URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Submission: On May 02 via manual from US — Scanned from DE

Summary

This website contacted 46 IPs in 10 countries across 37 domains to perform 131 HTTP transactions. The main IP is 2a02:26f0:480:4a5::1155, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.npr.org. The Cisco Umbrella rank of the primary domain is 16115.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 29th 2022. Valid for: a year.
This is the only time www.npr.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2a02:26f0:480... 20940 (AKAMAI-ASN1)
13 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 99.84.146.46 16509 (AMAZON-02)
13 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 65.9.90.93 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 99.86.4.85 16509 (AMAZON-02)
1 52.222.213.130 16509 (AMAZON-02)
4 2.19.228.187 16625 (AKAMAI-AS)
1 216.35.221.71 3561 (CENTURYLI...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:212... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.208.191.20 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 37.252.171.149 29990 (ASN-APPNEX)
1 104.18.25.185 13335 (CLOUDFLAR...)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
6 2606:4700::68... 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.193.108 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 198.47.127.19 3257 (GTT-BACKB...)
1 1 185.29.132.241 30419 (MEDIAMATH...)
2 185.64.189.110 62713 (AS-PUBMATIC)
1 1 193.0.160.130 54312 (ROCKETFUEL)
5 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.1.9 44788 (ASN-CRITE...)
2 2 213.155.156.183 1299 (TWELVE99 ...)
1 1 2620:116:800d... 16509 (AMAZON-02)
7 7 142.250.181.226 15169 (GOOGLE)
2 34.249.220.178 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 23.21.155.77 14618 (AMAZON-AES)
3 3 37.157.6.254 198622 (ADFORM)
1 34.91.62.186 396982 (GOOGLE-CL...)
2 15.197.193.217 16509 (AMAZON-02)
1 2 2406:2600:4::b 55569 (CRITEO-AS...)
1 2600:1901:0:8... 15169 (GOOGLE)
2 178.250.1.11 ()
1 162.19.138.120 16276 (OVH)
1 185.64.189.226 62713 (AS-PUBMATIC)
1 185.64.190.81 62713 (AS-PUBMATIC)
131 46
Apex Domain
Subdomains
Transfer
31 npr.org
www.npr.org — Cisco Umbrella Rank: 16115
static-assets.npr.org — Cisco Umbrella Rank: 46836
bundles.npr.org — Cisco Umbrella Rank: 42912
media.npr.org — Cisco Umbrella Rank: 29963
api.npr.org — Cisco Umbrella Rank: 34533
legacy.npr.org — Cisco Umbrella Rank: 54380
828 KB
16 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 725
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 729
image6.pubmatic.com — Cisco Umbrella Rank: 1037
simage2.pubmatic.com — Cisco Umbrella Rank: 976
image2.pubmatic.com — Cisco Umbrella Rank: 1377
t.pubmatic.com — Cisco Umbrella Rank: 4613
simage4.pubmatic.com — Cisco Umbrella Rank: 1660
182 KB
13 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 615
268 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
94 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
151 KB
6 tinypass.com
buy.tinypass.com — Cisco Umbrella Rank: 8485
48 KB
5 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 941
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3102
3 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
223 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
60 KB
4 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2411
q.stripe.com Failed
m.stripe.com — Cisco Umbrella Rank: 2198
116 KB
3 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3752
c1.adform.net — Cisco Umbrella Rank: 908
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24171
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30620
899 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
652 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1149
id.crwdcntrl.net — Cisco Umbrella Rank: 2256
581 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6958
562 B
2 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5988
40 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
acdn.adnxs.com — Cisco Umbrella Rank: 806
19 KB
2 akstat.io
02179914.akstat.io — Cisco Umbrella Rank: 72383
400 B
2 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 2399
252 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2669
18 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1502
c.go-mpulse.net — Cisco Umbrella Rank: 736
51 KB
2 piano.io
cdn.piano.io — Cisco Umbrella Rank: 43490
c2.piano.io — Cisco Umbrella Rank: 7114
103 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
129 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 882
548 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 612
621 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1915
248 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
612 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1063
589 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
793 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
737 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
1 KB
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 768
563 B
1 google.com
www.google.com — Cisco Umbrella Rank: 16
874 B
1 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 751
122 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
0 indexww.com Failed
js-sec.indexww.com Failed
131 37
Domain Requested by
13 media.npr.org www.npr.org
13 cdn.cookielaw.org www.npr.org
cdn.cookielaw.org
12 bundles.npr.org www.npr.org
bundles.npr.org
10 cdnjs.cloudflare.com buy.tinypass.com
7 cm.g.doubleclick.net 7 redirects
6 buy.tinypass.com cdn.piano.io
rumcdn.geoedge.be
buy.tinypass.com
5 image2.pubmatic.com ads.pubmatic.com
4 a.audrte.com 3 redirects
4 ads.pubmatic.com bundles.npr.org
ads.pubmatic.com
3 fonts.gstatic.com fonts.googleapis.com
3 securepubads.g.doubleclick.net bundles.npr.org
rumcdn.geoedge.be
securepubads.g.doubleclick.net
3 c.amazon-adsystem.com www.npr.org
c.amazon-adsystem.com
3 js.stripe.com www.npr.org
js.stripe.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 match.adsrvr.org ads.pubmatic.com
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 simage2.pubmatic.com ads.pubmatic.com
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 cdn.cxense.com cdn.piano.io
cdn.cxense.com
2 02179914.akstat.io s.go-mpulse.net
2 rumcdn.geoedge.be bundles.npr.org
rumcdn.geoedge.be
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.googletagmanager.com www.npr.org
2 geolocation.onetrust.com cdn.cookielaw.org
2 static-assets.npr.org www.npr.org
2 www.npr.org bundles.npr.org
1 simage4.pubmatic.com ads.pubmatic.com
1 t.pubmatic.com ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 lexicon.33across.com ads.pubmatic.com
1 um.simpli.fi
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr
1 sync.crwdcntrl.net
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 sync.mathtag.com 1 redirects
1 acdn.adnxs.com ads.pubmatic.com
1 fonts.googleapis.com buy.tinypass.com
1 c2.piano.io cdn.piano.io
1 htlb.casalemedia.com ads.pubmatic.com
1 ib.adnxs.com ads.pubmatic.com
1 hbopenbid.pubmatic.com ads.pubmatic.com
1 m.stripe.com m.stripe.network
1 www.gstatic.com www.google.com
1 legacy.npr.org bundles.npr.org
1 www.google.com bundles.npr.org
1 api.npr.org bundles.npr.org
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net www.npr.org
1 cdn.piano.io www.npr.org
1 cdn.optimizely.com www.npr.org
0 api.rlcdn.com Failed ads.pubmatic.com
0 js-sec.indexww.com Failed ads.pubmatic.com
static-assets.npr.org
0 q.stripe.com Failed www.npr.org
131 61
Subject Issuer Validity Valid
www.npr.org
DigiCert SHA2 Extended Validation Server CA
2022-07-29 -
2023-07-30
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1
2022-10-30 -
2023-10-30
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2023-04-20 -
2023-08-05
4 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-12-13 -
2023-12-13
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
piano.io
Cloudflare Inc ECC CA-3
2023-03-27 -
2024-03-26
a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1
2023-04-05 -
2024-04-04
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
*.npr.org
Thawte RSA CA 2018
2023-01-09 -
2024-02-02
a year crt.sh
www.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01
2023-02-21 -
2023-10-10
8 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-28 -
2023-07-26
4 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-22 -
2023-06-21
a year crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-13
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-09 -
2023-06-03
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
lexicon.33across.com
GTS CA 1D4
2023-04-13 -
2023-07-12
3 months crt.sh
*.id5-sync.com
R3
2023-04-18 -
2023-07-17
3 months crt.sh

This page contains 12 frames:

Primary Page: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Frame ID: 6ACF9909EC2FD64F77202BA3523AA482
Requests: 100 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 3F5F0974555E291251C2EE7F2D5B9D22
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 711B45314861E2C31506B9AE141122A9
Requests: 4 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Frame ID: B56CF3F92E5692CE7001CADBFC955152
Requests: 18 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 55D73A658B30231F89142A6DF5DD4265
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Frame ID: 4B3003DAE6484907FD5756AC145DEF38
Requests: 12 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: ABCDF244C7085B2F8227B3F1BABD543C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cbf86451-5926-4a00-a119-aca8b713f505&gdpr=0&gdpr_consent=
Frame ID: 5D9D3523CEC38B129564ADF2EB97ADC5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525487045501
Frame ID: F2075E5FB1E53E92E5FBF32DC906FDED
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 6CA1538B96CCE897ED4ED1C8AFB58942
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8318348273114129603
Frame ID: EBB301BEE5290BDB6A89679DE751C9ED
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KEa6IytLvSQzR7whKRSidCtAuiAzQ7smKBTlYEYq
Frame ID: B474422B17A485499DF216DCFF36C1DA
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

FBI says it 'hacked the hackers' to shut down major ransomware group : NPRBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

131
Requests

90 %
HTTPS

42 %
IPv6

37
Domains

61
Subdomains

46
IPs

10
Countries

2774 kB
Transfer

9091 kB
Size

49
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 120
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cbf86451-5926-4a00-a119-aca8b713f505&gdpr=0&gdpr_consent=
Request Chain 121
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525487045501
Request Chain 123
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8318348273114129603
Request Chain 124
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KEa6IytLvSQzR7whKRSidCtAuiAzQ7smKBTlYEYq
Request Chain 125
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cDBeftSYT6CgHBA4ZpbXrA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cDBeftSYT6CgHBA4ZpbXrA%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 127
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4002348244 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=70305E7E-D498-4FA0-A01C-10386696D7AC
Request Chain 128
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=70305E7E-D498-4FA0-A01C-10386696D7AC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZjUzcFhvc0NKdDVUYi1JdlpwUTZpVml0UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7898488941138823061&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 129
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzAzMDVFN0UtRDQ5OC00RkEwLUEwMUMtMTAzODY2OTZEN0FD&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzAzMDVFN0UtRDQ5OC00RkEwLUEwMUMtMTAzODY2OTZEN0FD&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 130
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMQ72JmFOyfZ9cMdT7O72pk&google_cver=1
Request Chain 132
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7898488941138823061
Request Chain 137
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.npr.org%2F&domain=www.npr.org&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=sAaHVHxwZWQzTis1T2dBMkQ1dHNHaEdNQVdzR3VjdEFHdzh5eHVXTHlhMjR4OTc0YzZiZjNwbGlHU0FrV3VrT0RvRXBobGdqN1pidndPQ00xRlFPTHFMWXcyWHBMVzVER204b2x4bUNUZHBwUTVEQ0JENU50UDBTOHBvcVdFclV5d203d0N4UHdVek1Ta1NUcFAxWWY2WldCMGxHQ1E3SFdsK2RRR0lsTk9NbmRvYTE4ZHNDS1hqcmNjM1lReTVyMHdSNGNva29GbHhld3pLekFlNmxVekN4VE5kOTZUL3dEK0o3anpCaE1XRnMycXRRPXw&cppv=2

