1720122260074&m=1844&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=112&lb=3693&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3937%3A3937%3A0%3A3772&as=1&ag=1013&an=71&gi=1&gf=1013&gg=71&ix=1013&ic=1013&ez=1&ck=1013&kw=882&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1013&bx=71&ci=1013&jz=882&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=882&cd=141&ah=882&am=141&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6727407095%3A138476415646&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-CrainMulti&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=208210&na=1783436635&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:21 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	42ms 42ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqqRb9TZjaOdT2EB%2BBOA3JNdQP%2Fi2v2zr%2Bdj46WSY9fIj4B2PAB1iav4pxs%3D&rs=1-cQYmwN5deVpMDA%3D%3D&sc=1&os=1-DQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=2&h=90&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=112&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1720122260074&de=589316806318&rx=690224576986&cu=1720122260074&m=1844&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=112&lb=3693&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3937%3A3937%3A0%3A3772&as=1&ag=1013&an=1013&gi=1&gf=1013&gg=1013&ix=1013&ic=1013&ez=1&ck=1013&kw=882&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1013&bx=1013&ci=1013&jz=882&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=882&cd=882&ah=882&am=882&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6727407095%3A138476415646&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-CrainMulti&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=208210&na=930057530&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:21 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:21 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	42ms 41ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqqRb9TZjaOdT2EB%2BBOA3JNdQP%2Fi2v2zr%2Bdj46WSY9fIj4B2PAB1iav4pxs%3D&rs=1-cQYmwN5deVpMDA%3D%3D&sc=1&os=1-DQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=3&h=90&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=112&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1720122260074&de=589316806318&rx=690224576986&cu=1720122260074&m=1844&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=112&lb=3693&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3937%3A3937%3A0%3A3772&as=1&ag=1013&an=1013&gi=1&gf=1013&gg=1013&ix=1013&ic=1013&ez=1&ck=1013&kw=882&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1013&bx=1013&ci=1013&jz=882&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=882&cd=882&ah=882&am=882&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6727407095%3A138476415646&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=70&zMoatPS=LB_01&zMoatMMV=70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-CrainMulti&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=70&tt=80&tu=1&tp=unsafe&tc=0&fs=208210&na=606424039&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:22 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:22 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 9BBE	42 B 65 B	194ms 194ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJ0-pweEQC0I95HPRNexEJITbf95R2MtnNVfteMrmDD6J7Sny2BUhy4AUCOySFJOvTt1CKQVyxBLpaVTB_gvFstNedaAPDUylG5L1Bz_B7EmLgLA8L6ONPdwjKnroG8f9R_h_buKQfIqA5JoP5iwNdQTZS0QUvHHcJupLWP3gUL-Q&sig=Cg0ArKJSzKDHc0z3J8Y1EAE&id=lidar2&mcvt=1000&p=404,1130,654,1430&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3207770080&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1605506100&rst=1720122260786&rpt=274&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:22 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame D209	42 B 65 B	193ms 193ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaQqSRq8-i67Ynvca0GdcfEZg8nWXVtKrfr1onyQZ0G8xlLfovGrZrWSjdWC4QdT8zl2oQglyaghfBeInytoh_5vx6DDm4rc4Zithd-dOmVyQ6bn9ea3MqwgTxfELey7VxpJBXQAawW656StBmEjLp8h6LK13n6HtD8FD8JPXCs54&sig=Cg0ArKJSzBXYW4c87jgiEAE&id=lidar2&mcvt=1001&p=112,436,202,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4083305776&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1605506000&rst=1720122260760&rpt=328&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:22 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	42ms 42ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqqRb9TZjaOdT2EB%2BBOA3JNdQP%2Fi2v2zr%2Bdj46WSY9fIj4B2PAB1iav4pxs%3D&rs=1-cQYmwN5deVpMDA%3D%3D&sc=1&os=1-DQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1720122260074&de=773010735688&rx=690224576986&cu=1720122260074&m=2046&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3693&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3937%3A3937%3A0%3A3772&as=1&ag=1074&an=17&gi=1&gf=1074&gg=17&ix=1074&ic=1074&ez=1&ck=1074&kw=887&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1074&bx=17&ci=1074&jz=887&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=887&cd=33&ah=887&am=33&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6439686130%3A138458479623&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=1895298040&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:22 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:22 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	41ms 41ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqqRb9TZjaOdT2EB%2BBOA3JNdQP%2Fi2v2zr%2Bdj46WSY9fIj4B2PAB1iav4pxs%3D&rs=1-cQYmwN5deVpMDA%3D%3D&sc=1&os=1-DQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1720122260074&de=773010735688&rx=690224576986&cu=1720122260074&m=2047&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3693&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3937%3A3937%3A0%3A3772&as=1&ag=1074&an=1074&gi=1&gf=1074&gg=1074&ix=1074&ic=1074&ez=1&ck=1074&kw=887&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1074&bx=1074&ci=1074&jz=887&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=887&cd=887&ah=887&am=887&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6439686130%3A138458479623&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=197698955&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:22 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:22 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 251 B	41ms 41ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqqRb9TZjaOdT2EB%2BBOA3JNdQP%2Fi2v2zr%2Bdj46WSY9fIj4B2PAB1iav4pxs%3D&rs=1-cQYmwN5deVpMDA%3D%3D&sc=1&os=1-DQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1720122260074&de=773010735688&rx=690224576986&cu=1720122260074&m=2047&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3693&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3937%3A3937%3A0%3A3772&as=1&ag=1074&an=1074&gi=1&gf=1074&gg=1074&ix=1074&ic=1074&ez=1&ck=1074&kw=887&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1074&bx=1074&ci=1074&jz=887&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=887&cd=887&ah=887&am=887&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6439686130%3A138458479623&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=REC_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=846958858&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:22 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:22 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 253 B	42ms 42ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1720122260074&de=80144607909&rx=690224576986&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=9&cb=1&cu=1720122260074&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6726293698%3A138475708452&zMoatMMV_MAX=slotNoSlotData&zMoatPS=NTV_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=0x0&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3937%3A3937%3A0%3A3772&tz=NTV_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&fs=208210&na=1898865220&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:23 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:23 GMT
GET H2	200	ii.js Show response mb.moatads.com/	40 B 137 B	61ms 61ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/ii.js?lineItemId=__page__&callback=lineItemInfo__page__Callback_8048505 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash 8e4811d115d96ae5c3d32e40497a0920ab22b18c9601f042e5937dc2d75b815c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:23 GMT server istio-envoy etag "d752273b4b378e6a9269c87ce53550275134d1c9" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 7 timing-allow-origin * content-length 40
GET H2	200	pixel.gif px.moatads.com/	43 B 253 B	42ms 42ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=CRAIN_PREBID_HEADER1&hp=1&sst=1&wf=1&ra=5&pxm=3&sgs=6&vb=10&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1720122260074&de=956894868707&rx=690224576986&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=10&cb=1&cu=1720122260074&ll=2&lm=0&ln=0&em=0&en=0&d=crainsdetroit.com%3AFlagstar%20paid%20%241M%20bitcoin%20ransom%20after%20cyberattack%20in%202021%2C%20court%20filings%20show%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3937%3A3937%3A0%3A3772&fs=208210&na=1757011195&cs=0 Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:23 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:23 GMT
