www.crainsdetroit.com Open in urlscan Pro
2606:4700::6812:b83b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Submission: On August 26 via api (August 26th 2024, 1:35:42 am UTC) from LU — Scanned from CA

Summary HTTP 245 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 64 IPs in 1 countries across 51 domains to perform 245 HTTP transactions. The main IP is 2606:4700::6812:b83b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.crainsdetroit.com.
TLS certificate: Issued by WE1 on August 6th 2024. Valid for: 3 months.

This is the only time www.crainsdetroit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700::68... 2606:4700::6812:b83b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:24f... 2600:9000:24f1:8400:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
4	2600:141b:1c0... 2600:141b:1c00:209c::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
50	23.51.58.26 23.51.58.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.238.49.4 18.238.49.4	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:266... 2600:9000:266a:6400:c:b42a:3740:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:824::200a	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:4bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:8707	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.168.122.54 3.168.122.54	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
1	35.190.38.143 35.190.38.143	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.32.157 146.75.32.157	54113 (FASTLY) (FASTLY)
4	52.87.63.192 52.87.63.192	14618 (AMAZON-AES) (AMAZON-AES)
2 8	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.201.104.135 35.201.104.135	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:303... 2606:4700:3030::6815:50b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	18.238.49.99 18.238.49.99	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
9	129.80.52.16 129.80.52.16	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
14	2606:4700:10:... 2606:4700:10::ac43:1a0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:141b:1c0... 2600:141b:1c00:6::17df:d10d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.225.63.82 13.225.63.82	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3034::ac43:d4ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.40.102 142.251.40.102	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:b93b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.168.122.103 3.168.122.103	16509 (AMAZON-02) (AMAZON-02)
1 1	3.221.3.170 3.221.3.170	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.106.49 108.138.106.49	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700:10:... 2606:4700:10::6816:72d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	72.21.81.130 72.21.81.130	15133 (EDGECAST) (EDGECAST)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	54.80.21.73 54.80.21.73	14618 (AMAZON-AES) (AMAZON-AES)
1	52.216.177.243 52.216.177.243	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	34.195.138.165 34.195.138.165	14618 (AMAZON-AES) (AMAZON-AES)
2 3	54.156.26.12 54.156.26.12	14618 (AMAZON-AES) (AMAZON-AES)
2	99.83.154.140 99.83.154.140	16509 (AMAZON-02) (AMAZON-02)
1 18	2607:f8b0:400... 2607:f8b0:4006:808::2001	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:25c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.96.87 18.164.96.87	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21d... 2600:9000:21dd:ce00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	63.140.38.217 63.140.38.217	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:149:a0e:... 2620:149:a0e:f000::5	6185 (APPLE-AUSTIN) (APPLE-AUSTIN)
1	63.140.39.65 63.140.39.65	14618 (AMAZON-AES) (AMAZON-AES)
2	104.198.23.205 104.198.23.205	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::2004	15169 (GOOGLE) (GOOGLE)
245	64

19 2606:4700::6812:b83b (United States)

ASN13335 (CLOUDFLARENET, US)

www.crainsdetroit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:24f1:8400:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:141b:1c00:209c::1e80 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 23.51.58.26 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-58-26.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.49.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-4.jfk52.r.cloudfront.net

tags.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:266a:6400:c:b42a:3740:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::200a (United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:832 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

crain-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:8707 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-intake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.168.122.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-122-54.jfk52.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.38.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.38.190.35.bc.googleusercontent.com

pubcast-files.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.32.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.87.63.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-63-192.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
craommunications.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.117.77.79 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com

vi.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:50b6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-ingest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.238.49.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-99.jfk52.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 129.80.52.16 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:10::ac43:1a0b (United States)

ASN13335 (CLOUDFLARENET, US)

www.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:6::17df:d10d (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-82.ewr53.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:d4ac (United States)

ASN13335 (CLOUDFLARENET, US)

applets.ebxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.102 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:b93b (United States)

ASN13335 (CLOUDFLARENET, US)

s3-rd-prod.crainsdetroit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.168.122.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-122-103.jfk52.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.221.3.170 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-3-170.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:72d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

js-tag.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.81.130 (United States)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.80.21.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-21-73.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.177.243 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

crain-global.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)

acd0a51f851dc4fa450f1d424db29953.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.195.138.165 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-138-165.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.156.26.12 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-26-12.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:808::2001 (United States) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:25c1 (United States)

ASN13335 (CLOUDFLARENET, US)

trackerapi.ebxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:ce00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.38.217 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-217.data.adobedc.net

craommunications.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:149:a0e:f000::5 (Newark, United States)

ASN6185 (APPLE-AUSTIN, US)

applepay.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.39.65 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-65.data.adobedc.net

crain.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.23.205 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 205.23.198.104.bc.googleusercontent.com

r.lr-ingest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2001 (United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	moatads.com z.moatads.com — Cisco Umbrella Rank: 1247 mb.moatads.com — Cisco Umbrella Rank: 1987 px.moatads.com — Cisco Umbrella Rank: 1015	111 KB
35	googlesyndication.com 1 redirects acd0a51f851dc4fa450f1d424db29953.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 203 pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	274 KB
21	crainsdetroit.com www.crainsdetroit.com s3-rd-prod.crainsdetroit.com	913 KB
19	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 ad.doubleclick.net — Cisco Umbrella Rank: 210	216 KB
16	pelcro.com js.pelcro.com — Cisco Umbrella Rank: 152507 www.pelcro.com — Cisco Umbrella Rank: 124352	432 KB
9	ml314.com 2 redirects ml314.com — Cisco Umbrella Rank: 3108 vi.ml314.com — Cisco Umbrella Rank: 11430	27 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 534	32 KB
6	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 4912	191 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 maps.googleapis.com — Cisco Umbrella Rank: 567	196 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	2 KB
4	lr-ingest.com cdn.lr-ingest.com — Cisco Umbrella Rank: 54149 r.lr-ingest.com — Cisco Umbrella Rank: 47663	217 KB
4	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 319 craommunications.demdex.net — Cisco Umbrella Rank: 282122	2 KB
4	stripe.com js.stripe.com — Cisco Umbrella Rank: 2856	178 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 1573 api.btloader.com — Cisco Umbrella Rank: 1813	19 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 521	85 KB
4	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2461 mab.chartbeat.com — Cisco Umbrella Rank: 3880	47 KB
3	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1596	2 KB
3	zemanta.com 1 redirects js-tag.zemanta.com — Cisco Umbrella Rank: 49494 p1.zemanta.com — Cisco Umbrella Rank: 32709	4 KB
3	ebxcdn.com applets.ebxcdn.com — Cisco Umbrella Rank: 8438 trackerapi.ebxcdn.com — Cisco Umbrella Rank: 18475	4 KB
2	adtrafficquality.google ep1.adtrafficquality.google ep2.adtrafficquality.google	19 KB
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 5326	497 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1261	864 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 505	1 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 689	833 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2337 pixel.quantserve.com — Cisco Umbrella Rank: 1616	10 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1603	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	176 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	72 KB
2	remixd.com tags.remixd.com — Cisco Umbrella Rank: 31229 pubcast-files.remixd.com — Cisco Umbrella Rank: 33717	11 KB
1	google.com www.google.com — Cisco Umbrella Rank: 10
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 441	718 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 1453	16 KB
1	2o7.net crain.112.2o7.net — Cisco Umbrella Rank: 254455	392 B
1	cdn-apple.com applepay.cdn-apple.com — Cisco Umbrella Rank: 23017	48 KB
1	omtrdc.net craommunications.tt.omtrdc.net — Cisco Umbrella Rank: 308265	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 2075	634 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	258 B
1	amazonaws.com crain-global.s3.amazonaws.com — Cisco Umbrella Rank: 415218	4 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1859	201 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1356	393 B
1	t.co t.co — Cisco Umbrella Rank: 979	377 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 2184	490 B
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 5527	34 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
1	gstatic.com fonts.gstatic.com	26 KB
1	lr-intake.com cdn.lr-intake.com — Cisco Umbrella Rank: 74723	176 KB
1	videoplayerhub.com 1 redirects crain-com.videoplayerhub.com — Cisco Umbrella Rank: 289233	654 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	19 KB
245	51

	Domain	Requested by
40	px.moatads.com	www.crainsdetroit.com
19	www.crainsdetroit.com	www.crainsdetroit.com
18	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net www.crainsdetroit.com ep2.adtrafficquality.google
18	securepubads.g.doubleclick.net	www.crainsdetroit.com securepubads.g.doubleclick.net cdn.lr-ingest.com pagead2.googlesyndication.com
15	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
14	www.pelcro.com	js.pelcro.com cdn.lr-ingest.com
10	z.moatads.com	www.crainsdetroit.com z.moatads.com securepubads.g.doubleclick.net
9	mb.moatads.com	z.moatads.com
8	ml314.com	2 redirects www.crainsdetroit.com ml314.com z.moatads.com
6	bat.bing.com	assets.adobedtm.com bat.bing.com www.crainsdetroit.com cdn.lr-ingest.com
6	consent.trustarc.com	assets.adobedtm.com consent.trustarc.com www.crainsdetroit.com
4	js.stripe.com	www.crainsdetroit.com js.stripe.com
4	maps.googleapis.com	www.crainsdetroit.com maps.googleapis.com
4	assets.adobedtm.com	www.crainsdetroit.com assets.adobedtm.com
3	ps.eyeota.net	2 redirects www.crainsdetroit.com
3	px.ads.linkedin.com	1 redirects cdn.lr-ingest.com
3	dpm.demdex.net	assets.adobedtm.com www.crainsdetroit.com
3	static.chartbeat.com	www.crainsdetroit.com
2	r.lr-ingest.com	cdn.lr-ingest.com
2	p1.zemanta.com	1 redirects www.crainsdetroit.com
2	api.sail-personalize.com	cdn.lr-ingest.com
2	sync.crwdcntrl.net	2 redirects
2	match.adsrvr.org	2 redirects
2	idsync.rlcdn.com	2 redirects
2	www.facebook.com	www.crainsdetroit.com
2	api.btloader.com	cdn.lr-ingest.com
2	acd0a51f851dc4fa450f1d424db29953.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	s3-rd-prod.crainsdetroit.com	www.crainsdetroit.com
2	ad-delivery.net	www.crainsdetroit.com
2	applets.ebxcdn.com	www.crainsdetroit.com cdn.lr-ingest.com
2	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
2	cdn.lr-ingest.com	assets.adobedtm.com cdn.lr-ingest.com
2	connect.facebook.net	assets.adobedtm.com connect.facebook.net
2	btloader.com	www.crainsdetroit.com crain-com.videoplayerhub.com
2	js.pelcro.com	www.crainsdetroit.com js.pelcro.com
1	www.google.com	ep2.adtrafficquality.google
1	ep2.adtrafficquality.google	securepubads.g.doubleclick.net
1	bam.nr-data.net	cdn.lr-ingest.com
1	ep1.adtrafficquality.google	cdn.lr-ingest.com
1	js-agent.newrelic.com	www.crainsdetroit.com
1	pixel.quantserve.com	www.crainsdetroit.com
1	crain.112.2o7.net	cdn.lr-ingest.com
1	applepay.cdn-apple.com	js.pelcro.com
1	craommunications.tt.omtrdc.net	cdn.lr-ingest.com
1	rules.quantcount.com	secure.quantserve.com
1	script.hotjar.com	static.hotjar.com
1	trackerapi.ebxcdn.com	cdn.lr-ingest.com
1	www.google-analytics.com	cdn.lr-ingest.com
1	px4.ads.linkedin.com	www.crainsdetroit.com
1	crain-global.s3.amazonaws.com	assets.adobedtm.com
1	ping.chartbeat.net	www.crainsdetroit.com
1	analytics.twitter.com	www.crainsdetroit.com
1	t.co	www.crainsdetroit.com
1	js-tag.zemanta.com	www.crainsdetroit.com
1	static.hotjar.com	www.crainsdetroit.com
1	secure.quantserve.com	www.crainsdetroit.com
1	cm.everesttech.net	1 redirects
1	craommunications.demdex.net	assets.adobedtm.com
1	ad.doubleclick.net	www.crainsdetroit.com
1	ak.sail-horizon.com	www.crainsdetroit.com
1	snap.licdn.com	assets.adobedtm.com
1	vi.ml314.com	www.crainsdetroit.com
1	static.ads-twitter.com	assets.adobedtm.com
1	mab.chartbeat.com	static.chartbeat.com
1	pubcast-files.remixd.com	tags.remixd.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.lr-intake.com	www.crainsdetroit.com
1	crain-com.videoplayerhub.com	1 redirects
1	tags.remixd.com	www.crainsdetroit.com
1	cdnjs.cloudflare.com	www.crainsdetroit.com
1	fonts.googleapis.com	www.crainsdetroit.com
245	71

This site contains links to these domains. Also see Links.