131 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
www.npr.org/2023/01/26/1151696092/
74 KB
20 KB
Document
General
Full URL
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:4a5::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
06551b32dcad24a5aafc8fc0d6668f6ba72793c5f7258692b034b13881388671
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-length
19158
content-type
text/html; charset=UTF-8
date
Tue, 02 May 2023 18:40:36 GMT
expires
Tue, 02 May 2023 18:40:36 GMT
referrer-policy
no-referrer-when-downgrade
server-timing
cdn-cache; desc=REVALIDATE edge; dur=9 origin; dur=126 ak_p; desc="467514_1551582761_118756980_13560_11031_8_0";dur=1
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 71093 0 pmb=mRUM,1
x-cache-npr
HIT
x-content-type-options
nosniff
x-npr-trace-id
renc2OFvHis
x-served-by
pod-www-render-nginx-7fc4dbbf78-25jnh
x-xss-protection
1; mode=block
OtAutoBlock.js
cdn.cookielaw.org/consent/82089dfe-410c-4e1b-a7f9-698174b62a86/
53 KB
10 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/82089dfe-410c-4e1b-a7f9-698174b62a86/OtAutoBlock.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e9c4efbf23439cb9f4dc22b5f36b6ced619f8c81bce299eeeeacfb377d38975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Zjc7T/QljcxL8cWe9IUKHQ==
age
17597
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
9613
x-ms-lease-status
unlocked
last-modified
Wed, 21 Dec 2022 15:27:08 GMT
server
cloudflare
etag
0x8DAE367D320D167
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c992cd58-901e-013a-24e1-5add10000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c1264c4ba951a49-FRA
expires
Wed, 03 May 2023 18:40:36 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
rpnZu/dYNZPLIh9pLOSMrg==
age
2490
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6757
x-ms-lease-status
unlocked
last-modified
Thu, 27 Apr 2023 20:26:46 GMT
server
cloudflare
etag
0x8DB475DB9217360
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7adbfebd-601e-0124-504e-7907fd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c1264c4ba971a49-FRA
otCCPAiab.js
cdn.cookielaw.org/opt-out/
22 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 May 2023 18:40:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
52264
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7c1264c4ba981a49-FRA
11107397707.js
cdn.optimizely.com/js/
388 KB
122 KB
Script
General
Full URL
https://cdn.optimizely.com/js/11107397707.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:5b7::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
582d819bdc50a97d06c2837d683a084757438f7f148dde7967fad4d46227a56b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
.WL7VtzwXz_vqqwr98p772k14meUTV4N
content-encoding
gzip
date
Tue, 02 May 2023 18:40:36 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
QBCPF5N5HJS52QA4
x-amz-server-side-encryption
AES256
x-amz-meta-revision
5616
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, cdn;desc="AkamaiION";dur=0,rtt;desc="7";dur=0,cdnip;desc="2a02:26f0:480:5b7::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="467514_35115186_635953835_40_3342_7_0";dur=1
content-length
123778
x-amz-id-2
XYwZWzcv4CVFt9+YEPXktUyqjMEFLcFiKLetuQ8ipwO6y9HtagP1S09I1YsS8FgY6lyMPrqcZ4w=
last-modified
Tue, 02 May 2023 16:08:22 GMT
server
AmazonS3
etag
"2e91f2abef49342d45c5ed95bbde1074"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=1200
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
modernizr.custom.js
static-assets.npr.org/static/javascript/lib/modernizr/
8 KB
4 KB
Script
General
Full URL
https://static-assets.npr.org/static/javascript/lib/modernizr/modernizr.custom.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:889::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
907ea9db8dcc37d39bafb708da0587f1d5d0a6062b38072f4a8a2c937f4488ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
gzip
last-modified
Thu, 01 Sep 2022 15:36:44 GMT
etag
"cefa2999c346df576db1571179a30b2e:1662047040.94201"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=377999
accept-ranges
bytes
timing-allow-origin
*
content-length
3499
svg-loader.min.js
static-assets.npr.org/static/javascript/lib/
7 KB
3 KB
Script
General
Full URL
https://static-assets.npr.org/static/javascript/lib/svg-loader.min.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:889::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
868a6e0b1de3d5354170751a8f94464b40741e54ca97200d1ff0a49519d44aa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 17:40:16 GMT
etag
"ea58e4edd394259009511763d10fdd93:1681926136.717599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=567404
accept-ranges
bytes
timing-allow-origin
*
content-length
3003
/
js.stripe.com/v3/
469 KB
113 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.146.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-146-46.txl52.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7de391fbe688072db9c130494407fa3c96e603e950f67e4d8b2a0a80784bd1ac
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 May 2023 18:40:12 GMT
via
1.1 8e2919534da029bb37f64b265b219372.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
age
28
x-cache
Hit from cloudfront
last-modified
Tue, 02 May 2023 17:45:30 GMT
server
Cloudfront
etag
W/"cfc7511b8d1f70d87b5fc90e38bb73a9"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
Wpi1-nfQg98EVLP2yukHnEXWP_VdKpPGzq5Q2mXQxBPoWvysaCcoJA==
33.1bf34f11e93dbaf174d3.chunk.js
bundles.npr.org/dist/bundles/
10 KB
3 KB
Script
General
Full URL
https://bundles.npr.org/dist/bundles/33.1bf34f11e93dbaf174d3.chunk.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
839a7af397eb41ab63c367a19a45008eaa5a18a2494d5ecf8941b5bcd4b2054f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 19:30:43 GMT
server
AkamaiNetStorage
etag
"2d0c6c0ea9ae1ee33826bab8be78cfc6:1682710243.970551"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=29196
accept-ranges
bytes
timing-allow-origin
*
content-length
2784
expires
Wed, 03 May 2023 02:47:12 GMT
persistent-css-764e0c166c279b3414d9.css
bundles.npr.org/dist/bundles/
271 KB
54 KB
Stylesheet
General
Full URL
https://bundles.npr.org/dist/bundles/persistent-css-764e0c166c279b3414d9.css
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
041c912df148d6f9820f19c75a6b870de46da92a6388264a77261f8f74102068

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 19:30:53 GMT
server
AkamaiNetStorage
etag
"32ba061921f70384c72e64101ba84514:1682710253.822398"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=63819
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 12:24:15 GMT
persistent_medium-css-764e0c166c279b3414d9.css
bundles.npr.org/dist/bundles/
101 KB
19 KB
Stylesheet
General
Full URL
https://bundles.npr.org/dist/bundles/persistent_medium-css-764e0c166c279b3414d9.css
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
87eafc724caa21b42a8a0488852e718a150bb80dc80c2ed86ceb7c7bd2d7a1ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 19:30:51 GMT
server
AkamaiNetStorage
etag
"a6b2df08d38ccf5ced57eab85e40d573:1682710251.024059"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=55159
accept-ranges
bytes
timing-allow-origin
*
content-length
19176
expires
Wed, 03 May 2023 09:59:55 GMT
persistent_large-css-764e0c166c279b3414d9.css
bundles.npr.org/dist/bundles/
26 KB
8 KB
Stylesheet
General
Full URL
https://bundles.npr.org/dist/bundles/persistent_large-css-764e0c166c279b3414d9.css
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
af72f6f8aec89faa50db5c5c8f5e29e9ea04955c873c59c174bad75b3fc25441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 19:30:44 GMT
server
AkamaiNetStorage
etag
"1244ed094ad77cefa7eca96af64faea3:1682710244.512779"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=55274
accept-ranges
bytes
timing-allow-origin
*
content-length
7753
expires
Wed, 03 May 2023 10:01:50 GMT
fonts-css-764e0c166c279b3414d9.css
bundles.npr.org/dist/bundles/
165 KB
125 KB
Stylesheet
General
Full URL
https://bundles.npr.org/dist/bundles/fonts-css-764e0c166c279b3414d9.css
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
55b403bb290e6dff8563ef72b7d0436c9d75cff0f633a766d062431ecef8313c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 19:30:44 GMT
server
AkamaiNetStorage
etag
"de5e9ed88978eadd0e15e59afb296121:1682710244.365997"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=62367
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 12:00:03 GMT
newsStory-css-764e0c166c279b3414d9.css
bundles.npr.org/dist/bundles/
307 KB
53 KB
Stylesheet
General
Full URL
https://bundles.npr.org/dist/bundles/newsStory-css-764e0c166c279b3414d9.css
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ec72861d01529c263bda4e010b7be752402122f1d92b8791a2ec6cb9fb85131c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 19:30:54 GMT
server
AkamaiNetStorage
etag
"184ba570f8c5ebae5950232fa19a7d1c:1682710254.08412"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=55212
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 10:00:48 GMT
npr-logo.svg
media.npr.org/chrome_svg/
1001 B
1 KB
Image
General
Full URL
https://media.npr.org/chrome_svg/npr-logo.svg
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:4a5::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
f706b55d047b48cadabd4fd6c3ad48a413cd96eb257f9faa0625fbdf93ab3d01
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Tue, 02 May 2023 18:40:36 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
1001
x-xss-protection
1; mode=block
x-served-by
prod-web-51
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Apr 2023 16:26:35 GMT
server
Apache/2.4.25 (Debian)
etag
"3e9-5f9b2e335c4c0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 18:40:36 GMT
music-logo-dark.svg
media.npr.org/chrome_svg/
2 KB
2 KB
Image
General
Full URL
https://media.npr.org/chrome_svg/music-logo-dark.svg
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:4a5::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
640ae5edaa96ef9ed6e2a4205debd81a6d785b88b689755843fa97238a5e2604
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Tue, 02 May 2023 18:40:36 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
1709
x-xss-protection
1; mode=block
x-served-by
prod-web-20
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Apr 2023 16:26:35 GMT
server
Apache/2.4.25 (Debian)
etag
"6ad-5f9b2e335c4c0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 18:40:36 GMT
music-logo-light.svg
media.npr.org/chrome_svg/
2 KB
2 KB
Image
General
Full URL
https://media.npr.org/chrome_svg/music-logo-light.svg
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:4a5::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
8730f88f0ca82a89a4d57269d485c0f728069df2bb5b362394d491977daca2b7
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Tue, 02 May 2023 18:40:36 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
1696
x-xss-protection
1; mode=block
x-served-by
prod-web-13
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Apr 2023 16:26:35 GMT
server
Apache/2.4.25 (Debian)
etag
"6a0-5f9b2e335c4c0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 18:40:36 GMT
jenna-mclaughlin_sq-9d9f002dafb26a927328511b3b7b92efa9350fcc.jpg
media.npr.org/assets/img/2021/09/28/
4 KB
4 KB
Image
General
Full URL
https://media.npr.org/assets/img/2021/09/28/jenna-mclaughlin_sq-9d9f002dafb26a927328511b3b7b92efa9350fcc.jpg?s=100&c=85&f=webp
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:4a5::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
5d13fa19119b138bca6d8c51554fbbb81220d535699b4227d49150e8245af988
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
prod-web-3
strict-transport-security
max-age=604800; includeSubDomains
date
Tue, 02 May 2023 18:40:36 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/7.4.14
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=15535282
akamai-mon-iucid-del
28919
timing-allow-origin
*
content-length
3650
x-xss-protection
1; mode=block
expires
Sun, 29 Oct 2023 14:01:58 GMT
82089dfe-410c-4e1b-a7f9-698174b62a86.json
cdn.cookielaw.org/consent/82089dfe-410c-4e1b-a7f9-698174b62a86/
5 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/82089dfe-410c-4e1b-a7f9-698174b62a86/82089dfe-410c-4e1b-a7f9-698174b62a86.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a1c12d5f09aa87f7ebf272386861586358152d0af351f112f456cf770d52863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/h/IIjqfGI5EqBJisg6huQ==
age
47741
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1706
x-ms-lease-status
unlocked
last-modified
Wed, 21 Dec 2022 15:27:10 GMT
server
cloudflare
etag
0x8DAE367D3F0FC9A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
490ee4bb-701e-00f3-04e1-5a0b8f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c1264c509822c23-FRA
expires
Wed, 03 May 2023 18:40:36 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/
68 B
244 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7c1264c59cbf1941-FRA
vary
Accept-Encoding
content-type
text/javascript
apstag.js
c.amazon-adsystem.com/aax2/
227 KB
56 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e81437bacb2eadf8e9892f7c4423437a86ed8249bf77dcf71770909857779174