GET H2	200	nr-rum-1.261.2.min.js Show response js-agent.newrelic.com/	49 KB 16 KB	129ms 40ms	Script application/javascript	2602:816:5001::39 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-rum-1.261.2.min.js Requested by Host: www.crainsdetroit.com URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2602:816:5001::39 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 6015ddf92ea6817fbb21c99f87ecc4e9ce34a23cc40149dc89499665e5729af7 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Referer https://www.crainsdetroit.com/ Origin https://www.crainsdetroit.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers x-amz-version-id KX74Zp6YrPW8z_RIZHRGWmKepoaITtBQ content-encoding br via 1.1 varnish date Thu, 04 Jul 2024 19:44:23 GMT strict-transport-security max-age=300 x-amz-request-id KRP7S91EJMRASSAK x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 15607 x-amz-id-2 SHCtrEIkTdTuwCd3ESCo2UmsgHf2zb7JkItOTYczMgWyn6H6D8deU7AI3AVh7/Jt6xCWAZHUVb4= x-served-by cache-cph2320050-CPH last-modified Tue, 02 Jul 2024 15:00:16 GMT server AmazonS3 etag "11d9198e7f5de86fc1a22736fdaf1d74" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400 accept-ranges bytes x-cache-hits 11739
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	17 KB 13 KB	92ms 92ms	XHR application/json	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407020101&st=env Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 570a5227fee926169f1f5fd306c1fbbe6fd36b5dad9d0024c7434eed205dbd68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:23 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12868 x-xss-protection 0
GET H2	200	Icon-40%402x.png s3-rd-prod.crainsdetroit.com/	550 B 843 B	346ms 346ms	Other image/webp	2606:4700::6812:b83b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s3-rd-prod.crainsdetroit.com/Icon-40%402x.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4908257d837a524d823ae0f7b92c981276f1b9670ef1696aa63fff4e44f39fea Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:23 GMT cf-cache-status REVALIDATED x-amz-request-id QDJNHM2JRHHN34SB cf-polished origFmt=png, origSize=719 x-amz-server-side-encryption AES256 content-disposition inline; filename="Icon-40%402x.webp" content-length 550 x-amz-id-2 WlkL76mSi+JK1fxCCC3WzN7zuB9Mu1bceIl+w3Jp7sDbhEdVLDr0SdmSNCzXdMLSub4TjpywEB0= cf-bgj imgq:85,h2pri last-modified Mon, 13 Feb 2023 09:21:03 GMT server cloudflare etag "19a2aeb7e476cbf462ad0f81d378386e" vary Accept content-type image/webp cache-control public, max-age=3600 accept-ranges bytes cf-ray 89e19c10ebf23623-FRA expires Thu, 04 Jul 2024 20:44:23 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 253 B	45ms 44ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=5&pxm=3&sgs=6&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.crainsdetroit.com%2F%2Fbanking-finance%2F-&i=CRAIN_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqqRb9TZjaOdT2EB%2BBOA3JNdQP%2Fi2v2zr%2Bdj46WSY9fIj4B2PAB1iav4pxs%3D&rs=1-cQYmwN5deVpMDA%3D%3D&sc=1&os=1-DQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1720122260074&de=956894868707&rx=690224576986&cu=1720122260074&m=3083&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3693&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A3937%3A3937%3A0%3A3772&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=crainsdetroit.com%3AFlagstar%20paid%20%241M%20bitcoin%20ransom%20after%20cyberattack%20in%202021%2C%20court%20filings%20show%3A__page__%3A-&gw=crainprebidheader782626518086&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=2013365219&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:23 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:23 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	59ms 58ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js?cb=31085076 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 04 Jul 2024 19:44:23 GMT