Domain
jobs.crainsdetroit.com
www.facebook.com
www.linkedin.com
twitter.com
marketing.crainmarketing.com
www.twitter.com
www.instagram.com
help.crainsdetroit.com
wd1.myworkdaysite.com
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
www.crainsdetroit.com WE1	`2024-08-06` - `2024-11-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
*.remixd.com Amazon RSA 2048 M03	`2024-01-10` - `2025-02-07`	a year	crt.sh
*.pelcro.com Amazon RSA 2048 M02	`2023-10-12` - `2024-11-08`	a year	crt.sh
lr-intake.com WE1	`2024-07-16` - `2024-10-14`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-07-23` - `2024-10-24`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
pubcast-files.remixd.com WR3	`2024-07-05` - `2024-10-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-04` - `2024-09-02`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
event-horizon.gcp.bomm.in WR3	`2024-08-21` - `2024-11-19`	3 months	crt.sh
vi.ml314.com WR3	`2024-07-14` - `2024-10-12`	3 months	crt.sh
lr-ingest.com WE1	`2024-08-21` - `2024-11-19`	3 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2024-03-16` - `2025-04-14`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-20` - `2025-07-21`	a year	crt.sh
pelcro.com E6	`2024-08-14` - `2024-11-12`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M02	`2023-12-04` - `2024-12-30`	a year	crt.sh
ebxcdn.com WE1	`2024-08-15` - `2024-11-13`	3 months	crt.sh
btloader.com WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh
ad-delivery.net WE1	`2024-07-15` - `2024-10-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
s3-rd-prod.crainsdetroit.com WE1	`2024-07-20` - `2024-10-18`	3 months	crt.sh
quantserve.com R10	`2024-06-24` - `2024-09-22`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
zemanta.com WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
api.btloader.com WR3	`2024-08-02` - `2024-10-31`	3 months	crt.sh
api.sail-personalize.com Amazon RSA 2048 M02	`2024-03-25` - `2025-04-22`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-03-28`	a year	crt.sh
applepay.cdn-apple.com Apple Public Server ECC CA 12 - G1	`2024-07-19` - `2024-10-17`	3 months	crt.sh
*.112.2o7.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-11` - `2025-05-12`	a year	crt.sh
api.logrocket.com R10	`2024-07-01` - `2024-09-29`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
adtrafficquality.google WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-12` - `2025-08-12`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Frame ID: 5BED8BC890BE7336A85BB7A7A0666DD9
Requests: 177 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 540D10A3CBC105E25BA7C381D949F9FF
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-217d303ec5825990716de474979478e6.html
Frame ID: D850741F6036FCE49B039DBD655095CD
Requests: 1 HTTP requests in this frame

Frame: https://craommunications.demdex.net/dest5.html?d_nsid=0
Frame ID: B6CCE601051CE2ED8D46AB1809FD79E5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 45E16C83FD2E3477CD4B18C5FFFC859E
Requests: 1 HTTP requests in this frame

Frame: https://acd0a51f851dc4fa450f1d424db29953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C513C7D16DA720084B809138393526F1
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/craindfp44917164363/moatad.js
Frame ID: 50A2ABE59F2DCB61F85C684C07280AAA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/window_focus_fy2021.js
Frame ID: E625F60E9DD32403E655586B5D5707DC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/window_focus_fy2021.js
Frame ID: 58BE05230DF7E693A5646B04B0645F59
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/window_focus_fy2021.js
Frame ID: 13FB705DE1CEE2D7AE4D2A169E2BE63A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/window_focus_fy2021.js
Frame ID: 902A814CE9A5FAC3F4DE8B0CF3EE7A28
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/window_focus_fy2021.js
Frame ID: E1E3636580A40CD383453E4867CAAAA6
Requests: 8 HTTP requests in this frame

Frame: https://acd0a51f851dc4fa450f1d424db29953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 96CEDD0F8DD90584DB1976C939B0ED2D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/12328937770629736648
Frame ID: 8B267AB8051BA0F901ADA554465C6893
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/window_focus_fy2021.js
Frame ID: 077B2AA580DDFFD453369E680D51B181
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: AB5E9B2691755C4EAE26F10B5B180EDC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 893252D7417429246A9A5DC887B889F9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E7BA5517D94874CD1BFCC29FF193321E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Flagstar bank paid $1 million in bitcoin to a ransomware group | Crain's Detroit Business

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Apple Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<script id="apple-pay

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

Page Statistics

245
Requests

95 %
HTTPS

54 %
IPv6

51
Domains

71
Subdomains

64
IPs

1
Countries

3660 kB
Transfer

14065 kB
Size

63
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://jobs.crainsdetroit.com/
Title: Post a Job

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group&title=Flagstar%20paid%20$1M%20bitcoin%20ransom%20after%20cyberattack%20in%202021,%20court%20filings%20show

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=1&url=https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group&title=Flagstar%20paid%20$1M%20bitcoin%20ransom%20after%20cyberattack%20in%202021,%20court%20filings%20show&source=https://www.crainsdetroit.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group&via=crainsdetroit&text=Flagstar%20paid%20$1M%20bitcoin%20ransom%20after%20cyberattack%20in%202021,%20court%20filings%20show

Search URL Search Domain Scan URL

URL: https://marketing.crainmarketing.com/l/201082/2020-07-23/8lghqc
Title: Get a Corporate PlanGet a Corporate Plan

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CrainsDetroit

Search URL Search Domain Scan URL

URL: https://www.twitter.com/crainsdetroit

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/crain%27s-detroit-business

Search URL Search Domain Scan URL

URL: https://www.instagram.com/crainsdetroit

Search URL Search Domain Scan URL

URL: https://help.crainsdetroit.com/hc/en-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://wd1.myworkdaysite.com/recruiting/crain/Crain_Careers
Title: Crain Careers

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuDDSO0d6ZSXwytbx2Ts1HIHV2GuWsSihtvJX04-4pxlO_DPeRBq2Tc351W_WBgE1vNJs91paHCbf_yjmc_fZZSrYwJC6eU4HmeO8byEC9LbaL0cugoocPVwYhdjGEngUpTvjgQ5e9lftt2ZZhHUKbpkS5k2i612ciDUzsGbFFS2VpIfB2ZfP-qTDzlXM3jR6lzZu5loX4_kSdY-4WYewSLkb2A-7_EDE-rPCBjbTNWx01rNpewpaHgHu3j1wbdM7oKHTa5aTGgC-UQdOVHLhd0RRIU5QiBXDLsxw9hAIbA6B0N7OaTwwj7aZmvnFK0n-QnZPzHxlLLOxRfueP8kQwgGSKUqW5pgWoMNqA3DJdLe8F_i1f4NyEX%2526sai%253DAMfl-YQfAezdLQBzDzNPK1MqEWZWE6HRHJrOYb7p0ande8rWxtHn_da9O711M5ihbcqW1HsT90xmZSW0J7N0KBlUd_3nYY3QNNu776liHZ3467lJ-Kene52zkIqFrlZtxZllWD1Walib0YZLtqsXjgEyD-4%2526sig%253DCg0ArKJSzOPO0Nma_JJTEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D%20https://crain-homes.com/properties/108320936951781273-26565-scenic-drive?utm_medium=banner&utm_source=CNYMKT_crain&utm_campaign=Franklin&utm_content=300x100

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://crain-com.videoplayerhub.com/galleryloader.js HTTP 301
https://btloader.com/tag?h=crain-com&upapi=true

Request Chain 66

https://cm.everesttech.net/cm/dd?d_uuid=85708447097000609631744832819780929538 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zsvb4QAAAJBKYANw

Request Chain 90

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1724636129544&li_adsId=829d8736-0749-4a87-ab20-85ffcd74a5a9&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1724636129544&li_adsId=829d8736-0749-4a87-ab20-85ffcd74a5a9&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&e_ipv6=AQKAMWlKUxADQwAAAZGMUunbKRdX9nXzkW54yJq_5B-oU945GOPEftWuEV8zUA-S5lf-Of9j8WU

Request Chain 101

https://idsync.rlcdn.com/395886.gif?partner_uid=3646553326425735195 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0NjU1MzMyNjQyNTczNTE5NRAAGg0I4revtgYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=bff745061fa7c6e87b799296e14a165de0a27f4be83e709e2e201209a7627285f4cb09cee1a4f8eb&person_id=3646553326425735195&eid=50082

Request Chain 102

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=bc384917-9832-40cf-ae4b-350d6b7012b8&gdpr=0&gdpr_consent= HTTP 302
https://ml314.com/csync.ashx?fp=bc384917-9832-40cf-ae4b-350d6b7012b8&person_id=3646553326425735195&eid=53819

Request Chain 103

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646553326425735195 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646553326425735195 HTTP 302
https://ml314.com/csync.ashx?fp=2a1372576f014e448479066c3234d89&eid=50146&person_id=3646553326425735195

Request Chain 104

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2hsmGbqZS9TKRKeEz0TNQGS7REOvnBHO-h85YFqpoJ6g&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

Request Chain 110

https://p1.zemanta.com/v2/p/js/38076/PAGE_VIEW/?bust=049615008624774326&optOut=false HTTP 302
https://p1.zemanta.com/v2/p/js/38076/PAGE_VIEW/?bust=049615008624774326&optOut=false&s=2

Request Chain 117

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDbtoX5iwEQMhgyKAEyCAAJwJ_TspT3 HTTP 301
https://tpc.googlesyndication.com/pimgad/15412410002129978775

245 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request flagstar-bank-paid-1-million-bitcoin-ransomware-group Show response
www.crainsdetroit.com/banking-finance/ 228 KB
40 KB 2673ms
2496ms Document
text/html 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25c9a9ba4dc20713fd7dfdcb2d93a95f03ad01b302c99b478575679792d9cc14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

cache-control: public, max-age=43200
cf-cache-status: EXPIRED
cf-ray: 8b9015c8dfdfabae-YYZ
content-encoding: br
content-language: en
content-type: text/html; charset=UTF-8
date: Mon, 26 Aug 2024 01:35:28 GMT
expires: Mon, 26 Aug 2024 13:35:28 GMT
last-modified: Mon, 26 Aug 2024 01:35:25 GMT
server: cloudflare
vary: Cookie,Accept-Encoding
via: varnish
x-ah-environment: prod
x-cache: MISS
x-content-type-options: nosniff
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-request-id: v-77d7b114-634b-11ef-a48c-93ff13f05ea9
x-ua-compatible: IE=edge