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 17:58:27 GMT
content-encoding
gzip
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 19:15:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, PRG50-C1
age
2530
x-amz-server-side-encryption
AES256
etag
W/"e301ce991ef543783521cd0156a962ee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
NCPpR7Uwn5mrIZtP5Svp2ajJtXqy1c8j0MlXhxATzKKbV1DGHVfEpw==
gtm.js
www.googletagmanager.com/
285 KB
65 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MVD397M
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8919046f5295bd3781a53ce5037418c7a533a7be37ba5e46779f64260ec80a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65843
x-xss-protection
0
last-modified
Tue, 02 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 May 2023 18:40:36 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
59 B
304 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7c1264c548859076-FRA
access-control-allow-headers
Content-Type
tinypass.min.js
cdn.piano.io/api/
340 KB
101 KB
Script
General
Full URL
https://cdn.piano.io/api/tinypass.min.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685354f47eba64d680c38613bbe91e870707ca4d235b25df218b6dd112d2299
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:36 GMT
x-amz-version-id
lNGSO9fbUa.W4vp.abmMhld2nmtrweo5
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
Y5YSGBJHBNW0NE0G
age
5194
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
2MKK2qfkZsT1ulqJGdwzVeGbOk7FiC4Dz0obibF7+sibGUjPev6lr/0iZF/SzIyS9y2bOJj1g8A=
last-modified
Tue, 02 May 2023 12:15:06 GMT
server
cloudflare
etag
W/"fb966eb2a9f75b478dcb0fbca2f60fe1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7c1264c59b06373d-FRA
expires
Tue, 02 May 2023 22:40:36 GMT
MBVDT-3L9KY-36ZMJ-SPSAR-JR833
s.go-mpulse.net/boomerang/
205 KB
50 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/MBVDT-3L9KY-36ZMJ-SPSAR-JR833
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:690::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
br
last-modified
Mon, 17 Apr 2023 11:51:04 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
x-n
S
timing-allow-origin
*
content-length
50393
truncated
/
856 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe130e8bf841c6bed02ef9f38e07d3abaff612f5cd1f3020ee43845be4c52d0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
965a2655ce64dfe9fee42b6e69cba58d714c23f00d46f10f3774637c82cc9784

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7a86e9413e9320eb64d52828515bcde30ccde38da26badd525ef8e8170fe81f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
909 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
602187963620e652a6e7fe0fe349fc98d1d6951a9efcf0298c644c79675a074c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8a7fdf18aab5015ecaa66b5c292f3ff993fe8a8ff346241902dc1db64af582e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1d685aace2f629301e7d5779989357ee2cffc61f81a605972bfa9003dc0f471

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47f9cbdf2bf8db793126b55147af7b213861d28b9e94d438b656e10061bea3ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
238 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
759d606521bc4e22d8935f2c0b7c1b9dd3271753c6ff499a97a28d19976153d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808decd57931c7cbb70aca026b11abf6587307214588c32174043ca016304dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
16 KB
16 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90e782af8bb58958c6613744b251581cc85af4e74dd2b854a9481b29c3805e4

Request headers

Referer
Origin
https://www.npr.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/
23 KB
23 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Request headers

Referer
Origin
https://www.npr.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/
27 KB
27 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd2a355066b220462c40ceac06a68dcbd084677e1d7b28b986fcecde56776f59

Request headers

Referer
Origin
https://www.npr.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/x-font-woff
all-things-considered.png
media.npr.org/chrome/programs/logos/
4 KB
4 KB
Image
General
Full URL
https://media.npr.org/chrome/programs/logos/all-things-considered.png
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:4a5::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
b02f5bbb01389d85596616f1bf5fb0122113f8bbc1ba5edaf300b77241a1def3
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Tue, 02 May 2023 18:40:36 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
3937
x-xss-protection
1; mode=block
x-served-by
prod-web-19
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Oct 2018 14:51:41 GMT
server
Apache/2.4.25 (Debian)
etag
"f61-57881ecbbd1fc"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 18:40:36 GMT
fresh-air.png
media.npr.org/chrome/programs/logos/
3 KB
4 KB
Image
General
Full URL
https://media.npr.org/chrome/programs/logos/fresh-air.png
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:4a5::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
81430397badb5c924cfe57e75049039040b81eed2a033e57475ffc6c0d01bfd6
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Tue, 02 May 2023 18:40:36 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
3549
x-xss-protection
1; mode=block
x-served-by
prod-web-19
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Oct 2018 14:51:41 GMT
server
Apache/2.4.25 (Debian)
etag
"ddd-57881ecbcfadc"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 18:40:36 GMT
up-first.jpg
media.npr.org/chrome/programs/logos/
3 KB
4 KB
Image
General
Full URL
https://media.npr.org/chrome/programs/logos/up-first.jpg?version=2
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:4a5::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
d761bfbed54ff398aa3320e53b8fa5005810bed14d349c7f4d9b137d435c7674
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=604800; includeSubDomains
date
Tue, 02 May 2023 18:40:36 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
3208
x-xss-protection
1; mode=block
x-served-by
prod-web-8
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Nov 2019 16:26:18 GMT
server
Apache/2.4.25 (Debian)
etag
"c88-596c420042a79"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=15552000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Oct 2023 18:40:36 GMT
takingcover_final_sq-ffc9645406171f832e44717f71a072277edda564-s100-c100.jpg
media.npr.org/assets/img/2023/03/11/
17 KB
18 KB
Image
General
Full URL
https://media.npr.org/assets/img/2023/03/11/takingcover_final_sq-ffc9645406171f832e44717f71a072277edda564-s100-c100.jpg
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:4a5::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
b764ce150169f8cb3de122209b93f8e73a0f31b7698bdaefad21703e1c3ea354
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Tue, 02 May 2023 18:40:36 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
17906
x-xss-protection
1; mode=block
x-served-by
prod-web-3
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 30 Mar 2023 17:59:16 GMT
server
Apache/2.4.25 (Debian)
etag
"45f2-5f821d9e62a2e"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=15552000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Oct 2023 18:40:36 GMT
ltar_s2_tile_01_sq-19a778e240e99c795205cab72b2d6823001eb4af-s100-c100.png
media.npr.org/assets/img/2023/03/08/
18 KB
18 KB
Image
General
Full URL
https://media.npr.org/assets/img/2023/03/08/ltar_s2_tile_01_sq-19a778e240e99c795205cab72b2d6823001eb4af-s100-c100.png
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:4a5::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
16ab56bb6d9dcf2840347dab10701dd876a0d55b7d726ee65ccd15c1314b616a
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Tue, 02 May 2023 18:40:36 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
18046
x-xss-protection
1; mode=block
x-served-by
prod-web-13
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 16 Mar 2023 15:16:09 GMT
server
Apache/2.4.25 (Debian)
etag
"467e-5f705f0baadef"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=13684886
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 04:02:02 GMT
ibam_tile-2023_sq-8be9968a8deb580001ff44c27f77dcc028095187-s100-c100.jpg
media.npr.org/assets/img/2023/02/27/
21 KB
21 KB
Image
General
Full URL
https://media.npr.org/assets/img/2023/02/27/ibam_tile-2023_sq-8be9968a8deb580001ff44c27f77dcc028095187-s100-c100.jpg
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:4a5::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
f837562dd6fbf32c3e7fb4d5512bd04e57ca34e1bbb3487b61851ce734767777
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Tue, 02 May 2023 18:40:36 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
21405
x-xss-protection
1; mode=block
x-served-by
prod-web-48
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Mar 2023 20:04:09 GMT
server
Apache/2.4.25 (Debian)
etag
"539d-5f67d25d0f8d8"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=15552000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Oct 2023 18:40:36 GMT
life-kit_tile_npr-network-01_sq-200388bae100cab944ffa3655e7f3119e026d305-s100-c100.jpg
media.npr.org/assets/img/2022/09/23/
12 KB
13 KB
Image
General
Full URL
https://media.npr.org/assets/img/2022/09/23/life-kit_tile_npr-network-01_sq-200388bae100cab944ffa3655e7f3119e026d305-s100-c100.jpg
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:4a5::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
65e230b9c1ae8bdf74c5d20452f594351cf384eb295dbd59b64e71b735847250
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
prod-web-50
strict-transport-security
max-age=604800; includeSubDomains
date
Tue, 02 May 2023 18:40:36 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/7.4.14
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=15552000
akamai-mon-iucid-del
28919
timing-allow-origin
*
content-length
12755
x-xss-protection
1; mode=block
expires
Sun, 29 Oct 2023 18:40:36 GMT
gettyimages-1246562527_custom-5ba6ee73218431779fe12a55eccee976ee3ec558-s800-c85.webp
media.npr.org/assets/img/2023/01/26/
75 KB
76 KB
Image
General
Full URL
https://media.npr.org/assets/img/2023/01/26/gettyimages-1246562527_custom-5ba6ee73218431779fe12a55eccee976ee3ec558-s800-c85.webp
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:4a5::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
0b2496f0d30a6fd2a0e4ceea48ddab6d47d2aea22efc450f16a2bd26b6fd6535
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
prod-web-45
strict-transport-security
max-age=604800; includeSubDomains
date
Tue, 02 May 2023 18:40:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/7.4.14
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=15551992
akamai-mon-iucid-del
28919
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 29 Oct 2023 18:40:29 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.39.0/
372 KB
89 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Zp/CcrZmK7hQ2S6c/t9Tpw==
age
52273
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
90454
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:04 GMT
server
cloudflare
etag
0x8DA87805EB35DE2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ec1cbf5f-b01e-00e5-38ab-4aca11000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c1264c5fcda1a49-FRA
morning-edition.jpg
media.npr.org/chrome/programs/logos/
2 KB
2 KB
Image
General
Full URL
https://media.npr.org/chrome/programs/logos/morning-edition.jpg
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:4a5::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
fd0e391aa29b2d68f0382b95e93ef92288cffb43a9fb371360dc52f11fc1e548
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Tue, 02 May 2023 18:40:36 GMT
x-content-type-options
nosniff
akamai-mon-iucid-del
28919
content-length
2104
x-xss-protection
1; mode=block
x-served-by
prod-web-40
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Oct 2018 14:51:41 GMT
server
Apache/2.4.25 (Debian)
etag
"838-57881ecc3ffbc"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=15552000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Oct 2023 18:40:36 GMT
config
c.amazon-adsystem.com/cdn/prod/
0
301 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5116&u=https%3A%2F%2Fwww.npr.org
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:36 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.npr.org
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
dV40ZWdaWelrJF0sAKqKk1n43DO7fpfexO5eQ9EGSzoJc7l0ozKPyg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
ZtsI5FMPcYjgnUSe6fFwOoK3szNfqbqS
content-encoding
gzip
via
1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
date
Tue, 02 May 2023 06:02:50 GMT
x-amz-cf-pop
PRG50-C1
age
45467
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Apr 2023 23:46:51 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
4EpyBdY4N18_YphOnNQomJGGecPdTcrRW8MWx9qz1lsCgH2dXrj_7Q==
en.json
cdn.cookielaw.org/consent/82089dfe-410c-4e1b-a7f9-698174b62a86/7ad3aeaa-5ca0-4af2-b409-2d9279c4d7d6/
284 KB
47 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/82089dfe-410c-4e1b-a7f9-698174b62a86/7ad3aeaa-5ca0-4af2-b409-2d9279c4d7d6/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c848099b5f59ce6b3142f3c8231430b148b519cb757a3abc737823489936b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ZH0b55lnp00+O0jdYsDeMg==
age
45070
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
47799
x-ms-lease-status
unlocked
last-modified
Wed, 21 Dec 2022 15:27:16 GMT
server
cloudflare
etag
0x8DAE367D7D329F9
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e4da3bf5-001e-0091-28e1-5a4c57000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c1264c6abd32c23-FRA
expires
Wed, 03 May 2023 18:40:36 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/
375 KB
54 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ec7e7f0a85bd9dbd53d685484029acdf667982c2038514a7b3db93d3b547c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XA5xUTRjfps/if+nPbLFRg==
age
43623
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
54639
x-ms-lease-status
unlocked
last-modified
Tue, 02 May 2023 04:14:10 GMT
server
cloudflare
etag
0x8DB4AC3AE14F5E0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e5bb44a0-d01e-011f-0cb2-7c45a3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c1264c6abd42c23-FRA
otTCF.js
cdn.cookielaw.org/scripttemplates/6.39.0/
68 KB
15 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/otTCF.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 May 2023 18:40:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7+d5z1W8EcmBqv81Q4Kzhw==
age
5416
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15011
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:02 GMT
server
cloudflare
etag
0x8DA87805DD135D9
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d39cd3e4-301e-0178-45e1-5af604000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c1264c6be0c1a49-FRA
otFlat.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 May 2023 18:40:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xx897lTVYGjMQiwuGCrzDA==
age
45784
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:55 GMT
server
cloudflare
etag
0x8DA87805972EF22
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6f9346ba-d01e-00f5-7fe1-5afcf7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c1264c76d002c23-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/
62 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
331852fd9912583b03043c973d33d23b2711924f3731bd8bcd31b7000a6d4a60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 May 2023 18:40:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
444ho/eGhWdN7ej7RCW2zw==
age
45784
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13253
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:57 GMT
server
cloudflare
etag
0x8DA87805AD77A2D
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
c27ff170-c01e-0144-7fe1-5a42df000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c1264c76d052c23-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.39.0/assets/
22 KB
5 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 May 2023 18:40:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
B55i3ZY9miZIaUrwjufy0w==
age
43624
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7e19b7df-801e-0003-0de1-5adbe1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7c1264c76d082c23-FRA
1.35fef2e7efc998bcb19e.chunk.js
bundles.npr.org/dist/bundles/
266 KB
86 KB
Script
General
Full URL
https://bundles.npr.org/dist/bundles/1.35fef2e7efc998bcb19e.chunk.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
407c9d5a3b403dd4924a43bf9205cfd575916ee143ebf748291641d11b6cb464