POST H/1.1	200	6e51ac8bf4 Show response bam.nr-data.net/1/	150 B 609 B	658ms 564ms	XHR text/plain	162.247.243.29 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/6e51ac8bf4?a=165752170&v=1.261.2&to=bwMEMhYCXUUCUBBbW1ZJJwUQClxYTHcWR0RZCjoICwdWaiBcCkZGVwoKAxY/fVkHVjJbUU8lCQgQEVxaD1YWHwpODwMR&rst=6975&ck=0&s=236a9c5e36e5acfa&ref=https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group&ptid=afa89b3dc3c212ca&qt=4&ap=2283&be=3028&fe=3807&dc=918&at=Q0QHRF4YTks%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1720122256327,%22n%22:0,%22f%22:0,%22dn%22:23,%22dne%22:23,%22c%22:23,%22s%22:64,%22ce%22:144,%22rq%22:144,%22rp%22:3028,%22rpe%22:3036,%22di%22:3772,%22ds%22:3925,%22de%22:3946,%22dc%22:6828,%22l%22:6831,%22le%22:6835%7D,%22navigation%22:%7B%7D%7D Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/LogRocket.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.29 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5b4e795f61489cd3ae77c4621ca909655b17d330af08bbb25f90a7f5c3273882 Request headers Referer https://www.crainsdetroit.com/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 content-type text/plain Response headers date Thu, 04 Jul 2024 19:44:23 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type text/plain access-control-allow-origin https://www.crainsdetroit.com access-control-expose-headers Date access-control-allow-credentials true cross-origin-resource-policy cross-origin Connection keep-alive timing-allow-origin https://www.crainsdetroit.com Content-Length 150 x-served-by cache-fra-etou8220033-FRA
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0EBF	0 0	40ms 39ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes age 34354 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 04 Jul 2024 10:11:49 GMT expires Fri, 04 Jul 2025 10:11:49 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
OPTIONS H2	204	i r.lr-ingest.com/ Frame	0 0	463ms 145ms	Preflight	104.198.23.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r.lr-ingest.com/i?a=wlb5gx%2Fdrupal-sites&r=5-d5859076-d1e3-4e21-9beb-ab3d237a9b3d&t=f3955470-42b9-4f0c-ad14-9b67195b1046&s=0&rs=0%2Cu&u=4aa2f509-8e5b-4f08-bcc5-9d43ee460e1c&is=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 205.23.198.104.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers x-logrocket-relay-version Access-Control-Request-Method POST Origin https://www.crainsdetroit.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers access-control-allow-credentials true access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS access-control-allow-origin * access-control-max-age 1728000 content-length 0 date Thu, 04 Jul 2024 19:44:23 GMT strict-transport-security max-age=31536000; includeSubDomains
POST H2	201	i Show response r.lr-ingest.com/	32 KB 32 KB	1325ms 465ms	XHR application/json	104.198.23.205 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r.lr-ingest.com/i?a=wlb5gx%2Fdrupal-sites&r=5-d5859076-d1e3-4e21-9beb-ab3d237a9b3d&t=f3955470-42b9-4f0c-ad14-9b67195b1046&s=0&rs=0%2Cu&u=4aa2f509-8e5b-4f08-bcc5-9d43ee460e1c&is=1 Requested by Host: cdn.lr-ingest.com URL: https://cdn.lr-ingest.com/logger-1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 205.23.198.104.bc.googleusercontent.com Software / Express Resource Hash 2b063e18cfd9218adf5813645b69abb497a50d942141cedbd181d3b80efdb7e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.crainsdetroit.com/ X-LogRocket-Relay-Version 2023.12.0 Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:25 GMT strict-transport-security max-age=31536000; includeSubDomains etag W/"7e73-NfHgLcjIfrlYgsFN72o53fYNTQ0" x-powered-by Express access-control-max-age 1728000 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version content-length 32371
GET H2	200	ii.js Show response mb.moatads.com/	127 B 203 B	63ms 62ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/ii.js?lineItemId=6726293698&callback=lineItemInfo6726293698Callback_8048505 Requested by Host: z.moatads.com URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash d49fc263c40e846f97b24793b3ab98eba8960db11f90e3eee5ea7721857ceebe Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Thu, 04 Jul 2024 19:44:23 GMT server istio-envoy etag "f9f7398cac14328f90965aba26b124f1e0ed2a9a" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 8 timing-allow-origin * content-length 127