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 102 KB
32 KB 278ms
77ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63755a024e7a97c952f9cecf8dae12d120f3003f60b275ec13b33e7ebbab9f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32338
x-xss-protection: 0
server: cafe
etag: 990 / 19961 / m202408200101 / config-hash: 2814489205105287861
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Aug 2024 01:35:28 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 314ms
62ms Script
application/x-javascript 2600:9000:24f1:8400:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:8400:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Aug 2024 16:28:25 GMT
content-encoding: gzip
via: 1.1 e8a811941c8b094e985333a44bc18f46.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: JFK50-P4
age: 32823
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: pFOxvTToL_HEf99A1mh-dVl980Ffr-3Z2po0RvEy5kG7Gq7oVUF70w==
expires: Mon, 26 Aug 2024 16:28:25 GMT

GET
H2 200 launch-ef0d5546c26e.min.js Show response
assets.adobedtm.com/05852ba8023b/f33085ef03e5/ 269 KB
83 KB 291ms
69ms Script
application/x-javascript 2600:141b:1c00:209c::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:209c::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 66df7e6dd16c8d2d570d07006aeb215594dc4a40cec09939ef99e59b103d4b51

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:28 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2024 18:07:15 GMT
server: AkamaiNetStorage
etag: "059bf36f310652dcff0e3fbde7a43068:1723658835.101432"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 84367
expires: Mon, 26 Aug 2024 02:35:28 GMT

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
992 B 311ms
87ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,300;0,400;0,500;0,700;0,800;0,900;1,300;1,400;1,500;1,700;1,800;1,900&display=swap

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4753efaa55ec4381d4b4b320f2cec85ebce4577de533e6e24553b4fe34204022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Aug 2024 01:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 26 Aug 2024 01:35:28 GMT

GET
H2 200 css_jq93C9eXUbCn8wEn_hB5Yh3mXU634rx3_NtRL4AGYQ8.css
www.crainsdetroit.com/sites/cdb_rd/files/css/ 124 KB
21 KB 63ms
48ms Stylesheet
text/css 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/css/css_jq93C9eXUbCn8wEn_hB5Yh3mXU634rx3_NtRL4AGYQ8.css

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e20ebfada267feab4be8d5b50caa3ce20a4ab3417cffd24d62efc90db2859416

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Wed, 04 Sep 2024 08:02:03 GMT
date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 407062
cf-polished: origSize=127327
x-cache: HIT
x-ah-environment: prod
x-request-id: v-a6a64d72-5f93-11ef-b01f-3701cbfbb695
cf-bgj: minify
last-modified: Wed, 21 Aug 2024 08:00:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
cf-ray: 8b9015d8af10abae-YYZ
x-cache-hits: 1

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 100 KB
19 KB 200ms
50ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 366685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18861
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-49ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XMmni017W%2FDPKBiRWnwVCgES6rzDe2AjTLC9uCIhp3uagihgaoKnPe%2Bcqbo9D%2FAU17wWV3lITnd0ZDdpqIbIYygBHf4XYPmQJoSWzv4%2F31a3q2CaIm4enuVcLjZ4xQTJgldu30E%2BmG80T%2BFKG86QHLoy"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b9015d97fe936fb-YYZ
expires: Sat, 16 Aug 2025 01:35:28 GMT

GET
H2 200 css_T7z9woYdLWmjFwaJ_YlLGHd9PLZbF8d3HPJgBmrK5F0.css
www.crainsdetroit.com/sites/cdb_rd/files/css/ 194 KB
32 KB 68ms
54ms Stylesheet
text/css 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/css/css_T7z9woYdLWmjFwaJ_YlLGHd9PLZbF8d3HPJgBmrK5F0.css

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb0d807d982a15f3496554f8e0ceede0aa4ca67c708ae9d1545d1c08dec9c57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Thu, 05 Sep 2024 11:25:50 GMT
date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 128853
cf-polished: origSize=198490
x-cache: HIT
x-ah-environment: prod
x-request-id: v-5619d11e-4826-11ef-a2ce-930391ac7264
cf-bgj: minify
last-modified: Thu, 11 Jul 2024 08:04:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
cf-ray: 8b9015d8af12abae-YYZ
x-cache-hits: 74

GET
H2 200 js_lyb0K5ITaniwcgo-uFqLgufjqgYVW6mPAkzWFQRWKOQ.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 93 KB
33 KB 51ms
50ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_lyb0K5ITaniwcgo-uFqLgufjqgYVW6mPAkzWFQRWKOQ.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d598b11113ca13e57538e85b580e0135467c25fbbf1f60f248dcadac20e86fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Mon, 19 Aug 2024 08:33:00 GMT
date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 970767
cf-polished: origSize=97739
x-cache: HIT
x-ah-environment: prod
x-request-id: v-38b749ba-d4ab-11ee-92ee-8fb4686334c0
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 11:14:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8b9015d8ef5cabae-YYZ
x-cache-hits: 66

GET
H2 200 moatheader.js Show response
z.moatads.com/crainprebidheader782626518086/ 273 KB
94 KB 255ms
68ms Script
application/x-javascript 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/crainprebidheader782626518086/moatheader.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-51-58-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

34bf08ff219b36887d4a53ab9eedf7858aff5d0d624d1ae67e475f90fe6771be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Aug 2024 01:35:28 GMT
content-md5: UNCYPanZs4RvGIeChPezww==
storage-tier: Standard
content-length: 95605
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:09 GMT
opc-request-id: iad-1:t0k8uvujGh_QyVLYanT-JxlDgwf8E0nutGZsNPxliC2IFFoMfJO0gYPnv4oLychn
x-api-id: native
etag: 7e2283bf-a8c3-40c1-afbd-18eaf15101b4
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 5646b131-02d3-45e2-a2b7-6379564833c5
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=13655
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 js_954lV8Ki6AP6yA3A6MvYfEsTL54ijdEl-FolfnmMi2s.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 2 KB
782 B 66ms
59ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_954lV8Ki6AP6yA3A6MvYfEsTL54ijdEl-FolfnmMi2s.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

476f3ea93ecf3d5a3d04f9ec7264d9be07c55792cae459e1e056d668fbe0eb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Mon, 19 Aug 2024 08:33:00 GMT
date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1172265
cf-polished: origSize=2710
x-cache: HIT
x-ah-environment: prod
x-request-id: v-90cf27c8-1379-11ef-ac34-a77f95a7ed09
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 11:14:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8b9015d90f74abae-YYZ
x-cache-hits: 86

GET
H2 200 js_-QM9b70ms9vwfnmLPrfosaU6dnxAznojaeO3JCOcMSs.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 2 KB
696 B 69ms
62ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_-QM9b70ms9vwfnmLPrfosaU6dnxAznojaeO3JCOcMSs.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7429f8084c66cf882a7e96a4afcf207df7c77483f13a91ec7333887392dc346a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Mon, 19 Aug 2024 08:33:00 GMT
date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 970767
cf-polished: origSize=4073
x-cache: HIT
x-ah-environment: prod
x-request-id: v-38b11810-d4ab-11ee-852f-dfe6ed36e6d0
cf-bgj: minify
last-modified: Mon, 17 Jul 2023 11:14:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8b9015d90f76abae-YYZ
x-cache-hits: 76

GET
H2 200 adobe_launch_dtm_init.js Show response
www.crainsdetroit.com/modules/contrib/adobe_launch/js/ 67 B
263 B 127ms
120ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/modules/contrib/adobe_launch/js/adobe_launch_dtm_init.js?sin06q

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d986b35a59fa7cdf953a4b6e5ad899b3d9ebfed1501c01a385f67c22e3690a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=196
x-cache: MISS
x-ah-environment: prod
x-request-id: v-0e45a390-60c7-11ef-a44f-f351127325c7
cf-bgj: minify
last-modified: Tue, 17 May 2022 03:58:22 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 8b9015d90f77abae-YYZ
expires: Mon, 09 Sep 2024 01:35:28 GMT

GET
H2 200 email-decode.min.js Show response
www.crainsdetroit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
800 B 65ms
58ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2024 12:08:06 GMT
server: cloudflare
etag: W/"66c5d8a6-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8b9015d90f78abae-YYZ
expires: Wed, 28 Aug 2024 01:35:28 GMT

GET
H2 200 index.js Show response
tags.remixd.com/player/v5/ 34 KB
10 KB 254ms
68ms Script
text/javascript 18.238.49.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.remixd.com/player/v5/index.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-4.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:34:36 GMT
content-encoding: gzip
via: 1.1 83f903d51f378add519d351aa3b07052.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P3
age: 53
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10111
last-modified: Thu, 01 Aug 2024 15:34:48 GMT
server: AmazonS3
etag: "706272a81c49bceecca7cf782f98d602"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=1800
accept-ranges: bytes
x-amz-cf-id: b6eWKGMNfih49k8eYJyORoLD8H5FVRnTwtIzdhdhCPhAK4_COs9Aqg==

GET
H2 200 js_O40j1Rj3SRByEkq45U7DZLlm2gVdyVYzPfFrl_gpJOM.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 156 KB
46 KB 75ms
69ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_O40j1Rj3SRByEkq45U7DZLlm2gVdyVYzPfFrl_gpJOM.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fcef0716825e85fb5a12018e61d82ba24f358254c0f6ed5cb1bae3d3a920904

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Mon, 19 Aug 2024 08:20:48 GMT
date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 480820
cf-polished: origSize=213514
x-cache: HIT
x-ah-environment: prod
x-request-id: v-d2e6f854-02e7-11ef-be64-5b984a7e44b4
cf-bgj: minify
last-modified: Mon, 18 Mar 2024 09:35:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8b9015d90f79abae-YYZ
x-cache-hits: 96

GET
H2 200 crain_pelcro_user.js Show response
www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/ 25 KB
7 KB 66ms
62ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/crain_pelcro_user.js?sin06q

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c37c8810ea07ed8714faeac29f84685d20947a848d1586f94f46f352e15dc2fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=36497
x-cache: MISS
x-ah-environment: prod
x-request-id: v-0e49ece8-60c7-11ef-b98d-4b73c4d95ac6
cf-bgj: minify
last-modified: Tue, 25 Jun 2024 09:33:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 8b9015da1886abae-YYZ
expires: Mon, 09 Sep 2024 01:35:28 GMT

GET
H2 200 crain_pelcro_order.js Show response
www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/ 1 KB
712 B 101ms
97ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/crain_pelcro_order.js?sin06q

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c03d980fed6f86344148c1d33e311ffe17b84985ec47519e62556e3dd82d8f7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=1938
x-cache: MISS
x-ah-environment: prod
x-request-id: v-0e45bd76-60c7-11ef-be6b-d754f97b7144
cf-bgj: minify
last-modified: Mon, 06 Mar 2023 09:00:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 8b9015da48a4abae-YYZ
expires: Mon, 09 Sep 2024 01:35:28 GMT

GET
H2 200 js_58zhCIFriHjYWy9IYY5h7yFP6KkljTIp5erPH2QUI1g.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 2 MB
516 KB 111ms
106ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_58zhCIFriHjYWy9IYY5h7yFP6KkljTIp5erPH2QUI1g.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e838430e731f466bc6d10c9e7dc2d9ff1dad72ea1e50421a75f57998df691dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Wed, 04 Sep 2024 08:00:51 GMT
date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 404566
cf-polished: origSize=2078452
x-cache: HIT
x-ah-environment: prod
x-request-id: v-7bf07b98-5f93-11ef-a015-6f447bf87e25
cf-bgj: minify
last-modified: Wed, 21 Aug 2024 08:00:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8b9015d90f7aabae-YYZ
x-cache-hits: 2

GET
H2 200 main.min.js Show response
js.pelcro.com/sdk/ 305 KB
87 KB 371ms
65ms Script
text/javascript 2600:9000:266a:6400:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/sdk/main.min.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:6400:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24687547639313c5eb1246acd422e286a032d244bcae90a63716b6a5b2adbcf4