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:37 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 19:30:52 GMT
server
AkamaiNetStorage
etag
"d674c84a037e67bbc9098520f0f9e0ab:1682710252.719627"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=28892
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 02:42:09 GMT
2.66d5b78293e7fcef9d8a.chunk.js
bundles.npr.org/dist/bundles/
157 KB
50 KB
Script
General
Full URL
https://bundles.npr.org/dist/bundles/2.66d5b78293e7fcef9d8a.chunk.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4c82a5b9414d2657319b99eae24e2635e9d718fd924687e007c7e69ae8d2a5fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:37 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 19:30:51 GMT
server
AkamaiNetStorage
etag
"8562ba33484e04b58eb537c841aea7a0:1682710251.151657"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=28936
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 02:42:53 GMT
3.2a0418c8059a2bb98907.chunk.js
bundles.npr.org/dist/bundles/
32 KB
9 KB
Script
General
Full URL
https://bundles.npr.org/dist/bundles/3.2a0418c8059a2bb98907.chunk.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
42ec0c345a879b57eccb0fbf59ec4daeda78b90f8d825f62b408d5eabf5f512b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:37 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 19:30:53 GMT
server
AkamaiNetStorage
etag
"3bc7d33328ddbb87608292fd6147d9ba:1682710253.289807"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=29048
accept-ranges
bytes
timing-allow-origin
*
content-length
9303
expires
Wed, 03 May 2023 02:44:45 GMT
98.e1818c62e09423426d6d.chunk.js
bundles.npr.org/dist/bundles/
12 KB
5 KB
Script
General
Full URL
https://bundles.npr.org/dist/bundles/98.e1818c62e09423426d6d.chunk.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d4bc06d03f20598c5a5b3027a0d82921ae54048131098de776c6ce70302a5ecd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:37 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 19:30:45 GMT
server
AkamaiNetStorage
etag
"e235a6e2502b85115ade872923d29330:1682710245.658677"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=30386
accept-ranges
bytes
timing-allow-origin
*
content-length
4496
expires
Wed, 03 May 2023 03:07:03 GMT
75.f172d58577241cb42645.chunk.js
bundles.npr.org/dist/bundles/
808 KB
203 KB
Script
General
Full URL
https://bundles.npr.org/dist/bundles/75.f172d58577241cb42645.chunk.js
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
eeaf169bd84287d2e990060a0ea09e42712c8cce23ed3f9e9bbb2095dc57b432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:37 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 19:30:49 GMT
server
AkamaiNetStorage
etag
"62f7597774fba0212f2a02e62ab2083c:1682710249.953437"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=10713
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 May 2023 21:39:10 GMT
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 3F5F
200 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.146.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-146-46.txl52.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1832
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 May 2023 18:10:07 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Fri, 28 Apr 2023 20:08:01 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 8e2919534da029bb37f64b265b219372.cloudfront.net (CloudFront)
x-amz-cf-id
4uFEnJtn3YDOEWaxF2UfuYJKKEY-p5NaDjbEN3g5-gy1Yjv6DlF5RA==
x-amz-cf-pop
TXL52-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
config.json
c.go-mpulse.net/api/
3 KB
1 KB
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=MBVDT-3L9KY-36ZMJ-SPSAR-JR833&d=www.npr.org&t=5610176&v=1.720.0&sl=0&si=618b7360-9207-40b2-800a-95da2ed54949-ru1nvo&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=290690
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/MBVDT-3L9KY-36ZMJ-SPSAR-JR833
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:18e::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b27f40bfa22e57b39f3162db00af39fc7b0ee65062844d1d70066c6859ad3374

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 18:40:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1063
csp-report
q.stripe.com/ Frame 3F5F
0
0

csp-report
q.stripe.com/ Frame 3F5F
0
0

m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 3F5F
631 B
1 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.146.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-146-46.txl52.r.cloudfront.net
Software
Cloudfront /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 02 May 2023 17:44:56 GMT
x-content-type-options
nosniff
via
1.1 8e2919534da029bb37f64b265b219372.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
age
3415
x-cache
Hit from cloudfront
content-length
631
last-modified
Tue, 25 Apr 2023 21:01:15 GMT
server
Cloudfront
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ytAJVskbhCSjMYB7NrSrAlrIvDT8GZAKNl43Dby1vV-EQKfF1M49jg==
npr-logo-rgb-white-border.png
cdn.cookielaw.org/logos/26b1c6a2-1285-46a9-a3af-3a0d7ddde52e/82089dfe-410c-4e1b-a7f9-698174b62a86/8edc49d4-62e4-4635-b6e1-6d38b029eb25/
16 KB
16 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/26b1c6a2-1285-46a9-a3af-3a0d7ddde52e/82089dfe-410c-4e1b-a7f9-698174b62a86/8edc49d4-62e4-4635-b6e1-6d38b029eb25/npr-logo-rgb-white-border.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e648861094dd784d862b00417d495e89b775ded1196f44cf9bd238675b07b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 May 2023 18:40:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8EfOxdz7xyLJO0ioRc+MEQ==
age
49485
content-length
16547
x-ms-lease-status
unlocked
last-modified
Thu, 19 May 2022 20:41:01 GMT
server
cloudflare
etag
0x8DA39D7E31546C9
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
c992ccf7-901e-013a-4fe1-5add10000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7c1264c8487d1a49-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 May 2023 18:40:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
52281
x-ms-lease-status
unlocked
last-modified
Thu, 27 Apr 2023 20:26:48 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ad8eee9b-301e-0055-0199-793391000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7c1264c8487e1a49-FRA
inner.html
m.stripe.network/ Frame 711B
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-85.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
287
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 May 2023 18:35:51 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-id
0-s3Q0Dxa3zBijvHT1oET4qzEPseFd-QJeRWQEiBmXAvUR_HygyEbg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
bid
aax.amazon-adsystem.com/e/dtb/
23 B
461 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5116&u=https%3A%2F%2Fwww.npr.org%2F2023%2F01%2F26%2F1151696092%2Ffbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group&pid=PMqqBZrNIsNSV&cb=0&ws=1600x1200&v=23.426.459&t=1000&slots=%5B%7B%22sd%22%3A%22ad-backstage-News_National_National_Security%22%2C%22s%22%3A%5B%22300x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F6735%2Fn6735.NPR%2FNews_National_National_Security%22%7D%2C%7B%22sd%22%3A%22ad-secondary-News_National_National_Security%22%2C%22s%22%3A%5B%22300x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F6735%2FNPRSecondary%2FNews_National_National_Security%22%7D%2C%7B%22sd%22%3A%22ad-third-News_National_National_Security%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6735%2FNPRThird%2FNews_National_National_Security%22%7D%2C%7B%22sd%22%3A%22ad-standard-News_National_National_Security%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F6735%2Fn6735.NPR%2FNews_National_National_Security%22%7D%5D&gdpre=1&gdprc=CPrIzkAPrIzkAAcABBENDCCgAAAAAH_AACiQAAAS0gJgLzAaaBHsCPsEfwSAAkEBIQCRAEigJGwSQBJMCSsEmASZAk2BKMCVEEqgSrgleCWEEswS0AAA.YAAAD_gAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.213.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-213-130.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:37 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
GVWM4M4C8RTW77YCR1SG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.npr.org
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
1iNfgb2sRIEES6rccDTSVr4goVYwC7LEfoTYuLEcwCg-DJKunEP3pA==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/162268/7835/
525 KB
154 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.f172d58577241cb42645.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
55274b5eccbb145d96c31f4395d4d1d8ea783bfea7f1a3cc1aa4cb946a0ab5f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:37 GMT
content-encoding
gzip
last-modified
Tue, 25 Apr 2023 14:35:26 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=19989
accept-ranges
bytes
content-length
156628
expires
Wed, 03 May 2023 00:13:46 GMT
gtm.js
www.googletagmanager.com/
285 KB
64 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MVD397M
Requested by
Host: www.npr.org
URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8bd8184ebe0cfb211587d46d12df2b9661f35760fd83daf1cb8b820f84298335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65843
x-xss-protection
0
last-modified
Tue, 02 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 May 2023 18:40:37 GMT
recommendations
api.npr.org/stationfinder/v3/stations/
306 B
701 B
Fetch
General
Full URL
https://api.npr.org/stationfinder/v3/stations/recommendations
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.f172d58577241cb42645.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
216.35.221.71 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
8160bab195026a34d3bf1162e7e678eaf296f9d62b6eccce4ce6d0b7e94ac2bf
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Served-By
prod-web-42
Date
Tue, 02 May 2023 18:40:37 GMT
Server
Apache/2.4.25 (Debian)
X-Powered-By
PHP/7.4.14
X-Frame-Options
DENY
Content-Type
application/json;
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
Keep-Alive
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=4974
Content-Length
306
Expires
Tue, 02 May 2023 18:40:37 GMT
spiking-stories
www.npr.org/proxy/
14 B
755 B
Fetch
General
Full URL
https://www.npr.org/proxy/spiking-stories
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.f172d58577241cb42645.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:4a5::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
186193e4f04cd795f41388fad91a7d77cb17f5077a6130d535808afed22594e5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Tue, 02 May 2023 18:40:37 GMT
strict-transport-security
max-age=15724800; includeSubDomains
date
Tue, 02 May 2023 18:40:37 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
x-served-by
pod-www-render-nginx-7fc4dbbf78-4xjx5
content-type
application/json
access-control-allow-origin
https://www.npr.org
cache-control
no-cache
access-control-allow-credentials
true
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="467514_1551582761_118758053_377_11888_9_0";dur=1
content-length
14
x-xss-protection
1; mode=block
x-npr-trace-id
renSp8ONS9n
truncated
/
901 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24713d9602b5912dc8610cc4920378e39053cfaab46efc0e5b3ded9bed899475