GET H2	200	pixel.gif px.moatads.com/	43 B 253 B	41ms 41ms	Image image/gif	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.crainsdetroit.com%2F%2Fbanking-finance%2FIFRAME&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Y.%5BMhS%3A15.sn%2F*_t%5E%5B2CuoVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7B%5E6pV2%3CWx1%5D4cBtD%60s4rU8tc3aEHZbRu1lQQV%23tbK6kdd7E1%3A2tcpaO%2BZ%5EhG%22%3ExZq%224t!ztnyjrJB%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BNA%5BG3_ck~q%26G%3E3z%5D.4%24Ju%404YejGubf_%3CekO2m%2F%26u~qOPH%3C8%2BlTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqqRb9TZjaOdT2EB%2BBOA3JNdQP%2Fi2v2zr%2Bdj46WSY9fIj4B2PAB1iav4pxs%3D&rs=1-cQYmwN5deVpMDA%3D%3D&sc=1&os=1-DQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=0&h=262&w=320&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1120&gp=2041.671875&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1720122260074&de=80144607909&rx=690224576986&cu=1720122260074&m=3548&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=2041.671875&lb=3693&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3937%3A3937%3A6835%3A3772&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=94&cd=0&ah=94&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6726293698%3A138475708452&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoSlotData&zMoatPS=NTV_01&zMoatMMV=slotNoSlotData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoSlotData&zMoatSZ=0x0&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=NTV_01&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&tc=0&fs=208210&na=1214412236&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Thu, 04 Jul 2024 19:44:23 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Thu, 04 Jul 2024 19:44:23 GMT
GET		sodar pagead2.googlesyndication.com/pagead/	0 0
GET H2	200	common.js Show response maps.googleapis.com/maps-api-v3/api/js/57/7/intl/de_ALL/	255 KB 56 KB	42ms 42ms	Script text/javascript	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/57/7/intl/de_ALL/common.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e1fd8fc3ab2352def12849ca035ccfe5b5ff27d034b455be45456ada02d8a8fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Tue, 02 Jul 2024 18:31:11 GMT content-encoding br x-content-type-options nosniff age 177194 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57008 x-xss-protection 0 last-modified Mon, 01 Jul 2024 19:30:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="maps-api-js" vary Accept-Encoding, Origin report-to {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 02 Jul 2025 18:31:11 GMT
GET H2	200	util.js Show response maps.googleapis.com/maps-api-v3/api/js/57/7/intl/de_ALL/	185 KB 57 KB	51ms 51ms	Script text/javascript	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/57/7/intl/de_ALL/util.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 893ac88beec73d8836d11c0d4138056ab04c10e2e617a919ccbf276b533b33b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.crainsdetroit.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1 Response headers date Wed, 03 Jul 2024 15:44:40 GMT content-encoding br x-content-type-options nosniff age 100785 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57848 x-xss-protection 0 last-modified Mon, 01 Jul 2024 19:30:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="maps-api-js" vary Accept-Encoding, Origin report-to {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 03 Jul 2025 15:44:40 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoNclioK9alItFSZO9hvGq6ke-jK36HdL5WGs83D1bHNLywIo_2lH9N6NuupyJUy5zYI4Dw7a32LZiXCl9h4nQKw09YV7BVn4HujSdbHF2hRgfViS0VUE3hcn3P1tF8EpeK9wwOd0euGDPoZj7CfGwHeHSnAcZOW896BmHPcqPftsOo74VclOoAr1lvvCgXtWdADxtqa-dfNVnDwNlqz3KzQADCeFZrLSBID0&sig=Cg0ArKJSzOWA02IL7Y9xEAE&id=lidartos&mcvt=0&p=1887,255,1977,1225&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3076419833&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&co=1605506100&rst=1720122260767&rpt=239&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407020101&jk=2359028514546934&bg=!9_Sl9LvNAAZ5zPvEWcw7ADQBe5WfODtzh8Lxpj0Bl_0EpfzAYbeBkn6OOeD62JxEB0h-BJOvtWzjzBJBbWOwHbPN1IlKAgAAAC5SAAAAB2gBB34ANBt2DzWnYFQlO9eDztfCwte0r5IGmqe-N6AYmaXPFpgiUpxS6IGH0Tz1PfXKayiC24gcxz2ZAp-zBS9oVlLsXpvWnIdjG8m0vqBbpm6I8OztWk9QMQMULKegjmtnjNNBHfUqzVwj8CJaDy1dpARS21mCEvYXG7wQkGX8DOwddBz7M51djzlp7vo15u9WyNeTAB9Xwt8mihEvMlGZuaHWxkL7ZVeRkUiBVDnuhh7beuJvyZm9Ri4NznDJ9zH_14O-s9Ozi_De-oZ_5D8BnEm8nIiHapJFunkJgI5DAvHf7Y6FeYL-4S_NKW0x4SPbJ6dNZAKDzDrrQ2uPb0S7SNJCPhpN4i1_f5TB-bINh-wdNvArjA0ylJe6j2lk1T5p_dke604szBbHOcb8rS3y2AK_FLmciKFQ_N-DFcYvzdyYYqF_CNZhHI13Lgc8dJRtpRRfD9VE0yRh7R5f9PFEW_j_b7FLbAgXBf6VDR3r1t1aOhHlJClsZWohN4BnaP1j9GTjW_lojDz3QEYjN2MoNDqFumTuXkqIcfmNOmXWXmJR_Z7tGkc9dYZ7iFIml0NObK_Ghvu3_fNQGQQvw7xrwqdY5bqydQZqCcdKAP2GlSd_a2Yb8wX-7-_DjNGprxydyG_fAOtHqoLnV7Qmh5ftKw70-KWh8uf3qHqsto1Sv4qDcMUrUXTgtPxi6dNLvI3riVYg6BhhT8pkw7Y1bJKbcba5WJhcEIMxuG0tYvFlOk8ZrTa-fNnXEjU085lE27hlwsc-kB7nL373QxHAYrOWCnDT35Gx6EWAYN261rM6mA-mrJRJ0i1xmgWn02ybaasJUxDiavQThH6t_uvdPTQScERs0yeDNj9bpMNrO5gX8HQtjElWvfre1VFgW-5ftqs5AptNORSDh4Fq_E2bVKqdwK25Oy_5n4jHUmc61qgQ3VHLvjz0P26y4e9GDL8IklFuNQS9Iu00SYKoJg