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Aug 2024 14:58:27 GMT
content-encoding: gzip
via: 1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P5
age: 38222
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: JGh1R2OTE8XrEkas1CLihqAy0kS8rpCmNxa2pbKtvPQ=
x-cache: Hit from cloudfront
x-amz-meta-sha384: vZDkLi8Mwe5BTULCQJwX5HX4FHiMUBrCOxS7IzqtJYFniAv8mrJXKMkkY9rrSo0Z
last-modified: Thu, 22 Aug 2024 14:58:21 GMT
server: AmazonS3
etag: W/"1ddba54cb1d4304ed4590ad622879f5d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-amz-meta-md5: 1ddba54cb1d4304ed4590ad622879f5d
x-amz-cf-id: J9rPGOnhFrQxAfHC35ydhQlZtMF_0df7ERi9Sy-13eodHI2NPwm5hA==

GET
H2 200 js_S42Btfta_6Y59Lk6x4bDr4brQKX7fViBOTQg20lW6VE.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 314 KB
96 KB 74ms
70ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_S42Btfta_6Y59Lk6x4bDr4brQKX7fViBOTQg20lW6VE.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cd81a57013f91cc12b14528393d54acd323c40400b3cec5c936b514ebba03fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Thu, 29 Aug 2024 01:32:04 GMT
date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 906174
cf-polished: origSize=338402
x-cache: HIT
x-ah-environment: prod
x-request-id: v-be9c971c-450b-11ef-8675-0bf056e3aa41
cf-bgj: minify
last-modified: Thu, 18 Jul 2024 13:43:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8b9015d90f7babae-YYZ
x-cache-hits: 7

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 228 KB
78 KB 277ms
93ms Script
text/javascript 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

f0d178198ebf662c5734588783c9c2fd57e3eaf06ab651e4347980bd1343d2ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79692
x-xss-protection: 0

GET
H2 200 js_xiA-FRQXRvnp03u8Qe6rLrUnzZROEMJR4UtiO3KFJzM.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 182 KB
60 KB 69ms
65ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_xiA-FRQXRvnp03u8Qe6rLrUnzZROEMJR4UtiO3KFJzM.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d918546f9f7cefb37e0c113c635a616c386ea7a9a0a5170da9b0a48b270b8d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 563295
cf-polished: origSize=271628
x-cache: MISS
x-ah-environment: prod
x-request-id: v-ec821376-5e2b-11ef-94b4-db2a614b8eef
cf-bgj: minify
last-modified: Mon, 19 Aug 2024 13:06:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8b9015d90f7cabae-YYZ
expires: Mon, 02 Sep 2024 13:07:01 GMT

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://crain-com.videoplayerhub.com/galleryloader.js
https://btloader.com/tag?h=crain-com&upapi=true

54 KB
18 KB

226ms
51ms

Script
application/javascript

2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=crain-com&upapi=true
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 599204ec379eea66b743c70429d4a88893ae4efc631f21d22ceb5b6c03b1d905

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:28 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 26 Aug 2024 01:01:10 GMT
server: cloudflare
age: 1870
etag: "d3804def7d80943326dd7b33d795d5b2"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8b9015dd2905abac-YYZ
content-length: 18348

Redirect headers

date: Mon, 26 Aug 2024 01:35:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSObU2v6wo17H3NF7JCUEwfQwFccPRN%2By%2BOoR9UDt6UtMzqytRzid8BrD0CqZ5P1t0cG6cX0Kc7ISG6e6BDEg4ekdXbfckgQtfRArd%2FV3wYkJACoos7veS1c7ZivXDfU29Wb2bAeh8k%2BbMEN11HRRUE8sh7FkHLEMtE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://btloader.com/tag?h=crain-com&upapi=true
cache-control: max-age=3600
cf-ray: 8b9015db2b26ac3f-YYZ
content-length: 167
expires: Mon, 26 Aug 2024 02:35:28 GMT

GET
H2 200 sitetotal.js Show response
static.chartbeat.com/js/sitewidgets/ 54 KB
22 KB 90ms
87ms Script
application/x-javascript 2600:9000:24f1:8400:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/sitewidgets/sitetotal.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:8400:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 879f8ac93353fa4011fb96c803114599fccc3bdf068c906fc2ea35b9e9715d79

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Aug 2024 17:00:35 GMT
content-encoding: gzip
via: 1.1 e8a811941c8b094e985333a44bc18f46.cloudfront.net (CloudFront)
last-modified: Fri, 12 Apr 2013 15:40:22 GMT
server: nginx
x-amz-cf-pop: JFK50-P4
age: 30893
etag: W/"51682ae6-d6df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 1L6Nn8F8KmdBh3XitlwDgEk60z5lyKbLFFcl38Ocz0fl8asV4jmLrw==
expires: Mon, 26 Aug 2024 17:00:35 GMT

GET
H2 200 dashboard.js Show response
www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/chartbeat/js/build/ 2 KB
956 B 95ms
92ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/chartbeat/js/build/dashboard.js?sin06q

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

950fd95b6af4b4974a68ac04a5f146062dccfff965c0b150d8202306c1f6bb9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=3241
x-cache: MISS
x-ah-environment: prod
x-request-id: v-0e46b816-60c7-11ef-8b29-93fa5532032e
cf-bgj: minify
last-modified: Mon, 01 Jul 2024 07:30:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 8b9015da48a5abae-YYZ
expires: Mon, 09 Sep 2024 01:35:28 GMT

GET
H2 200 js_Gzbe1ZTtqVYf_Y0RYIK8CzGqSKs_OrvB4NMGXCltefo.js Show response
www.crainsdetroit.com/sites/cdb_rd/files/js/ 42 KB
11 KB 67ms
63ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_Gzbe1ZTtqVYf_Y0RYIK8CzGqSKs_OrvB4NMGXCltefo.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecefddb858623759bf80b1cea326af705be923582c6604b22717d75604a2a1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Mon, 19 Aug 2024 16:14:01 GMT
date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 505838
cf-polished: origSize=59081
x-cache: HIT
x-ah-environment: prod
x-request-id: v-ba3a79da-5345-11ef-9062-13dc29eca92e
cf-bgj: minify
last-modified: Thu, 11 Jul 2024 11:36:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: max-age=1209600
cf-ray: 8b9015d90f7fabae-YYZ
x-cache-hits: 2

GET
H2 200 crain_pelcro_user_status.js Show response
www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/ 3 KB
1 KB 130ms
127ms Script
application/javascript 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/crain_pelcro/js/build/crain_pelcro_user_status.js?sin06q

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6e1bca811af848f4ad930170f9bc77edcd142fc90badc0218cd8c6dc57f36ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=4140
x-cache: MISS
x-ah-environment: prod
x-request-id: v-0e4ac1ea-60c7-11ef-b3b2-cb08271193b8
cf-bgj: minify
last-modified: Mon, 05 Feb 2024 10:36:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://js.trendmd.com
cache-control: public, max-age=1209600
cf-ray: 8b9015da48a6abae-YYZ
expires: Mon, 09 Sep 2024 01:35:28 GMT

GET
H2 200 icons.svg
www.crainsdetroit.com/themes/custom/citybook_rd/dist/ 20 KB
7 KB 102ms
100ms Other
image/svg+xml 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crainsdetroit.com/themes/custom/citybook_rd/dist/icons.svg

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c72f4dff7cebbfb793dee88030ddb9dc7441dc9b5acf793a3de9d6a6fd6a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Mon, 09 Sep 2024 01:35:28 GMT
date: Mon, 26 Aug 2024 01:35:28 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-cache: HIT
x-ah-environment: prod
x-request-id: v-02c5d712-f39c-11ee-87e3-d718c4de636b
last-modified: Thu, 21 Mar 2024 07:34:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=1209600
cf-ray: 8b9015da48a7abae-YYZ
x-cache-hits: 17

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif

GET
H3 200 logger-1.min.js Show response
cdn.lr-intake.com/ 877 KB
176 KB 213ms
56ms Script
text/javascript 2606:4700:3030::ac43:8707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-intake.com/logger-1.min.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_58zhCIFriHjYWy9IYY5h7yFP6KkljTIp5erPH2QUI1g.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fedd74ca99d494f92c874191a293404fa2530decda3632c1650ab02c162634e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:28 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 178
x-cache: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-yyz4538-YYZ
last-modified: Fri, 23 Aug 2024 21:54:08 GMT
server: cloudflare
x-timer: S1724450148.894789,VS0,VE71
etag: W/"3cdfbd781da5dcc618cb48964ea9fb8d7e537fafe71dd66f485c464f85cdd24e-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bpFaOQ4qUuZmFAFx52W45DH68TvKN%2BnoSB9XnfmvVa5m1yVZxyN7xQjyr6gqkUASFKBn%2F9Na8twn7AwfayfRJUBvNAVaogkoZGrHoJK67hT2xhb9k%2B%2Bm3Sdf%2BuP9ykOcKn2WtaVFo2eZXnzPf1rjKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8b9015dc18ee36af-YYZ
x-cache-hits: 0

GET
H2 200 v3 Show response
js.stripe.com/ 647 KB
177 KB 312ms
77ms Script
text/javascript 3.168.122.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_58zhCIFriHjYWy9IYY5h7yFP6KkljTIp5erPH2QUI1g.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.168.122.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-122-54.jfk52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

54071ff5eb36c891ea056c1fd6a9a0aecc3782288444abf481f5f3ced68fc5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:05 GMT
content-encoding: gzip
via: 1.1 fa52f1a23716e225ace4af997301194a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 57
x-amz-cf-pop: JFK52-P7
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Aug 2024 22:00:07 GMT
server: Cloudfront
etag: W/"7c297cc5052a373c96491a91cea6e570"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: U2goxBqh3sPBIpc-NLS9n3ztk-vsOFxN4cATV5QCvKiP0gMG3aRQvw==

GET
H2 200 ijwRs572Xtc6ZYQws9YVwnNGfJ7QwOk1.woff2
fonts.gstatic.com/s/publicsans/v15/ 26 KB
26 KB 249ms
53ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ7QwOk1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,300;0,400;0,500;0,700;0,800;0,900;1,300;1,400;1,500;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8458e4b4a54eacfd1b843411542fb3c450c0b9cf9552297bfca73fc718a258ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.crainsdetroit.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 23 Aug 2024 14:57:04 GMT
x-content-type-options: nosniff
age: 211104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26160
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Aug 2025 14:57:04 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/ 478 KB
149 KB 47ms
46ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebab3ceb33eb45bd6eb4ae7e894f083a64cbbfb9f323766abdf30c340629de6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:27:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 506
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152188
x-xss-protection: 0
server: cafe
etag: 17432397005842241520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 26 Aug 2025 01:27:02 GMT

GET
H2 403 crainsdetroit.com Show response
pubcast-files.remixd.com/player-configs/ 111 B
481 B 268ms
120ms Fetch
application/xml 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pubcast-files.remixd.com/player-configs/crainsdetroit.com
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 08142330655deb1526dcc56795c92eb5c13012f75b599d5ac68db4027953ed80

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:28 GMT
server: UploadServer
x-guploader-uploadid: AHxI1nN637k0WOeH3xpVzFsDyayGG272rcc3Au9sGB3o2XP4FhvlWwhdF5HmJqvCG_-9l3Yy-vM
content-type: application/xml; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
expires: Mon, 26 Aug 2024 01:35:28 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 235 B
523 B 291ms
111ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=crainsdetroit.com&domain=crainsdetroit.com&path=%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 192574e33506cbc2db0a4a31e24e7a72abe1bd1fc08f10da2e1e0d789bbed5fe

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Sat, 24 Aug 2024 01:35:28 GMT
date: Mon, 26 Aug 2024 01:35:28 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 170
x-served-by: cache-yyz4528-YYZ
x-timer: S1724636129.938424,VS0,VE25
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 203ms
51ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 26 Aug 2024 01:35:28 GMT
document-policy: force-load-at-top
x-fb-server-load: 34
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58912
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=23, mss=1232, tbw=5559, tp=10, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 2d/39FOh52jnWidx5cnlleGqFL0t3Rnp7PjP3vkwXZJvbdLMWOr6P7TaTRjqTM6yLbnlbygNkKMjpJfrLkgnqQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 317ms
90ms Script
application/javascript 146.75.32.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kjyo7100098-IAD