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
api.js
www.google.com/recaptcha/
850 B
874 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.f172d58577241cb42645.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dc533a00ce470f13a33c96c800b14f8169170897045e751f5f92c7b7fe409901
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
554
x-xss-protection
1; mode=block
expires
Tue, 02 May 2023 18:40:37 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
74 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.f172d58577241cb42645.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c05131386a2866822eb1c6a035564cd5c4b68660c7b35d287c69ff10582e8b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24841
x-xss-protection
0
server
cafe
etag
550 / 19479 / m202304270101 / config-hash: 17583612883887426950
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 May 2023 18:40:37 GMT
grumi-ip.js
rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/
14 KB
6 KB
Script
General
Full URL
https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.f172d58577241cb42645.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 17:41:32 GMT
x-amz-version-id
DuJR1hVAvVhDHML78yIw9xWnN.jnHD8G
content-encoding
br
last-modified
Mon, 27 Mar 2023 06:19:38 GMT
server
AmazonS3
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"22b4da07003fc88ea067e3f866ea9c5a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
3546
x-amz-cf-id
S3_5KiR2NtL2EXCvEKB3fItGEti-buiMesnwXZ0SkNmojxZjUZQopA==
endofstory
legacy.npr.org/proxy/recommendations/
29 KB
14 KB
Fetch
General
Full URL
https://legacy.npr.org/proxy/recommendations/endofstory?storyId=1151696092&previouslyReadStoryIds=[%221151696092%22]
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/75.f172d58577241cb42645.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
9ff21fc653c258d97b95fbfd62df55456b2d2ddedd2c93b8f06893a7d61aed6a
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 May 2023 18:40:37 GMT
x-powered-by
PHP/7.4.14
content-length
14147
x-xss-protection
1; mode=block
x-served-by
prod-web-16
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.npr.org
cache-control
max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 02 May 2023 18:40:37 GMT
truncated
/
1018 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ca615b12424fc2a925831a1151e5270a48ff54f89acd00ce10c02f7114694d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
350 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d9c1c742aac35a11e2f47ecc1b8b720c69647e630606368b2ae352cc758f27d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
csp-report
q.stripe.com/ Frame 711B
0
0

out-4.5.42.js
m.stripe.network/ Frame 711B
86 KB
16 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-85.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 May 2023 18:39:50 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
48
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
LdDlhfYzX83JcN_QIGknOZ_WtshBRIhncHlEVvHxlncOecE3KmNvFQ==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/
409 KB
164 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b89b22ad742d4802bb729ed58852376a8ed85a99a410df64bd31e117408e7b1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Origin
https://www.npr.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 17:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5809
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167195
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 20:17:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 May 2024 17:03:48 GMT
/
02179914.akstat.io/
0
200 B
Ping
General
Full URL
https://02179914.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/MBVDT-3L9KY-36ZMJ-SPSAR-JR833
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:690::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 02 May 2023 18:40:37 GMT
content-type
image/gif
access-control-allow-origin
https://www.npr.org
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Tue, 02 May 2023 18:40:37 GMT
floors.json
ads.pubmatic.com/AdServer/js/pwt/floors/162268/7835/
759 B
624 B
XHR
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/floors/162268/7835/floors.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7bd866d35abe324eb126fb420c16b72ab73e1068d543bdb5ccff8d30d5bb05aa

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 May 2023 18:40:37 GMT
content-encoding
gzip
last-modified
Mon, 10 Apr 2023 23:29:31 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
application/json
cache-control
max-age=158827
access-control-allow-credentials
true
accept-ranges
bytes
content-length
214
expires
Thu, 04 May 2023 14:47:44 GMT
6
m.stripe.com/ Frame 711B
156 B
669 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.191.20 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-191-20.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
871af10a6d76547c486ee0d525648f231501efbc211b9f1b38fea1b13820224b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 May 2023 18:40:38 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1683052838018524
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
6
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1683052838018330
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
grumi.js
rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/
814 KB
247 KB
Script
General
Full URL
https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e302dc63148b601685374edf369de2949c46c4d1a993b10313684774930935dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 17:41:32 GMT
x-amz-version-id
vGgIak6UO_DGdCuVDgspb9rU8TaPj1_L
content-encoding
br
last-modified
Tue, 02 May 2023 17:17:26 GMT
server
AmazonS3
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"0a6ed878d5a29c70a4a231c91c571e9c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
3546
x-amz-cf-id
yGRxe1hNI8X6wzRdiDLTflasEhNWqW5Yps292Xls_Dl1u7PCy86qlQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/
398 KB
123 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ca2039a328b8430658284ee603ab8b1a8554e7e35afae2a094ea9838af9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 17:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3304
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126154
x-xss-protection
0
server
cafe
etag
17925783384364415813
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 01 May 2024 17:45:33 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
776 B
394 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.npr.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b596fe810c4f72890a9ad86e49766ff6d95fb028c99cced6b6ac41cc751d514d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
369
x-xss-protection
0
expires
Tue, 02 May 2023 18:40:37 GMT
translator
hbopenbid.pubmatic.com/
0
114 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=506
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.npr.org
date
Tue, 02 May 2023 18:40:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
492 B
2 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
78805f03c6a6f823e613398f6423b068227ce16e545fd2d0346430ce72c4586d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 02 May 2023 18:40:38 GMT
AN-X-Request-Uuid
700b4d4b-20f4-47f0-8b89-e6b0beb78010
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.npr.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.39; 81.95.5.39; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
492
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/
37 B
563 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=922918&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22111c8ae5343ca17%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.npr.org%2F2023%2F01%2F26%2F1151696092%2Ffbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.npr.org%2F2023%2F01%2F26%2F1151696092%2Ffbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22124dced4521bb31%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22922918%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22922918%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F6735%2Fn6735.NPR%2FNews_National_National_Security%22%2C%22gpid%22%3A%22%2F6735%2Fn6735.NPR%2FNews_National_National_Security%22%7D%2C%22bidfloor%22%3A0.7%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22138ee47fbf40ccd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22922909%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22922909%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F6735%2FNPRSecondary%2FNews_National_National_Security%22%2C%22gpid%22%3A%22%2F6735%2FNPRSecondary%2FNews_National_National_Security%22%7D%2C%22bidfloor%22%3A0.7%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2214963d6caa2f4de%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22922910%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F6735%2FNPRThird%2FNews_National_National_Security%22%2C%22gpid%22%3A%22%2F6735%2FNPRThird%2FNews_National_National_Security%22%7D%2C%22bidfloor%22%3A0.7%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2215bd7aa54b47742%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22922918%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22922918%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F6735%2Fn6735.NPR%2FNews_National_National_Security%22%2C%22gpid%22%3A%22%2F6735%2Fn6735.NPR%2FNews_National_National_Security%22%7D%2C%22bidfloor%22%3A0.7%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2259dd9f39-6ed0-46a9-9a93-f7147d89ec01%22%7D%5D%7D%5D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12bc315ae71c487640eec62dfed997244a87e824e9eae8d1a1a5f06b440813e

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 May 2023 18:40:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvahsbBKfZ8IX3jSAXQWbO9RBWvh0lIuB1jxQ323iXm3gjBbYQrF3VPPLes3aVCVy%2B9r60LASj53DsQeb5UFLMGAODZT%2BqhRvaVbZxs2Yvm5v2wgmhZ2OzATHmUuW8d9ECDXtoqL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.npr.org
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c1264cbb8189199-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cx.cce.js
cdn.cxense.com/
23 KB
6 KB
Script
General
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.piano.io
URL: https://cdn.piano.io/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:293::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 18:40:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Oct 2022 14:05:13 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5959
Expires
Tue, 02 May 2023 19:40:37 GMT
execute
c2.piano.io/xbuilder/experience/
5 KB
2 KB
XHR
General
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=9ENxKQ58pu
Requested by
Host: cdn.piano.io
URL: https://cdn.piano.io/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
154272544ec864e1060b7c8c2d7692ecce2443ac1e0100bbb3bdc2bd642ec1b8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 May 2023 18:40:37 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
3w57nxtoxt
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.npr.org
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7c1264cc1ccb373d-FRA
2b5d0c3d6f690371f38881623967d2f7.svg
bundles.npr.org/dist/bundles/
20 KB
1 KB
Image
General
Full URL
https://bundles.npr.org/dist/bundles/2b5d0c3d6f690371f38881623967d2f7.svg
Requested by
Host: bundles.npr.org
URL: https://bundles.npr.org/dist/bundles/persistent_large-css-764e0c166c279b3414d9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a4602edc276bf5381a6864accfca91ab3e4deb6f20933a7eee16e40fa54747be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bundles.npr.org/dist/bundles/persistent_large-css-764e0c166c279b3414d9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:37 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 19:30:50 GMT
server
AkamaiNetStorage
etag
"2b5d0c3d6f690371f38881623967d2f7:1682710250.618946"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=420479
accept-ranges
bytes
timing-allow-origin
*
content-length
1022
expires
Sun, 07 May 2023 15:28:36 GMT
truncated
/
199 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dd1e49600584510a5c52ba9c899c29c26e9fae674deeea59a7059c4650c14c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
cx.js
cdn.cxense.com/
103 KB
34 KB
Script
General
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:293::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a11d62109f30ddb0d4b4f74e8b340ccc50a471ea1e5a888a5f17631c31cf9545

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 18:40:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Apr 2023 13:31:47 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34188
Expires
Tue, 02 May 2023 19:40:37 GMT
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/
586 B
692 B
XHR
General
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=9ENxKQ58pu
Requested by
Host: cdn.piano.io
URL: https://cdn.piano.io/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cfa071b0b179cef4e3e12e53c662b35d304f601d96e879e0bc50d89947975b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mqvn1urHJFy
pragma
no-cache
wn
prod-dash-10-0-139-190
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.002
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c1264cd7fad1c38-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame B56C
9 KB
4 KB
Document
General
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d84f933df2d4ad1c8cca195ddddd6b705146dc6a016f21b176f38dcb4d28e444
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
age
826
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=300
cf-cache-status
HIT
cf-ray
7c1264cd7b7330c4-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 02 May 2023 18:40:38 GMT
expires
Tue, 02 May 2023 18:45:38 GMT
last-modified
Tue, 02 May 2023 18:26:52 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-136-50
x-forwarded-https
on
x-request-id
Ms8n1urQUk9
x-xss-protection
0
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame B56C
26 KB
5 KB
Stylesheet
General
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
1477
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Apr 2023 14:32:22 GMT
wn
prod-dash-10-0-134-92
server
cloudflare
etag
W/"26850-1682519542000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
7c1264cdbbc430c4-FRA
expires
Tue, 02 May 2023 20:40:38 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame B56C
95 KB
30 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
87239
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqycYU5axPWXo0FWUbPQxFct%2F%2FQATDsX1Y2GmeCq9sBOYR9LDUze7ll%2FEss91GHq694b4oRit%2FvQhTCRxy0npyKw72t7eiid4mw3xJ06LqZMXNi1t4cw9PbV%2BgzONEj9PkBdooJirTtP5mxkETvPt%2BbO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c1264cde8a2bb89-FRA
expires
Sun, 21 Apr 2024 18:40:38 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame B56C
10 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
435515
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Znaw9PPpwyCGPi30zsJZyELX4ULSBjNNLBQAilA2MOXon1SiNpsgp7TrAOD%2BzgXan3fvmHswvHBSinVjfSoHAQjIuagZRzd0VVBKROyk9dFwz5qX1Vvxzj7b8bU9X8xY8mbEYl351wNPa5QmVgYVrh8B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c1264cde8a3bb89-FRA
expires
Sun, 21 Apr 2024 18:40:38 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame B56C
104 KB
35 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
11395453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQM9AyGs4qDgyWIYAKOW0VZucTOFZAVjZzAwCEnQb0bUYmjOAouiiO23nQadMuroRKsGkTBW%2FeIdCyroUKJrEe6tSLS1jXxx83J%2FHQpak7z12ubPUmoZXvilzJ45U1%2B2mZZs1qVxNmJ98fbTXGj27ID3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c1264cde8a6bb89-FRA
expires
Sun, 21 Apr 2024 18:40:38 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame B56C
11 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
82197
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPA16ixAODme%2F3M4AFR%2F52lbrcRVJCe1n4eGJ3BhTV7filhGqUdJehha08qYAPM3m0f5vJV0rC3jKEklYDChwqL3xx9ucVfqhN8Q1HdVYJjN38LNMvxrYZjx8pOdCxms%2BQ0muHPeHYM091RmrULep4tD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c1264cde8b6bb89-FRA
expires
Sun, 21 Apr 2024 18:40:38 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame B56C
825 B
748 B
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
82193
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDzFoJR7rEZQRaMvrdrYl1WC6G%2BAe6x1ITFrQnDOHspacyafseOsIoJAptFCLDC6cbHFDo8ZxsfZHlTXy1CR4PnzdloTvAVp8SFj%2BhgYyRYyygd18jaT9X4hyrDML7oAL2cJOONCweNZGxgNAJNT5ony"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c1264cde8bcbb89-FRA
expires
Sun, 21 Apr 2024 18:40:38 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame B56C
4 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
82217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YjoR7sEeKyzN6P%2F6URRHbzjpR9mhVgY7Iz5IR6NypkDL6jxgFJ5yyF9LXxJO0uhJr3rjRMnZAVbpzr1mq2bvwu9uMv6sjhF%2B0Fx3nxTog%2BhVEcdLMVDu%2BG2RLBh4%2F9d0A7%2BpTFnGoJr5JIfoU1dpW28"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c1264cde8c0bb89-FRA
expires
Sun, 21 Apr 2024 18:40:38 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame B56C
3 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4043646
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1v%2Bhmqg43ulnkQvFWWBaqDjCDUArhXlOjQSjrsi%2B2nyi6b2bkFSoCM1YSc5l2%2FE7EbdqQVj0D%2BqfHXQ6Y4TisgUR8wUuu0cJ8IGefn4NHXdEYVqKqDZ%2FbJrMQewbBzwUu6WXuTdJIdyl7PQBsQBNk%2BpH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c1264cdf8cdbb89-FRA
expires
Sun, 21 Apr 2024 18:40:38 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame B56C
23 KB
8 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
80537
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAP3AUSt5JqZbMYHe0HL9igM3LOuduRenIgCtcgOppjQAIrRi2IPR2YIsSEPO8PgaE7VXt0rfuDIomrzSd74%2BZ%2BzEDTyXE%2BiuVZiaPg2FtDNPK%2F2XjfqDEZ9nh2kgZmAovaaFFOxbr81YZPfYSIPd5gt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c1264cdf8d0bb89-FRA
expires
Sun, 21 Apr 2024 18:40:38 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame B56C
2 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1264732
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYi3zAlgxjfdtF1OHEG%2FJJtZHyVGXOJlBn9llxwlriRlxs1N082aPsVHbTExLiSZ2KfjyTcTzmwzVQ%2Fh9m7G%2FmXZatoLrarQ9mqVC0m3T6aVwMEEJ9QVr2hjWEWKbDsXJgTuO%2ByaxEd5kLE0BqUJSDEK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c1264cde8c5bb89-FRA
expires
Sun, 21 Apr 2024 18:40:38 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame B56C
20 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12618785
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMLE%2FXf8swGiat0Xk6MbM6KWZhrA34DNVGGCEJJLnia%2FR%2F%2FyhMW4r%2Fv80Xa0uxZQ2HArO4irJ40sXFu6LBoPD8dpHklJb03%2FHbizDrR7VTc6%2FM3p5L7Am7pVZlP7rgu5raNOcz7NRYI3uaYXzNGuh%2BhL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c1264cde8c7bb89-FRA
expires
Sun, 21 Apr 2024 18:40:38 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame B56C
115 KB
36 KB
Script
General
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.168.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e78d23ae6e5e0f82394424866f999a7247b301cb7ccca0fe39ad303121be8061
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
1470
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 28 Apr 2023 13:21:58 GMT
wn
prod-dash-10-0-134-92
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=603330
x-optimized-by
_sam
cf-ray
7c1264cdbbc530c4-FRA
expires
Tue, 09 May 2023 18:16:08 GMT
css2
fonts.googleapis.com/ Frame B56C
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Source+Sans+Pro:wght@700&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9ENxKQ58pu&templateId=OTEY4VGMCJAW&offerId=fakeOfferId&experienceId=EXIXFAOJKYQS&iframeId=offer_eef1b5e1af5cdea2cc3c-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.npr.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0fa39b360ace822bb45db5c097f728afcb32ea10ba375a5f13e3d3c1f752ea6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 May 2023 18:40:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 May 2023 18:40:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 May 2023 18:40:38 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 55D7
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44367
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 02 May 2023 18:40:38 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 17 Apr 2023 07:14:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1531, 175750
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230020-FRA
X-Timer
S1683052838.137644,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4B30
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=109672
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 02 May 2023 18:40:38 GMT
expires
Thu, 04 May 2023 01:08:30 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame ABCD
0
0

S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame B56C
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Source+Sans+Pro:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 02:08:14 GMT
x-content-type-options
nosniff
age
405144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Apr 2024 02:08:14 GMT
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame B56C
2 KB
2 KB
Image
General
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
1477
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2177
last-modified
Fri, 28 Apr 2023 13:21:58 GMT
wn
prod-dash-10-0-134-92
server
cloudflare
etag
W/"2177-1682688118000"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
7c1264ceea1e907c-FRA
expires
Tue, 02 May 2023 20:40:38 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame B56C
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Source+Sans+Pro:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 15:23:38 GMT
x-content-type-options
nosniff
age
271020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 15:23:38 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame B56C
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Source+Sans+Pro:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 23:02:35 GMT
x-content-type-options
nosniff
age
243483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 23:02:35 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4B30
2 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70025583&p=162268&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
b1f40461980713f389f1e8371c182ca4580e987186687b8da8d4b0971ad196ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 02 May 2023 18:40:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ixmatch.html
js-sec.indexww.com/um/
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame 5D9D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cbf86451-5926-4a00-a119-aca8b713f505&gdpr=0&gdpr_consent=
42 B
555 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cbf86451-5926-4a00-a119-aca8b713f505&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 May 2023 18:40:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 02 May 2023 18:40:38 GMT
Expires
Tue, 02 May 2023 18:40:37 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master zrh-pixel-x10 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cbf86451-5926-4a00-a119-aca8b713f505&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame F207
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525487045501
42 B
425 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525487045501
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 May 2023 18:40:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 02 May 2023 18:40:38 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525487045501
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
usersync.aspx
dis.criteo.com/dis/ Frame 6CA1
43 B
363 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 18:40:37 GMT
expires
Tue, 02 May 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
366637
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame EBB3
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8318348273114129603
42 B
275 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8318348273114129603
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 May 2023 18:40:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8318348273114129603
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame B474
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KEa6IytLvSQzR7whKRSidCtAuiAzQ7smKBTlYEYq
42 B
340 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KEa6IytLvSQzR7whKRSidCtAuiAzQ7smKBTlYEYq
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 May 2023 18:40:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 02 May 2023 18:40:38 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KEa6IytLvSQzR7whKRSidCtAuiAzQ7smKBTlYEYq
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4B30
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cDBeftSYT6CgHBA4ZpbXrA%3D%3D&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cDBeftSYT6CgHBA4ZpbXrA%3D%3D&gdpr=0&gdpr_consent=&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=109672
accept-ranges
bytes
content-length
5554
expires
Thu, 04 May 2023 01:08:30 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 18:40:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 4B30
49 B
266 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=70305E7E-D498-4FA0-A01C-10386696D7AC&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.220.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-220-178.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 18:40:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.12.104
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 4B30
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4002348244
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=70305E7E-D498-4FA0-A01C-10386696D7AC
0
284 B
Image
General
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=70305E7E-D498-4FA0-A01C-10386696D7AC
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 18:40:38 GMT
via
1.1 google
last-modified
Tue, 02 May 2023 18:40:38 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=70305E7E-D498-4FA0-A01C-10386696D7AC
date
Tue, 02 May 2023 18:40:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 4B30
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=70305E7E-D498-4FA0-A01C-10386696D7AC
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZjUzcFhvc0NKdDVUYi1JdlpwUTZpVml0UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7898488941138823061&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
23.21.155.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-155-77.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 18:40:39 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 02 May 2023 18:40:38 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 4B30
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzAzMDVFN0UtRDQ5OC00RkEwLUEwMUMtMTAzODY2OTZEN0FD&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzAzMDVFN0UtRDQ5OC00RkEwLUEwMUMtMTAzODY2OTZEN0FD&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 May 2023 18:40:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 18:40:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4B30
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMQ72JmFOyfZ9cMdT7O72pk&google_cver=1
42 B
299 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMQ72JmFOyfZ9cMdT7O72pk&google_cver=1
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 May 2023 18:40:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 18:40:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMQ72JmFOyfZ9cMdT7O72pk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 4B30
43 B
612 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 01 May 2023 18:40:38 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4B30
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7898488941138823061
42 B
323 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7898488941138823061
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 May 2023 18:40:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 18:40:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7898488941138823061
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 4B30
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 May 2023 18:40:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
02179914.akstat.io/
0
200 B
Ping
General
Full URL
https://02179914.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/MBVDT-3L9KY-36ZMJ-SPSAR-JR833
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:690::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 02 May 2023 18:40:38 GMT
content-type
image/gif
access-control-allow-origin
https://www.npr.org
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Tue, 02 May 2023 18:40:38 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.npr.org%2F&domain=www.npr.org&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.npr.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.npr.org
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 02 May 2023 18:40:40 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
237016
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/
49 B
248 B
XHR
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a000034M61LAAS&gdpr=0&src=pbjs&ver=6.29.3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 May 2023 18:40:39 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.npr.org
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.npr.org%2F&domain=www.npr.org&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=sAaHVHxwZWQzTis1T2dBMkQ1dHNHaEdNQVdzR3VjdEFHdzh5eHVXTHlhMjR4OTc0YzZiZjNwbGlHU0FrV3VrT0RvRXBobGdqN1pidndPQ00xRlFPTHFMWXcyWHBMVzVER204b2x4bUNUZHBwUTVEQ0JENU50UDBTOHBvcV...
333 B
646 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=sAaHVHxwZWQzTis1T2dBMkQ1dHNHaEdNQVdzR3VjdEFHdzh5eHVXTHlhMjR4OTc0YzZiZjNwbGlHU0FrV3VrT0RvRXBobGdqN1pidndPQ00xRlFPTHFMWXcyWHBMVzVER204b2x4bUNUZHBwUTVEQ0JENU50UDBTOHBvcVdFclV5d203d0N4UHdVek1Ta1NUcFAxWWY2WldCMGxHQ1E3SFdsK2RRR0lsTk9NbmRvYTE4ZHNDS1hqcmNjM1lReTVyMHdSNGNva29GbHhld3pLekFlNmxVekN4VE5kOTZUL3dEK0o3anpCaE1XRnMycXRRPXw&cppv=2
Protocol
H2
Server
178.250.1.11 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
a3e0a72cfb8d8f771d91bb3c286ef165fac421fb87dda5c7d476feb0b6bcabe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 18:40:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
857802
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 18:40:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=sAaHVHxwZWQzTis1T2dBMkQ1dHNHaEdNQVdzR3VjdEFHdzh5eHVXTHlhMjR4OTc0YzZiZjNwbGlHU0FrV3VrT0RvRXBobGdqN1pidndPQ00xRlFPTHFMWXcyWHBMVzVER204b2x4bUNUZHBwUTVEQ0JENU50UDBTOHBvcVdFclV5d203d0N4UHdVek1Ta1NUcFAxWWY2WldCMGxHQ1E3SFdsK2RRR0lsTk9NbmRvYTE4ZHNDS1hqcmNjM1lReTVyMHdSNGNva29GbHhld3pLekFlNmxVekN4VE5kOTZUL3dEK0o3anpCaE1XRnMycXRRPXw&cppv=2
access-control-allow-origin
https://www.npr.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
375936
content-length
0
expires
0
429.json
id5-sync.com/g/v2/
216 B
621 B
XHR
General
Full URL
https://id5-sync.com/g/v2/429.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
642f88b9cab53848404456b4c737fa61c090c3e3233a1b2cff0c5ae34b7135b6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.npr.org
date
Tue, 02 May 2023 18:40:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/
0
0

id
id.crwdcntrl.net/
43 B
315 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.220.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-220-178.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 May 2023 18:40:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.npr.org
cache-control
no-cache
x-server
10.45.27.234
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/
63 B
387 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
30b05c506d7bf3d0f16b63d5992cd0b96871b106133bd133425fcbe590aeb64d