GET
H2 200 id Show response
dpm.demdex.net/ 375 B
926 B 325ms
143ms XHR
application/json 52.87.63.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=138FFF2554E6E7220A4C98C6%40AdobeOrg&d_nsid=0&ts=1724636128810

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.87.63.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-63-192.compute-1.amazonaws.com

Software

Resource Hash

a974b8e6ad09bf6e8b6528f0801aa00fe3d6b9d21ec785aa2346241abff9fe35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-va6-1-v064-0e13bc4f8.edge-va6.demdex.com 7 ms
pragma: no-cache
date: Mon, 26 Aug 2024 01:35:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: /rf5VRBCRNY=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 318
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 tag.aspx Show response
ml314.com/ 38 KB
13 KB 206ms
31ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?257
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:04:18 GMT
via: 1.1 google
content-encoding: br
age: 1871
x-guploader-uploadid: AHxI1nNOlh4c8i2c4yEiA4Na9jMBM78ArD0BSYapXnH9lwzmlZ_tehS0Kg7DpvgKO1Nepay3YVzfawDX1w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12522
last-modified: Wed, 24 Jul 2024 19:30:50 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1721849450340665
x-goog-hash: crc32c=6sDw2Q==, md5=YyYW/xWCXwMKqzORpY7wQg==
content-type: application/javascript
cache-id: YYZ
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 39162
accept-ranges: bytes

GET
H2 200 get Show response
vi.ml314.com/ 855 B
734 B 278ms
128ms Script
application/javascript 35.201.104.135
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vi.ml314.com/get?eid=69120&tk=weP6qvbwC4vTzjKxXoXB2fkYVMrqAXGxMEdSJ6g2fHRUg3d&fp=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

135.104.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

bb651d305032e44506a6776e8f983b1915dc6d6c35580b11da5b8f80feeab331

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
via: 1.1 google
date: Mon, 26 Aug 2024 01:35:29 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 LogRocket.min.js Show response
cdn.lr-ingest.com/ 50 KB
14 KB 214ms
46ms Script
text/javascript 2606:4700:3030::6815:50b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.com/LogRocket.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:50b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5da1fbd73a3f4e0e389c683b527eaff83363e26a06ba5809de7f3a9aeb8b86db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2390
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-yyz4538-YYZ
last-modified: Fri, 23 Aug 2024 21:54:08 GMT
server: cloudflare
x-timer: S1724452040.844521,VS0,VE0
etag: W/"50385fae6c33298e91bbcdbd6356b68d5c2a8b49c33770fb77d55363dd323149-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xLGlNte%2F%2B6%2F1t2NB6Hs0iXcxe8960OmdXozXDUDRILzQOWEbFpmHlt0Tbg%2BsLfBjVqzPuIn3L8QcdZo%2BY109jaf1NtdVFeczRFaBtRlMm7HTyt6uOth6inyb4Oq%2F%2F8I0DeSabSyGRTyVV8KysSdoWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8b9015de4c4236d0-YYZ
x-cache-hits: 28

GET
H2 200 notice Show response
consent.trustarc.com/ 36 KB
11 KB 349ms
147ms Script
text/javascript 18.238.49.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=crain.com&c=teconsent&text=true&pcookie=true&cdn=1&gtm=true&js=bb&noticeType=bb&privacypolicylink=%2Fprivacy-policy&cookieLink=%2Fprivacy-policy

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-99.jfk52.r.cloudfront.net

Software

Resource Hash

a1c26bcd6f403a967541f722322daed7c986ba524a37a4c9acc7a46bf729ad59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
via: 1.1 fb71bc40c2ca2e3f3af674bf6527ac8a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK52-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=3600
x-amz-cf-id: GiisgWjvNRG793npGv0E7TR5YJyg_XzKQFUgtJit096c3Qe9Vbgmfw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
94 KB 324ms
102ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R975N3VDSQ&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9e17793347de95c9a580ba5bcdd86164a408aec5d9958d10886c37da9db0fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95596
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Aug 2024 01:35:29 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 260ms
66ms XHR
application/json 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.crainsdetroit.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 588 B
666 B 407ms
151ms Script
text/html 129.80.52.16
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&pcode=crainprebidheader782626518086&rx=455503024899&callback=MoatNadoAllJsonpRequest_73303961
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.52.16 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: fcdeb29b63c8fbeba8854b553ff3195391ec0a6b2b918067d50497de19c84d5a

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
server: istio-envoy
etag: "89bc769395008c66815fcb25bfabcd65d4d791f1"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 42
timing-allow-origin: *
content-length: 588

GET
H2 200 n.js Show response
mb.moatads.com/ 100 B
276 B 332ms
82ms Script
text/html 129.80.52.16
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&i=CRAIN_PREBID_HEADER1&hp=1&sst=1&wf=1&pxm=3&sgs=3&vb=-1&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1724636128731&de=833235216278&rx=455503024899&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=1&cb=1&cu=1724636128731&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A-%3A-%3A0%3A0&fs=208210&na=672822556&cs=0&callback=MoatDataJsonpRequest_73303961
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.52.16 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: b6dd3e8a6fb36c514c7f2c92afee8d55cc53b16e38d204ebd2df7abe186f35d0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
server: istio-envoy
etag: "e10b1b67e1c7844cbacb79500ebe5b70132cee3c"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 9
timing-allow-origin: *
content-length: 100

GET
H2 200 iframe.html
z.moatads.com/hd09824092/ Frame 540D 0
0 218ms
64ms Document
text/html 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/hd09824092/iframe.html

Requested by

Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-51-58-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=1129
content-encoding: gzip
content-length: 803
content-md5: Spy8LlvBZDE9rOQqWL7xQQ==
content-type: text/html
date: Mon, 26 Aug 2024 01:35:29 GMT
etag: 0d341092-8e0f-4735-ae34-f388ff501eed
last-modified: Thu, 21 Mar 2024 17:22:14 GMT
opc-meta-btime: 2021-01-26T22:41:39Z
opc-meta-mtime: 1611700899
opc-request-id: iad-1:PJNnHllltcL_39K6zKzW5gKiecXfuTDgVtLw2SE53x_KuF1TR7-gZCxdmt3Up2Y8
storage-tier: Standard
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
version-id: 5af5eb63-417c-4960-9068-358f7e3e1642
x-api-id: native
x-content-type-options: nosniff

GET
H2 200 site Show response
www.pelcro.com/api/v1/sdk/ 11 KB
2 KB 56ms
54ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/site?site_id=5070&language=en

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6580d205951d7327484c4cc98a57ab28abb81547b986c612fd0891fb649abd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.19.0
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 26 Aug 2024 01:23:27 GMT
server: cloudflare
age: 543
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=0
cf-ray: 8b9015e0af06ab60-YYZ
expires: Mon, 26 Aug 2024 01:23:27 GMT

OPTIONS
H2 204 site
www.pelcro.com/api/v1/sdk/ Frame 0
0 455ms
283ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/site?site_id=5070&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8b9015dedce1ab60-YYZ
date: Mon, 26 Aug 2024 01:35:29 GMT
expires: Mon, 26 Aug 2024 01:35:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

GET 67cf8617-1fab-48c4-8246-427af8f71756
https://www.crainsdetroit.com/ Frame 0
0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 74ms
73ms Script
application/x-javascript 2600:9000:24f1:8400:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/profiles/custom/crain_core/modules/custom/chartbeat/js/build/dashboard.js?sin06q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:8400:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Aug 2024 16:13:11 GMT
content-encoding: gzip
via: 1.1 e8a811941c8b094e985333a44bc18f46.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 00:13:00 GMT
server: nginx
x-amz-cf-pop: JFK50-P4
age: 33738
etag: W/"665fad8c-9895"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: r4ehr1XvWf4vC9z6xTcEC_9dTP0TWJ8RNho4tmmDOpF51lkCHR9cnw==
expires: Mon, 26 Aug 2024 16:13:11 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 254ms
68ms Script
application/javascript 2600:141b:1c00:6::17df:d10d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d10d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=28209
accept-ranges: bytes
content-length: 14628

GET
H2 200 RCa1ef3faa49e84abf89a7410820c6c505-source.min.js Show response
assets.adobedtm.com/05852ba8023b/f33085ef03e5/8b1ec994689b/ 377 B
506 B 60ms
59ms Script
application/x-javascript 2600:141b:1c00:209c::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/8b1ec994689b/RCa1ef3faa49e84abf89a7410820c6c505-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:209c::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e3c312da75c715a16c5354091bcb185ab79ddc80f47e6e05de0ff2316bbd2284

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2024 18:07:16 GMT
server: AkamaiNetStorage
etag: "539c3b16a8dea4f6ab15ea0cd250daa5:1723658836.381033"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 246
expires: Mon, 26 Aug 2024 02:35:29 GMT

GET
H2 200 RC78c47e69cfbf44d8bcc4b5ba97685ba4-source.min.js Show response
assets.adobedtm.com/05852ba8023b/f33085ef03e5/8b1ec994689b/ 401 B
515 B 130ms
128ms Script
application/x-javascript 2600:141b:1c00:209c::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/8b1ec994689b/RC78c47e69cfbf44d8bcc4b5ba97685ba4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:209c::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 660227b52daa64c6cbf776b3747a2988d1e917c8ac246e1860c03a1ed9254710

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2024 18:07:16 GMT
server: AkamaiNetStorage
etag: "539c3b16a8dea4f6ab15ea0cd250daa5:1723658836.381033"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 255
expires: Mon, 26 Aug 2024 02:35:29 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 257ms
49ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 26 Aug 2024 01:35:28 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6B2A24486411453FA4933E0D67BC190F Ref B: YTO01EDGE0822 Ref C: 2024-08-26T01:35:29Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 103 KB
34 KB 249ms
57ms Script
application/javascript 13.225.63.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_S42Btfta_6Y59Lk6x4bDr4brQKX7fViBOTQg20lW6VE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 304a596bb9715360b71c3002d94553e04943f56dffbbefcf5c3ce3efc60db4a5

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:29:32 GMT
content-encoding: gzip
via: 1.1 17a79dcb426270de1bedb2a8dbcb8f72.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jun 2024 16:53:02 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 358
x-amz-server-side-encryption: AES256
etag: W/"0a63286546fdaeb63f5762369bd1c4ff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: T36HbM5vU7V3EDuuC1xU-qTXdW7_41jbejC9qOeiguYyWWaNJcMqKQ==

GET
H3 200 ebx.js Show response
applets.ebxcdn.com/ 464 B
1005 B 197ms
44ms Script
application/javascript 2606:4700:3034::ac43:d4ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applets.ebxcdn.com/ebx.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/sites/cdb_rd/files/js/js_lyb0K5ITaniwcgo-uFqLgufjqgYVW6mPAkzWFQRWKOQ.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: br
x-amzn-remapped-content-length: 464
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 193
x-amzn-requestid: 050a6e46-4fdb-4860-aeeb-d559efc3faff
x-amz-apigw-id: dF8tIG7ZjoEEgSw=
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed Aug 30 13:25:09 GMT 2023
server: cloudflare
x-amzn-trace-id: Root=1-66cbdb20-24b574366e5387ce4e23380c;Parent=126ba75abb524549;Sampled=0;lineage=7936cbcf:0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RpGg%2BDoZw5MSZ6SYq0ML3m0buH97vmO8%2FhaxnKrr%2FPPjQdxGCLR%2FjIfcPOKfpwum0H1o%2BBTSqOFmYl4uDMo%2BNPuHQuz3wikNmh%2BfVGemIaln4bewqI0H1HXCAH9lJETs3zDsFaRxrw4a7yaa05eoFSY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=7200
cf-ray: 8b9015dffaa3ac4c-YYZ