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 May 2023 18:40:40 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.npr.org
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 01 Jun 2023 18:40:40 GMT
wl
t.pubmatic.com/
17 B
180 B
XHR
General
Full URL
https://t.pubmatic.com/wl?pubid=162268
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162268/7835/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 02 May 2023 18:40:40 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.npr.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 4B30
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162268&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gaAccount
buy.tinypass.com/api/v3/anon/assets/
64 B
398 B
Script
General
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=9ENxKQ58pu&tbc=%7Bkpex%7DDXyweL-OhMlGYDXZX-1jnliDhhMNIFEgEQ8Y1NOllQag8Hoq5HfmETc3Me5lzgiD&user_provider=piano_id_lite&user_token=&callApiJsonp=true&callback=jsonp7641
Requested by
Host: cdn.piano.io
URL: https://cdn.piano.io/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa33315650ba814a6758888ba6f4a2504a0186ac1c607cbbc47d85ed5ea7d3ee
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:40:41 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
MISS
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mtvn1urniO4
wn
prod-dash-10-0-84-13
last-modified
Tue, 02 May 2023 18:40:41 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
server-time
0.002
cache-control
public, max-age=86400
cf-ray
7c1264e03cd5907c-FRA
expires
Wed, 03 May 2023 18:40:41 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=sAaHVHxwZWQzTis1T2dBMkQ1dHNHaEdNQVdzR3VjdEFHdzh5eHVXTHlhMjR4OTc0YzZiZjNwbGlHU0FrV3VrT0RvRXBobGdqN1pidndPQ00xRlFPTHFMWXcyWHBMVzVER204b2x4bUNUZHBwUTVEQ0JENU50UDBTOHBvcVdFclV5d203d0N4UHdVek1Ta1NUcFAxWWY2WldCMGxHQ1E3SFdsK2RRR0lsTk9NbmRvYTE4ZHNDS1hqcmNjM1lReTVyMHdSNGNva29GbHhld3pLekFlNmxVekN4VE5kOTZUL3dEK0o3anpCaE1XRnMycXRRPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 02 May 2023 18:40:41 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
284303
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/um/ixmatch.html
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/um/ixmatch.html
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 boolean| credentialless object| OneTrustStub function| OptanonWrapper function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| apstag object| permutive object| dataLayer number| _sf_startpt object| NPR object| Modernizr object| html5 object| SVGLoader object| webpackJsonp function| _ object| pdl object| tp string| BOOMR_API_key object| BOOMR string| OnetrustActiveGroups string| OptanonActiveGroups function| __tcfapi object| otStubData object| __otccpaooLocation boolean| apstagLOADED object| apscustom object| _aps object| google_tag_manager object| google_tag_data function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| BOOMR_mq function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG object| googletag object| webpackChunkStripeJSouter function| noop function| Stripe object| otTCF object| otIabModule object| Optanon object| OneTrust number| BOOMR_onload boolean| NPR_OptanonWrapper object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| jQuery function| $ object| _bmrEvents function| Waypoint function| Mousetrap object| MobileNative object| webpackJsonpjwplayer function| jwplayer function| Swipe function| SwipeIE object| PWT object| grumi function| ___tp object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key object| ggeac object| google_js_reporting_queue object| recaptcha undefined| google_measure_js_timing object| cX function| cxCCE_callQueueExecute object| cxTest object| ari object| PianoESPConfig object| msgData

49 Cookies

Domain/Path Name / Value
.npr.org/ Name: ak_bmsc
Value: AC0C684C0541432CF2D77068634B1A55~000000000000000000000000000000~YAAQKUZ7XHklxNWHAQAAvTbE3RPKNqaY3u/uA9J7isuRtUD3BySSopIXjFCJsnFmYkkvfSZcSGjquRUqUtuEw6HMSVkRG9QEA1FYKDbpNcalSisbx00ja2nlrbjVRbqXX3W5ldxT+m8qWvhv2LMkgnM2oedTu2vBlxCE4TDKBBsqyhleYfkFOeURQuWuQSW4H/zJ//3FLg8PtbwvaSPWmJs7DfeeptkAjOWcf6gthFIYLZG52YS/t1QnZhjB6p4aLaK+xXiKh4tV6S5iZM/R/8morZrZbMXsiKjMrXvixCfwc95rXtFLgv6T043iC4Ta5uE/d8H0Cneeqis61wJThVZU5xOorD0y2humLYXBQCjGXSSZTE7w9T1dwYo4eW0XcUom1nSVlg0=
.piano.io/ Name: __cf_bm
Value: I2YPbCWO0fXYc9uzD0XM5LgA6MvtX312mEOYziVSnuE-1683052836-0-ARVW1PlWGQLpzqHMT9rSWpePiHfUwzlpMpaF+zLaGvJ8CZEYU/yaxTjqG3T0xQ5dhYQ3qmaZSFpuCHHsyiXlwrM=
www.npr.org/ Name: usprivacy
Value: 1---
.npr.org/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+May+02+2023+18%3A40%3A37+GMT%2B0000+(GMT)&version=6.39.0&isIABGlobal=false&hosts=&consentId=566f8498-11b8-4dbd-8133-73d62be8b9f3&interactionCount=0&landingPath=https%3A%2F%2Fwww.npr.org%2F2023%2F01%2F26%2F1151696092%2Ffbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0%2CC0003%3A0%2CSTACK42%3A0
.www.npr.org/ Name: RT
Value: "z=1&dm=www.npr.org&si=44b2a4cc-5428-4e06-936f-342df5cc71d9&ss=lh6m7bui&sl=1&tt=ks&bcn=%2F%2F02179914.akstat.io%2F&ld=oh"
.npr.org/ Name: bm_sv
Value: 36812718FE40A96886B275B13D641D44~YAAQKUZ7XHolxNWHAQAA3TnE3RMrXL1yNz95bRVOJCAj7Ae+533zPWQuUNAN3xB/Ovnh9KJ4rc7TMaMFNRzUA4CbaYP4aq0V+w81lCZbaBqEYdT8jILZIU0izIBTArZ30rDFdPxcXek9iNftux3Y5azqNP7P57JhvW2K4oNlXVTNOb2KDZUQvfx3gegoQj17lcLr4n52AKjbon9roGfx1ESk6T6pk9q3rXJXVAhzOxre2GS4xjBiUNeNe1P0~1
.npr.org/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIBYB2AZgAYATFwECArAE4AHFw4dxPAIwiQAXyA
.npr.org/ Name: _pprv
Value: eyJjb25zZW50Ijp7IjAiOnsibW9kZSI6Im9wdC1vdXQifSwiMSI6eyJtb2RlIjoib3B0LW91dCJ9LCIyIjp7Im1vZGUiOiJvcHQtb3V0In0sIjMiOnsibW9kZSI6Im9wdC1vdXQifSwiNCI6eyJtb2RlIjoib3B0LW91dCJ9LCI1Ijp7Im1vZGUiOiJvcHQtb3V0In0sIjYiOnsibW9kZSI6Im9wdC1vdXQifSwiNyI6eyJtb2RlIjoib3B0LW91dCJ9fX0%3D
www.npr.org/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.npr.org/ Name: _pubcid
Value: 59dd9f39-6ed0-46a9-9a93-f7147d89ec01
.npr.org/ Name: __tbc
Value: %7Bkpex%7DDXyweL-OhMlGYDXZX-1jnliDhhMNIFEgEQ8Y1NOllQag8Hoq5HfmETc3Me5lzgiD
.npr.org/ Name: xbc
Value: %7Bkpex%7DSaCZpT5DdAdSxdrNNI2ExbUozjvyhtWNBMfx4jyDlJU
.adnxs.com/ Name: icu
Value: ChkIlOuIARAKGAEgASgBMKayxaIGOAFAAUgBEKayxaIGGAA.
.adnxs.com/ Name: uuid2
Value: 7881146451088883610
m.stripe.com/ Name: m
Value: 5c22c06e-5df9-469e-b96b-c9966eadb4eb19ec65
.www.npr.org/ Name: __stripe_mid
Value: 91b70fdc-f3e9-4e42-9020-0d48a561a2695c7b35
.www.npr.org/ Name: __stripe_sid
Value: 852bcc06-cfae-46e5-b94b-8177ff5a57b0255783
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 70305E7E-D498-4FA0-A01C-10386696D7AC
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 162268:2
.pubmatic.com/ Name: DPSync3
Value: 1684195200%3A235_201_245_241
.pubmatic.com/ Name: SyncRTB3
Value: 1684195200%3A13_54_46_161_220_21_56_7_8%7C1684281600%3A35
.quantserve.com/ Name: d
Value: EJoBCwHyKPijAA
.quantserve.com/ Name: mc
Value: 64515926-5337f-f5252-1446f
.weborama.fr/ Name: AFFICHE_W
Value: wvcVlWVLmVzC65
.simpli.fi/ Name: suid
Value: A98E0A5F3DDE4AD2981D9E57E5976F7D
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFsYGpkYQyERgBkUdvmEAAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjWxMDcwMTU1MBTiM9SNN8vSNagMMQr09ggDACW4xLAlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjWxMDcwMTU1MBTiM9SNN8vSNagMMQr09ggDACW4xLAlAAAA
.mathtag.com/ Name: uuid
Value: cbf86451-5926-4a00-a119-aca8b713f505
.doubleclick.net/ Name: IDE
Value: AHWqTUmVLD25wDmUKm_7Q2AqE3Tk50kYh5N4zWOZNpmLT8Sl1LIQdZzZiIWj4dIgbI8
.de17a.com/ Name: guid
Value: 1.8318348273114129603
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5133329525487045501
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEMQ72JmFOyfZ9cMdT7O72pk&KRTB&22987-CAESEMQ72JmFOyfZ9cMdT7O72pk&KRTB&23025-CAESEMQ72JmFOyfZ9cMdT7O72pk&KRTB&23386-CAESEMQ72JmFOyfZ9cMdT7O72pk
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-KEa6IytLvSQzR7whKRSidCtAuiAzQ7smKBTlYEYq&KRTB&19420-KEa6IytLvSQzR7whKRSidCtAuiAzQ7smKBTlYEYq&KRTB&22979-KEa6IytLvSQzR7whKRSidCtAuiAzQ7smKBTlYEYq&KRTB&23462-KEa6IytLvSQzR7whKRSidCtAuiAzQ7smKBTlYEYq
.adform.net/ Name: uid
Value: 7898488941138823061
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8318348273114129603
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:cbf86451-5926-4a00-a119-aca8b713f505&KRTB&16736-uid:cbf86451-5926-4a00-a119-aca8b713f505&KRTB&23019-uid:cbf86451-5926-4a00-a119-aca8b713f505&KRTB&23114-uid:cbf86451-5926-4a00-a119-aca8b713f505
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7898488941138823061&KRTB&23263-7898488941138823061&KRTB&23481-7898488941138823061
.pubmatic.com/ Name: PugT
Value: 1683052836
.audrte.com/ Name: arcki2
Value: f53pXosCJt5Tb-IvZpQ6iVitQ!20220908!1683052838664!ip#81.95.5.39
.audrte.com/ Name: arcki2_pubmatic
Value: 70305E7E-D498-4FA0-A01C-10386696D7AC!20220908!1683052838667
.audrte.com/ Name: arcki2_ddp2
Value: f53pXosCJt5Tb-IvZpQ6iVitQ!20220908!1683052838791
.audrte.com/ Name: arcki2_adform
Value: 7898488941138823061!20220908!1683052838915
www.npr.org/ Name: _lr_retry_request
Value: true
www.npr.org/ Name: _lr_env_src_ats
Value: false
www.npr.org/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-05-02T18%3A40%3A40%22%7D
.pubmatic.com/ Name: SPugT
Value: 1683052840