GET
H2 200 websiteconfig Show response
btloader.com/ 757 B
673 B 215ms
62ms Fetch
application/json 2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/websiteconfig?bt_env=prod&o=5764463032532992&w=crainsdetroit.com
Requested by: Host: crain-com.videoplayerhub.com
URL: https://crain-com.videoplayerhub.com/galleryloader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72eeaae2550893210694268f29a16541223c20abdf7224eebcf6c89b262a2fe9

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 26 Aug 2024 01:24:41 GMT
server: cloudflare
age: 544
etag: "76b8151bec657b26ac171d79de4bf13b"
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8b9015e05fdfaabd-YYZ
content-length: 390

GET
H2 200 px.gif
ad-delivery.net/ 43 B
917 B 241ms
64ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 104839
x-guploader-uploadid: AHxI1nNOwQl-vSRGT84DDgk1wNsXy3utTnRoi3tHTGkhcPi6ZZmW6op6zUkhjsPjvfQ-rSYtFh_ycvpY1g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hNiR9IoQDDfKhQXifmKGrBwvZlA%2BNPsrDm4nolotVa2BF8ouQZpuVavh9aqSo3NEnuIckaxSYywCXpDOyJPz5qw5CLQ8HS3Oajp8BWfk5kWcCKUxH4GspEwd0uwhPNJwPrVg7kjCMri4qdEi9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8b9015e079a0ab69-YYZ
expires: Tue, 27 Aug 2024 01:35:29 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 205ms
47ms Image
image/x-icon 142.251.40.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.102 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Aug 2024 20:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Aug 2024 20:41:38 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
342 B 219ms
65ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.3331409115502364
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 104839
x-guploader-uploadid: AHxI1nNOwQl-vSRGT84DDgk1wNsXy3utTnRoi3tHTGkhcPi6ZZmW6op6zUkhjsPjvfQ-rSYtFh_ycvpY1g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DetsoSqiOG2yjjDrcEMt1EMyMheyNpL23UUc26%2BUoNd24VGfiE2OESe4kaZJgELr3DLhgWWp1g%2Fysr%2FGo0dHw7tUKuanJIZuoQqjl0jA6FVZXVJA%2B93ROUTEvUezkXumuMkF%2FzZA9YrEpdqU%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8b9015e079a1ab69-YYZ
expires: Tue, 27 Aug 2024 01:35:29 GMT

GET
H2 200 micro-logo.svg
www.crainsdetroit.com/themes/custom/citybook_rd/images/cdb/ 7 KB
2 KB 104ms
103ms Image
image/svg+xml 2606:4700::6812:b83b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crainsdetroit.com/themes/custom/citybook_rd/images/cdb/micro-logo.svg

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b83b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f54be1cfe2bac5fad5dd12e34e3d4f2f5cc52a87ca9ffab0656411b033d076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Mon, 09 Sep 2024 01:35:29 GMT
date: Mon, 26 Aug 2024 01:35:29 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-cache: HIT
x-ah-environment: prod
x-request-id: v-a68270c0-440c-11ef-9fad-e3760927555f
last-modified: Thu, 11 Jul 2024 07:55:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=1209600
cf-ray: 8b9015e00f96abae-YYZ
x-cache-hits: 188

GET
H2 200 2JEN3RX.jpg
s3-rd-prod.crainsdetroit.com/styles/1024x512/s3/ 36 KB
36 KB 295ms
107ms Image
image/jpeg 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-rd-prod.crainsdetroit.com/styles/1024x512/s3/2JEN3RX.jpg
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b4f22f30d39cb4bcedecf40d500aa953c8d891970f73e0b9b61d97c4666330b

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
cf-cache-status: MISS
last-modified: Wed, 13 Mar 2024 14:52:32 GMT
server: cloudflare
x-amz-request-id: Z7C4N1MC0KE1BZFR
etag: "068ae438ea24e57c10b4d16a64680f4a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 8b9015e1388eaab4-YYZ
content-length: 36920
x-amz-id-2: pWJt/iJLw2MgpgCmgmoLNCqwvg/tscDyhvSfF8p+9XdqGHdVjT3yXJxO2eG41ciIPviX/1rw8do=
expires: Mon, 26 Aug 2024 02:35:29 GMT

GET
H2 200 controller-with-preconnect-217d303ec5825990716de474979478e6.html
js.stripe.com/v3/ Frame D850 0
0 236ms
70ms Document
text/html 3.168.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-217d303ec5825990716de474979478e6.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.168.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-122-103.jfk52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 40
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-length: 651
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 26 Aug 2024 01:34:52 GMT
etag: "217d303ec5825990716de474979478e6"
last-modified: Fri, 23 Aug 2024 21:21:02 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 df8f6af36021a14492ac417e389afd16.cloudfront.net (CloudFront)
x-amz-cf-id: CuOA9dNPpPcFx7XxBhcpzVceJwWJ9GZjQP73-7ZmolmO_axdrzOL3Q==
x-amz-cf-pop: JFK52-P7
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 637988649571323 Show response
connect.facebook.net/signals/config/ 73 KB
15 KB 49ms
48ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/637988649571323?v=2.9.165&r=stable&domain=www.crainsdetroit.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d2b63f72b4b598a345bf1db52c8b8a6152fd898e9ddd62f7a9f8c6499ea22d8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 26 Aug 2024 01:35:29 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14878
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=74, mss=1232, tbw=68135, tp=63, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: gbbYQIvGxSFHYMnfiA4uCHsPSlBkFUXMW9IHdIxO+hZ33XuFxuHRKmtiJbFDMR/hqzPlS74esjYYWZGmWzfaFg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dest5.html
craommunications.demdex.net/ Frame B6CC 0
0 247ms
63ms Document
text/html 52.87.63.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://craommunications.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.87.63.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-63-192.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 26 Aug 2024 01:35:29 GMT
dcs: dcs-prod-va6-1-v064-0dd4c574b.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 19 Aug 2024 11:58:08 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: wvYYN8CgSbY=

GET
H2

200

ibs:dpid=411&dpuuid=Zsvb4QAAAJBKYANw
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=85708447097000609631744832819780929538
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zsvb4QAAAJBKYANw

42 B
716 B

54ms
53ms

Image
image/gif

52.87.63.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zsvb4QAAAJBKYANw

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Server

52.87.63.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-63-192.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

dcs: dcs-prod-va6-1-v064-0e13bc4f8.edge-va6.demdex.com 5 ms
pragma: no-cache
date: Mon, 26 Aug 2024 01:35:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 8kuFvdDtSQI=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zsvb4QAAAJBKYANw
Date: Mon, 26 Aug 2024 01:35:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

OPTIONS
H2 204 authorization
www.pelcro.com/api/v1/sdk/members/ip/ Frame 0
0 363ms
361ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8b9015e0bf29ab60-YYZ
date: Mon, 26 Aug 2024 01:35:29 GMT
expires: Mon, 26 Aug 2024 01:35:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

OPTIONS
H2 200 country
www.pelcro.com/api/v1/sdk/geo/ Frame 0
0 61ms
60ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pelcro.com/api/v1/sdk/geo/country?site_id=5070&language=en&locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: *
access-control-max-age: 86400
cf-ray: 8b9015e0cf2bab60-YYZ
content-length: 0
date: Mon, 26 Aug 2024 01:35:29 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 404 authorization Show response
www.pelcro.com/api/v1/sdk/members/ip/ 76 B
184 B 521ms
508ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2057b29ca580da0aab4aa5c20f0cf9204c5e80025bbcaa343ecefbf0b0f420

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.19.0
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: no-cache, private
cf-ray: 8b9015e30927ab60-YYZ

GET
H2 200 country Show response
www.pelcro.com/api/v1/sdk/geo/ 4 KB
2 KB 59ms
58ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pelcro.com/api/v1/sdk/geo/country?site_id=5070&language=en&locale=en
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2d2ac8b90bcaacd40df1122a51310170abb09aee8fe073c599b1342225d4e74

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.19.0
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: br
server: cloudflare
x-cache-key: en-CA
x-cache-status: hit
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
cf-ray: 8b9015e12f82ab60-YYZ

GET
H2 200 utsync.ashx Show response
ml314.com/ 684 B
1 KB 72ms
71ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=69120&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&pv=1724636129392_76gi2k8bq&bl=en-ca&cb=6209969&return=&ht=&d=&dc=&si=1724636129392_76gi2k8bq&cid=&s=1600x1200&rp=&v=2.7.4.212
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 4734f33e74ecbf67f717b292a66c96bd9f87f801d410a766e3c649b07058ed6f

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:29 GMT
via: 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 logger-1.min.js Show response
cdn.lr-ingest.com/ 877 KB
176 KB 200ms
53ms Script
text/javascript 2606:4700:3030::6815:50b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.com/logger-1.min.js

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:50b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fedd74ca99d494f92c874191a293404fa2530decda3632c1650ab02c162634e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 267
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-yyz4533-YYZ
last-modified: Fri, 23 Aug 2024 21:54:08 GMT
server: cloudflare
x-timer: S1724450178.004971,VS0,VE1
etag: W/"3cdfbd781da5dcc618cb48964ea9fb8d7e537fafe71dd66f485c464f85cdd24e-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sXpyQhJ3ni%2Bq6qfwZF7819e1391TUB22%2BE1AZueQdKhZ%2FiIG7gniBasmMk0B4j6GU229%2FNhlJHsMh%2FUvX1qpbhJ9%2F7pVxaGINEgUdekblkm4mfQBK4ckTqxrMTvTpRqO3i%2BxpvDFgytilCqdvSaAJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8b9015e1cc50ac4c-YYZ
x-cache-hits: 1

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
10 KB 341ms
95ms Script
application/javascript 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
etag: "tIg8n6xaLBY4WwNLLw9OGA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 02 Sep 2024 01:35:29 GMT

GET
H2 200 hotjar-1906609.js Show response
static.hotjar.com/c/ 11 KB
5 KB 291ms
98ms Script
application/javascript 108.138.106.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1906609.js?sv=6

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-49.jfk50.r.cloudfront.net

Software

Resource Hash

067fda1fb043979aa87066c7da6d28f6b5eafd55acbcb0a0f810b753fab0cc70

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 26 Aug 2024 01:35:29 GMT
via: 1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 47
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/d57d0a4a921f570a2f67995952a1f751
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: mHtVCXXDnv5tLDsikzlojkDCTWaUg4UnH4ZIFpT5uXXSig-vXM1RVQ==

GET
H2 200 zcpt.js Show response
js-tag.zemanta.com/ 8 KB
3 KB 203ms
44ms Script
application/javascript 2606:4700:10::6816:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-tag.zemanta.com/zcpt.js
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 08:53:31 GMT
server: cloudflare
x-amz-request-id: 5GP7VN2DTAY3RE22
age: 583
etag: W/"6376a488d713d6cf8cf3d1ebfb5e6361"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b9015e1e89daba0-YYZ
x-amz-id-2: 1x3TO1MUkSqGss1m9m+2wi/5otd53ES4kUEnnB1FCwTClVOj6JX4MrwWkN0fqu5HbLh5D0HZagE=

GET
H2 200 adsct
t.co/i/ 43 B
377 B 375ms
176ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=adfdc1bb-51bc-4184-9c1d-e7c33d1ace6e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4a1798fa-dcf0-40b8-9c6c-ae9ba68ab97a&tw_document_href=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4r93&type=javascript&version=2.3.30

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-response-time: 88
date: Mon, 26 Aug 2024 01:35:29 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 71c3d5d9cd45665d
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 49f629e33cf6245f0e447b5421d7e92f1dd5f31cf02b68800242df256da57199
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 445ms
233ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=adfdc1bb-51bc-4184-9c1d-e7c33d1ace6e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4a1798fa-dcf0-40b8-9c6c-ae9ba68ab97a&tw_document_href=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4r93&type=javascript&version=2.3.30