7 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
javascript error URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Message:
Access to fetch at 'https://js-sec.indexww.com/um/ixmatch.html' from origin 'https://www.npr.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://js-sec.indexww.com/um/ixmatch.html
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=70305E7E-D498-4FA0-A01C-10386696D7AC&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://www.npr.org/2023/01/26/1151696092/fbi-says-it-hacked-the-hackers-to-shut-down-major-ransomware-group
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.npr.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179914.akstat.io
a.audrte.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
api.npr.org
api.rlcdn.com
bundles.npr.org
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.piano.io
cdn.cookielaw.org
cdn.cxense.com
cdn.optimizely.com
cdn.piano.io
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
cr.frontend.weborama.fr
d5p.de17a.com
dis.criteo.com
dmp.adform.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
js.stripe.com
legacy.npr.org
lexicon.33across.com
m.stripe.com
m.stripe.network
match.adsrvr.org
media.npr.org
mug.criteo.com
p.rfihub.com
q.stripe.com
rumcdn.geoedge.be
s.go-mpulse.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
static-assets.npr.org
sync.crwdcntrl.net
sync.mathtag.com
t.pubmatic.com
um.simpli.fi
www.google.com
www.googletagmanager.com
www.gstatic.com
www.npr.org
api.rlcdn.com
js-sec.indexww.com
q.stripe.com
104.18.25.185
142.250.181.226
15.197.193.217
151.101.193.108
162.19.138.120
178.250.1.11
178.250.1.9
185.29.132.241
185.64.189.110
185.64.189.112
185.64.189.226
185.64.190.80
185.64.190.81
193.0.160.130
198.47.127.19
2.19.228.187
213.155.156.183
216.35.221.71
23.21.155.77
2406:2600:4::b
2600:1901:0:8344::
2600:9000:2127:800:4:b37b:9440:93a1
2606:4700:4400::ac40:9062
2606:4700::6810:f015
2606:4700::6811:190e
2606:4700::6811:b9b1
2606:4700::6813:bb61
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:809::2008
2a00:1450:4001:810::2003
2a00:1450:4001:813::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a02:26f0:3500:293::268b
2a02:26f0:3500:889::1155
2a02:26f0:3500:894::1155
2a02:26f0:480:18e::11a6
2a02:26f0:480:4a5::1155
2a02:26f0:480:5b7::13b8
2a02:26f0:480:690::11a6
34.111.129.221
34.111.131.239
34.208.191.20
34.249.220.178
34.91.62.186
37.157.6.254
37.252.171.149
52.222.213.130
65.9.90.93
99.84.146.46
99.86.4.85
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
041c912df148d6f9820f19c75a6b870de46da92a6388264a77261f8f74102068
06551b32dcad24a5aafc8fc0d6668f6ba72793c5f7258692b034b13881388671
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
0b2496f0d30a6fd2a0e4ceea48ddab6d47d2aea22efc450f16a2bd26b6fd6535
0c848099b5f59ce6b3142f3c8231430b148b519cb757a3abc737823489936b47
0ca615b12424fc2a925831a1151e5270a48ff54f89acd00ce10c02f7114694d2
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0dd1e49600584510a5c52ba9c899c29c26e9fae674deeea59a7059c4650c14c1
0e9c4efbf23439cb9f4dc22b5f36b6ced619f8c81bce299eeeeacfb377d38975
0fa39b360ace822bb45db5c097f728afcb32ea10ba375a5f13e3d3c1f752ea6c
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
154272544ec864e1060b7c8c2d7692ecce2443ac1e0100bbb3bdc2bd642ec1b8
16ab56bb6d9dcf2840347dab10701dd876a0d55b7d726ee65ccd15c1314b616a
186193e4f04cd795f41388fad91a7d77cb17f5077a6130d535808afed22594e5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
24713d9602b5912dc8610cc4920378e39053cfaab46efc0e5b3ded9bed899475
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30b05c506d7bf3d0f16b63d5992cd0b96871b106133bd133425fcbe590aeb64d
331852fd9912583b03043c973d33d23b2711924f3731bd8bcd31b7000a6d4a60
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
407c9d5a3b403dd4924a43bf9205cfd575916ee143ebf748291641d11b6cb464
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
42ec0c345a879b57eccb0fbf59ec4daeda78b90f8d825f62b408d5eabf5f512b
47f9cbdf2bf8db793126b55147af7b213861d28b9e94d438b656e10061bea3ae
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c82a5b9414d2657319b99eae24e2635e9d718fd924687e007c7e69ae8d2a5fd
4ca2039a328b8430658284ee603ab8b1a8554e7e35afae2a094ea9838af9f60e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55274b5eccbb145d96c31f4395d4d1d8ea783bfea7f1a3cc1aa4cb946a0ab5f4
55b403bb290e6dff8563ef72b7d0436c9d75cff0f633a766d062431ecef8313c
582d819bdc50a97d06c2837d683a084757438f7f148dde7967fad4d46227a56b
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b
5d13fa19119b138bca6d8c51554fbbb81220d535699b4227d49150e8245af988
5d9c1c742aac35a11e2f47ecc1b8b720c69647e630606368b2ae352cc758f27d
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
602187963620e652a6e7fe0fe349fc98d1d6951a9efcf0298c644c79675a074c
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
640ae5edaa96ef9ed6e2a4205debd81a6d785b88b689755843fa97238a5e2604
642f88b9cab53848404456b4c737fa61c090c3e3233a1b2cff0c5ae34b7135b6
65e230b9c1ae8bdf74c5d20452f594351cf384eb295dbd59b64e71b735847250
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67ec7e7f0a85bd9dbd53d685484029acdf667982c2038514a7b3db93d3b547c0
6cfa071b0b179cef4e3e12e53c662b35d304f601d96e879e0bc50d89947975b9
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
73e648861094dd784d862b00417d495e89b775ded1196f44cf9bd238675b07b7
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
759d606521bc4e22d8935f2c0b7c1b9dd3271753c6ff499a97a28d19976153d1
7808decd57931c7cbb70aca026b11abf6587307214588c32174043ca016304dd
78805f03c6a6f823e613398f6423b068227ce16e545fd2d0346430ce72c4586d
7a1c12d5f09aa87f7ebf272386861586358152d0af351f112f456cf770d52863
7bd866d35abe324eb126fb420c16b72ab73e1068d543bdb5ccff8d30d5bb05aa
7de391fbe688072db9c130494407fa3c96e603e950f67e4d8b2a0a80784bd1ac
81430397badb5c924cfe57e75049039040b81eed2a033e57475ffc6c0d01bfd6
8160bab195026a34d3bf1162e7e678eaf296f9d62b6eccce4ce6d0b7e94ac2bf
839a7af397eb41ab63c367a19a45008eaa5a18a2494d5ecf8941b5bcd4b2054f
868a6e0b1de3d5354170751a8f94464b40741e54ca97200d1ff0a49519d44aa9
871af10a6d76547c486ee0d525648f231501efbc211b9f1b38fea1b13820224b
8730f88f0ca82a89a4d57269d485c0f728069df2bb5b362394d491977daca2b7
87eafc724caa21b42a8a0488852e718a150bb80dc80c2ed86ceb7c7bd2d7a1ab
8919046f5295bd3781a53ce5037418c7a533a7be37ba5e46779f64260ec80a43
8bd8184ebe0cfb211587d46d12df2b9661f35760fd83daf1cb8b820f84298335
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
907ea9db8dcc37d39bafb708da0587f1d5d0a6062b38072f4a8a2c937f4488ff
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
965a2655ce64dfe9fee42b6e69cba58d714c23f00d46f10f3774637c82cc9784
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
9685354f47eba64d680c38613bbe91e870707ca4d235b25df218b6dd112d2299
9c05131386a2866822eb1c6a035564cd5c4b68660c7b35d287c69ff10582e8b7
9ff21fc653c258d97b95fbfd62df55456b2d2ddedd2c93b8f06893a7d61aed6a
a11d62109f30ddb0d4b4f74e8b340ccc50a471ea1e5a888a5f17631c31cf9545
a1d685aace2f629301e7d5779989357ee2cffc61f81a605972bfa9003dc0f471
a3e0a72cfb8d8f771d91bb3c286ef165fac421fb87dda5c7d476feb0b6bcabe5
a4602edc276bf5381a6864accfca91ab3e4deb6f20933a7eee16e40fa54747be
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
af72f6f8aec89faa50db5c5c8f5e29e9ea04955c873c59c174bad75b3fc25441
b02f5bbb01389d85596616f1bf5fb0122113f8bbc1ba5edaf300b77241a1def3
b1f40461980713f389f1e8371c182ca4580e987186687b8da8d4b0971ad196ac
b27f40bfa22e57b39f3162db00af39fc7b0ee65062844d1d70066c6859ad3374
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b596fe810c4f72890a9ad86e49766ff6d95fb028c99cced6b6ac41cc751d514d
b764ce150169f8cb3de122209b93f8e73a0f31b7698bdaefad21703e1c3ea354
b7a86e9413e9320eb64d52828515bcde30ccde38da26badd525ef8e8170fe81f
b89b22ad742d4802bb729ed58852376a8ed85a99a410df64bd31e117408e7b1f
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
c12bc315ae71c487640eec62dfed997244a87e824e9eae8d1a1a5f06b440813e
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c90e782af8bb58958c6613744b251581cc85af4e74dd2b854a9481b29c3805e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d4bc06d03f20598c5a5b3027a0d82921ae54048131098de776c6ce70302a5ecd
d761bfbed54ff398aa3320e53b8fa5005810bed14d349c7f4d9b137d435c7674
d84f933df2d4ad1c8cca195ddddd6b705146dc6a016f21b176f38dcb4d28e444
d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f
dc533a00ce470f13a33c96c800b14f8169170897045e751f5f92c7b7fe409901
dd2a355066b220462c40ceac06a68dcbd084677e1d7b28b986fcecde56776f59
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e302dc63148b601685374edf369de2949c46c4d1a993b10313684774930935dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78d23ae6e5e0f82394424866f999a7247b301cb7ccca0fe39ad303121be8061
e81437bacb2eadf8e9892f7c4423437a86ed8249bf77dcf71770909857779174
ec72861d01529c263bda4e010b7be752402122f1d92b8791a2ec6cb9fb85131c
eeaf169bd84287d2e990060a0ea09e42712c8cce23ed3f9e9bbb2095dc57b432
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe
f706b55d047b48cadabd4fd6c3ad48a413cd96eb257f9faa0625fbdf93ab3d01
f837562dd6fbf32c3e7fb4d5512bd04e57ca34e1bbb3487b61851ce734767777
f8a7fdf18aab5015ecaa66b5c292f3ff993fe8a8ff346241902dc1db64af582e
fa33315650ba814a6758888ba6f4a2504a0186ac1c607cbbc47d85ed5ea7d3ee
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fd0e391aa29b2d68f0382b95e93ef92288cffb43a9fb371360dc52f11fc1e548
fe130e8bf841c6bed02ef9f38e07d3abaff612f5cd1f3020ee43845be4c52d0a