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-response-time: 79
date: Mon, 26 Aug 2024 01:35:29 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: c1a1c0c183fbdc4c
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 1803d5784baaabee0f1178a71d7d7443a52a561a9683536cb35cb503fd4abb6f
content-length: 43

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 315ms
117ms Image
image/gif 54.80.21.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=crainsdetroit.com&p=%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&u=9zRFQBTpOaABKMh-e&d=crainsdetroit.com&g=25465&g0=No%20Section&g1=Anna%20Fifelski&n=1&f=00001&c=0&x=0&m=0&y=4835&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&b=4071&t=B_czxsB5_w5YM99leDUdiB4Dx6oAx&V=147&i=Flagstar%20bank%20paid%20%241%20million%20in%20bitcoin%20to%20a%20ransomware%20group%20%7C%20Crain%27s%20Detroit%20Business&tz=420&_acct=anon&sn=1&sv=DTo1NkMgNxTC_XUFzDA1wsIDO3ZS&sr=external&sd=1&im=067b0fff&_
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.21.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-21-73.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: 0
pragma: no-cache
date: Mon, 26 Aug 2024 01:35:29 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
content-type: image/gif

GET
H2 200 v1.7-230 Show response
consent.trustarc.com/asset/notice.js/v/ 93 KB
28 KB 63ms
47ms Script
text/javascript 18.238.49.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-230

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=crain.com&c=teconsent&text=true&pcookie=true&cdn=1&gtm=true&js=bb&noticeType=bb&privacypolicylink=%2Fprivacy-policy&cookieLink=%2Fprivacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-99.jfk52.r.cloudfront.net

Software

Resource Hash

f2769341fbf31a14e512d5b4138e93597e2eaf57dc58a09748a0515f4d4fd267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Mon, 26 Aug 2024 01:34:13 GMT
content-encoding: gzip
via: 1.1 fb71bc40c2ca2e3f3af674bf6527ac8a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 5 Aug 2024 02:19:53 GMT
x-amz-cf-pop: JFK52-P3
age: 76
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
x-amz-cf-id: 6TNzd4eP_ikf3KGeO93ncytOXSSdWeg3PBQfYs0DhNp5x1_ZHGMALQ==

GET
H2 200 log
consent.trustarc.com/ 43 B
429 B 324ms
142ms Image
image/gif 18.238.49.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=crain.com&country=ca&state=&behavior=implied&session=333c12ff-8484-424e-821b-cd9d03e2639b&userType=NEW&c=da8b&referer=https://www.crainsdetroit.com&language=en

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-99.jfk52.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:29 GMT
via: 1.1 a363b826ba48f4e79f7e95839a3bcf3a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK52-P3
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: oJY_BHdSBSZ0bc_IMCYcP0Hsspe2Z66yABfhurYYep826gaCoSJMxQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cci-firstTouchCookie.js Show response
crain-global.s3.amazonaws.com/global/js/ 3 KB
4 KB 318ms
86ms Script
application/javascript 52.216.177.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://crain-global.s3.amazonaws.com/global/js/cci-firstTouchCookie.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.216.177.243 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a52bf805948390e3ecf0ee9bf232f1563a9d8cae24a20152845730f355adedbb

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 26 Aug 2024 01:35:30 GMT
Last-Modified: Tue, 26 Sep 2023 14:12:59 GMT
Server: AmazonS3
x-amz-request-id: Z7C16P5Z5FEPF5S6
ETag: "b79b890f95a91ffbf5a1e0c99ee5eeed"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3185
x-amz-id-2: 7AQg5/8yvwTjK3OKQv9+cy42q8bZe/YD/tlALeaD53oukpGAp71priOwwvMw4alwzLmjp+JLdzo=

GET
H2 200 RCbd505d2e43d34584bc454b723ef70864-source.min.js Show response
assets.adobedtm.com/05852ba8023b/f33085ef03e5/8b1ec994689b/ 2 KB
947 B 53ms
48ms Script
application/x-javascript 2600:141b:1c00:209c::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/8b1ec994689b/RCbd505d2e43d34584bc454b723ef70864-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/05852ba8023b/f33085ef03e5/launch-ef0d5546c26e.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:209c::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e941d020f374fc58aa98128be91674640766aff2e65c7dbe3bacab06af251d16

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2024 18:07:16 GMT
server: AkamaiNetStorage
etag: "539c3b16a8dea4f6ab15ea0cd250daa5:1723658836.381033"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 687
expires: Mon, 26 Aug 2024 02:35:29 GMT

GET
H2 200 location Show response
www.pelcro.com/api/v1/sdk/ 66 B
136 B 51ms
51ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pelcro.com/api/v1/sdk/location
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127dbf7de12bd7072e12f7bf921fe92067015763fab9a8ade76d1a3c03c2c5af

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.19.0
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: br
server: cloudflare
cf-ray: 8b9015e1affbab60-YYZ
vary: Accept-Encoding
content-type: application/json; charset=UTF-8

OPTIONS
H2 200 location
www.pelcro.com/api/v1/sdk/ Frame 0
0 60ms
56ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pelcro.com/api/v1/sdk/location
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
cf-ray: 8b9015e14fadab60-YYZ
content-length: 0
date: Mon, 26 Aug 2024 01:35:29 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 45E1 0
0 261ms
52ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
age: 1191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29261
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 01:15:38 GMT
expires: Mon, 26 Aug 2024 02:05:38 GMT
last-modified: Mon, 19 Aug 2024 19:44:00 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 323 KB
36 KB 172ms
171ms XHR
text/plain 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2046796233840890&correlator=4002782694706554&eid=31079957%2C31085739&output=ldjh&gdfp_req=1&vrg=202408200101&ptt=17&impl=fifs&iu_parts=105554924%2Ccdb%2Cbanking-finance%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%2C1200x250%7C970x90%7C970x250%7C728x90%2C1x1%2C970x90%7C728x90%2C300x250%2C300x250%7C300x600%2C300x250%2C320x50%2C300x250%2C970x90%7C970x250%7C728x90&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0&ifi=1&sfv=1-0-40&ists=640&eri=33&sc=1&cookie_enabled=1&abxe=1&dt=1724636129518&lmt=1724636125&adxs=0%2C0%2C740%2C255%2C1120%2C1120%2C1120%2C1120%2C1120%2C160&adys=0%2C220%2C2154%2C2321%2C391%2C1009%2C1009%2C1009%2C1009%2C3936&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C0%7C0%7C0%7C0%7C0%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&vis=1&psz=1600x0%7C1600x0%7C0x0%7C970x0%7C320x0%7C320x0%7C320x0%7C320x0%7C320x0%7C1280x0&msz=1600x0%7C1600x0%7C0x0%7C970x0%7C320x0%7C320x0%7C320x0%7C320x0%7C320x0%7C1280x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&td=1&egid=13754&tdf=2&topics=9&tps=9&htps=10&nt=1&dlt=1724636128067&idt=965&prev_scp=m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26pos%3Dinterstitial%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26pos%3DLB_01%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26pos%3DINREAD%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26pos%3DLB_02%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26pos%3DREC_01%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26pos%3DREC_02%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26pos%3DREC_03%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26pos%3DNTV_01%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26pos%3DREC_04%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle%7Cm_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26pos%3DLB_03%26cdb_cat%3DBanking---Finance%2CTechnology%2CNews%2Cbanking_-_finance%26guid%3D843e5ff2-d4a7-4d04-9ed0-75bd7867d4d7%26author%3Danna-fifelski%26page_type%3Darticle&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26bmb%3Dind_112%252Cre_3%252Csz_3%252Cid_50%252Criskadvisory%252CCrainSmallBusiness08-13-24%252CBANKING%252CBMOSUS&adks=1774355824%2C3277692642%2C3959444746%2C1593773826%2C2444400267%2C3357764390%2C3864764278%2C3689951829%2C343738079%2C2237593131&frm=20&eoidce=1

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9a4bb4011f6c5d254cbb43f1fba9fdb389f1a4f89ab6adc5d532d914f59ab74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36381
x-xss-protection: 0
google-lineitem-id: 6711380340,6727407095,-2,6439686130,6767184699,6478990289,6354644058,6759380348,6354644058,6755207713
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138482970723,138476415646,-2,138458624057,138486565603,138467128672,138442311334,138485581116,138441589527,138482659322
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
acd0a51f851dc4fa450f1d424db29953.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C513 0
0 283ms
57ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://acd0a51f851dc4fa450f1d424db29953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 01:35:29 GMT
expires: Mon, 26 Aug 2024 01:35:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 scripts.js Show response
applets.ebxcdn.com/applets/www.crainsdetroit.com/ 2 KB
2 KB 211ms
67ms XHR
text/javascript 2606:4700:3034::ac43:d4ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applets.ebxcdn.com/applets/www.crainsdetroit.com/scripts.js
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:d4ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30cc81680ac73a0ed5dd4570067c32dc4867a4879e3003e695a672315d3f1a24

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2390
x-amzn-requestid: ecffa808-24bb-48f6-8e9b-50450ecca7ba
x-amz-apigw-id: dF3V2HZpjoEEpFQ=
content-length: 1572
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 10 Jan 2024 12:58:56 GMT
server: cloudflare
etag: aV3RLxUawR+XrKqGWhCg3g==
x-amzn-trace-id: Root=1-66cbd28b-42c108d8709451656b4d7c2d;Parent=6a5c4d68d8252922;Sampled=0;lineage=388d0713:0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AWY3jhKSEhyzSi9nl8iLnUUPepTEi3HIJ3eFT42Zzd0%2F7eUM0x7eyTA2e%2FMYQSY1U8PDzX9C6kFpmFEIMDbnx0k4ctd%2BwqqhE3QeaiGNE%2F0n1MebdEpFkSgjHuLre2gykLwckQhNknLDy8cC%2FUV5RgE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=300, no-transform
accept-ranges: bytes
cf-ray: 8b9015e29a2ca1fc-YYZ

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
813 B 275ms
104ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=2832529&time=1724636129544&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4BB9F74F145D41F79EB61F8274897A86 Ref B: YTO01EDGE0817 Ref C: 2024-08-26T01:35:29Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYgjCPhaTqVmTI8ae7jyg==
x-fs-uuid: 0006208c23e1693a9599323c69eee3ca

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1724636129544&li_adsId=829d8736-0749-4a87-ab20-85ffcd74a5a9&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1724636129544&li_adsId=829d8736-0749-4a87-ab20-85ffcd74a5a9&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-ban...

0
267 B

387ms
106ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1724636129544&li_adsId=829d8736-0749-4a87-ab20-85ffcd74a5a9&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&e_ipv6=AQKAMWlKUxADQwAAAZGMUunbKRdX9nXzkW54yJq_5B-oU945GOPEftWuEV8zUA-S5lf-Of9j8WU
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 366B7BFA94364CF3AC2D0995BD164575 Ref B: YTO01EDGE0507 Ref C: 2024-08-26T01:35:30Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYgjCPpxABXnOzLpT90Pg==

Redirect headers

date: Mon, 26 Aug 2024 01:35:29 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5634546AA9B14DC9AD65C9F5677D0136 Ref B: YTO01EDGE0813 Ref C: 2024-08-26T01:35:29Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2832529&time=1724636129544&li_adsId=829d8736-0749-4a87-ab20-85ffcd74a5a9&url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&e_ipv6=AQKAMWlKUxADQwAAAZGMUunbKRdX9nXzkW54yJq_5B-oU945GOPEftWuEV8zUA-S5lf-Of9j8WU
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYgjCPhQdaXXsaUd5H8wg==

GET
H2 200 187044856.js Show response
bat.bing.com/p/action/ 2 KB
960 B 48ms
46ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187044856.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

adccee23a958d0397ff1fcda012994d5e7bdbf8d263d6e805f870a40261dd4b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 26 Aug 2024 01:35:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D751E665FB114575872F3F408EF6EA7C Ref B: YTO01EDGE0822 Ref C: 2024-08-26T01:35:29Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 country Show response
api.btloader.com/ 37 B
215 B 212ms
61ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=5764463032532992
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 63c8a71e02dad8f567226247d5694840937f61e94ddb0c49288e8e68873c6097

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
82 KB 90ms
90ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-593664384&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R975N3VDSQ&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

093eab2d5f4ed779cd412531e1d8d836fe2f0365d6c12d36b776177cd28b7c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84316
x-xss-protection: 0
last-modified: Mon, 26 Aug 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Aug 2024 01:35:29 GMT

POST
H2 204 collect Show response
www.google-analytics.com/g/ 0
258 B 350ms
84ms Fetch
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-R975N3VDSQ&gtm=45je48l0v9112970402za200&_p=1724636128822&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1187118756.1724636130&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&uid=&sid=1724636129&sct=1&seg=0&dl=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&dt=Flagstar%20bank%20paid%20%241%20million%20in%20bitcoin%20to%20a%20ransomware%20group%20%7C%20Crain%27s%20Detroit%20Business&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=&ep.anonymize_ip=false&tfd=4229
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 243ms
74ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=637988649571323&ev=PageView&dl=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&rl=&if=false&ts=1724636129627&sw=1600&sh=1200&v=2.9.165&r=stable&a=adobe_launch&ec=0&o=4126&fbp=fb.1.1724636129625.50066840144428449&cs_est=true&ler=empty&cdl=API_unavailable&it=1724636129336&coo=false&rqm=GET

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1392, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Aug 2024 01:35:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 268ms
99ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=637988649571323&ev=PageView&dl=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&rl=&if=false&ts=1724636129627&sw=1600&sh=1200&v=2.9.165&r=stable&a=adobe_launch&ec=0&o=4126&fbp=fb.1.1724636129625.50066840144428449&cs_est=true&ler=empty&cdl=API_unavailable&it=1724636129336&coo=false&rqm=FGET

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 26 Aug 2024 01:35:29 GMT
document-policy: force-load-at-top
x-fb-server-load: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1392, tbw=3106, tp=-1, tpl=-1, uplat=14, ullat=0
pragma: no-cache
x-fb-debug: TOxIEMWhgB3KubOgQJaNTgwLrhznafsl/QLJq5rt3ZUz6Cjc8rhs1oh6ZqfBKvTDZOOGfrk6m2VMv7LzTRyPOw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 204 5070
www.pelcro.com/api/v1/sdk/ecommerce/products/site/ Frame 0
0 206ms
205ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/ecommerce/products/site/5070

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8b9015e258a3ab60-YYZ
date: Mon, 26 Aug 2024 01:35:29 GMT
expires: Mon, 26 Aug 2024 01:35:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 5070 Show response
www.pelcro.com/api/v1/sdk/ecommerce/products/site/ 24 KB
2 KB 49ms
48ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/ecommerce/products/site/5070

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d04eeb649847f564a5c2cdb6379675604f27436877308e0a421af18305081e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.19.0
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 26 Aug 2024 01:19:14 GMT
server: cloudflare
age: 543
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=0
cf-ray: 8b9015e3a996ab60-YYZ
expires: Mon, 26 Aug 2024 01:19:14 GMT

GET
H2 200 main.min.js Show response
js.pelcro.com/ui/plugin/crain-detroit-business/ 1 MB
337 KB 48ms
47ms Script
text/javascript 2600:9000:266a:6400:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/ui/plugin/crain-detroit-business/main.min.js
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:6400:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 226238f482ce9997adf36c64ab80c6757cc85de5a0a3a60807c8c05b0abfde59

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Aug 2024 23:31:03 GMT
content-encoding: gzip
via: 1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
last-modified: Wed, 07 Aug 2024 07:10:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
age: 7467
etag: W/"f9310ed0d5df7e311a3f44adec49aef6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
x-amz-cf-id: TQULmdDMqo0JowHFXdmeI_Pp6m1D_opBfJ-mIBzpwKfqfXHgySngyA==

GET
H2 200 ibs:dpid=22052&dpuuid=3646553326425735195&redir=
dpm.demdex.net/ 42 B
716 B 55ms
53ms Image
image/gif 52.87.63.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3646553326425735195&redir=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.87.63.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-63-192.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

dcs: dcs-prod-va6-2-v064-045174f6a.edge-va6.demdex.com 4 ms
pragma: no-cache
date: Mon, 26 Aug 2024 01:35:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: wvQ9CMLcSBc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3646553326425735195
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0NjU1MzMyNjQyNTczNTE5NRAAGg0I4revtgYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=bff745061fa7c6e87b799296e14a165de0a27f4be83e709e2e201209a7627285f4cb09cee1a4f8eb&person_id=3646553326425735195&eid=50082

43 B
56 B

91ms
91ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=bff745061fa7c6e87b799296e14a165de0a27f4be83e709e2e201209a7627285f4cb09cee1a4f8eb&person_id=3646553326425735195&eid=50082
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H3
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-type: image/gif
date: Mon, 26 Aug 2024 01:35:30 GMT
via: 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Aug 2024 01:35:30 GMT

Redirect headers

date: Mon, 26 Aug 2024 01:35:30 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=bff745061fa7c6e87b799296e14a165de0a27f4be83e709e2e201209a7627285f4cb09cee1a4f8eb&person_id=3646553326425735195&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=bc384917-9832-40cf-ae4b-350d6b7012b8&gdpr=0&gdpr_consent=
https://ml314.com/csync.ashx?fp=bc384917-9832-40cf-ae4b-350d6b7012b8&person_id=3646553326425735195&eid=53819

43 B
56 B

70ms
69ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=bc384917-9832-40cf-ae4b-350d6b7012b8&person_id=3646553326425735195&eid=53819
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H3
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-type: image/gif
date: Mon, 26 Aug 2024 01:35:30 GMT
via: 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Aug 2024 01:35:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:30 GMT
via: 1.1 google
server: Google Frontend
content-type: image/gif
location: https://ml314.com/csync.ashx?fp=bc384917-9832-40cf-ae4b-350d6b7012b8&person_id=3646553326425735195&eid=53819
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
x-cloud-trace-context: 44992160e282a755a3f30862827cfd72
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: 0,Tue, 27 Aug 2024 01:35:30 GMT

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646553326425735195
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646553326425735195
https://ml314.com/csync.ashx?fp=2a1372576f014e448479066c3234d89&eid=50146&person_id=3646553326425735195

43 B
56 B

82ms
81ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=2a1372576f014e448479066c3234d89&eid=50146&person_id=3646553326425735195
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H3
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-type: image/gif
date: Mon, 26 Aug 2024 01:35:30 GMT
via: 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Aug 2024 01:35:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:30 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ml314.com/csync.ashx?fp=2a1372576f014e448479066c3234d89&eid=50146&person_id=3646553326425735195
cache-control: no-cache
x-server: 10.40.6.43
content-length: 0
expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2hsmGbqZS9TKRKeEz0TNQGS7REOvnBHO-h85YFqpoJ6g&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

70 B
440 B

54ms
52ms

Image
image/gif

54.156.26.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: HTTP/1.1
Server: 54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-26-12.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date: Mon, 26 Aug 2024 01:35:30 GMT
Content-Length: 70
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:30 GMT
via: 1.1 google
server: Google Frontend
content-type: image/gif
location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
x-cloud-trace-context: 8c621113e9ca83056e01abf99bf66aa6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: 0,Tue, 27 Aug 2024 01:35:30 GMT

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 117ms
63ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=pB4ZKXhP&w=5661028241113088&o=5764463032532992&cv=2.1.48&widget=false&checksum=837d31cd&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&sid=D2Ge7XB1z&pm=false&upapi=true
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Mon, 26 Aug 2024 01:35:29 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 get
consent.trustarc.com/ 127 KB
77 KB 60ms
58ms Font
font/ttf 18.238.49.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=OpenSansRegular.ttf

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-99.jfk52.r.cloudfront.net

Software

Resource Hash

a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Mon, 26 Aug 2024 01:03:28 GMT
content-encoding: gzip
via: 1.1 fb71bc40c2ca2e3f3af674bf6527ac8a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK52-P3
age: 1921
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
x-amz-cf-id: pFo0UrHLuWP3fuc9Bf16cMdC-14tuELSpsEuXEQBwHftKm-E8og6Zg==

GET
H2 200 get
consent.trustarc.com/ 127 KB
75 KB 76ms
75ms Font
font/ttf 18.238.49.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=OpenSansBold.ttf

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-99.jfk52.r.cloudfront.net

Software

Resource Hash

914b98c4be37d22289a09667dc5083f7c625d972fea66a049d73decad7f1df72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Mon, 26 Aug 2024 01:02:38 GMT
content-encoding: gzip
via: 1.1 fb71bc40c2ca2e3f3af674bf6527ac8a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK52-P3
age: 1971
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
x-amz-cf-id: 5_40eMmELYPgcW5gSo3_mgM8fOD4ozJXNxlTqy2KjS0gtvTp9ell8w==

GET
H2 200 bannermsg
consent.trustarc.com/ 43 B
430 B 164ms
162ms Image
image/gif 18.238.49.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/bannermsg?action=views&domain=crain.com&behavior=implied&country=ca&language=en&rand=0.19737292599064338&session=333c12ff-8484-424e-821b-cd9d03e2639b&userType=NEW&referer=https://www.crainsdetroit.com

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-99.jfk52.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:29 GMT
via: 1.1 a363b826ba48f4e79f7e95839a3bcf3a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK52-P3
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: n2vuplFW7f3khOXUwJzeLI9JZ1mxkySCgPBzkmJS2RQKIHWzoS5feg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 289 B
497 B 115ms
113ms Fetch
application/json 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=1&okv=%7B%7D
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: 19b887265030f550144409255009706920aa36859d49f480a82a2afd283afc65

Request headers

accept: application/json
Referer: https://www.crainsdetroit.com/
x-lib-version: v1.0.1
x-referring-url: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
authorization: Bearer 9e4ef7ae863f721d8ef0aa6f15b0ac85
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type: application/json

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:30 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 196
expires: -1

GET
H2

200

/
p1.zemanta.com/v2/p/js/38076/PAGE_VIEW/
Redirect Chain

https://p1.zemanta.com/v2/p/js/38076/PAGE_VIEW/?bust=049615008624774326&optOut=false
https://p1.zemanta.com/v2/p/js/38076/PAGE_VIEW/?bust=049615008624774326&optOut=false&s=2

26 B
216 B

53ms
53ms

Image
image/gif

2606:4700:10::6816:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p1.zemanta.com/v2/p/js/38076/PAGE_VIEW/?bust=049615008624774326&optOut=false&s=2

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Server

2606:4700:10::6816:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: CP="We do not support P3P header."
x-robots-tag: none
cf-ray: 8b9015e47ac6aba0-YYZ
content-length: 26

Redirect headers

date: Mon, 26 Aug 2024 01:35:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html; charset=utf-8
location: /v2/p/js/38076/PAGE_VIEW/?bust=049615008624774326&optOut=false&s=2
p3p: CP="We do not support P3P header."
x-robots-tag: none
cf-ray: 8b9015e379e7aba0-YYZ

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 644ms
86ms Preflight
text/plain 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=1&okv=%7B%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://www.crainsdetroit.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Mon, 26 Aug 2024 01:35:30 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame 50A2 10 KB
5 KB 62ms
60ms Script
application/x-javascript 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/craindfp44917164363/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-51-58-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Aug 2024 01:35:29 GMT
content-md5: vhllMQq6aHL0wqgkGTf5Aw==
storage-tier: Standard
content-length: 3856
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:07 GMT
opc-request-id: iad-1:wR24524ijGWB1rvYJcjGcAdIqZKEQsi-tWqWgQg-0C2XnDs8boWbN4wkXWMScmnG
x-api-id: native
etag: 001ba0e4-6408-48ba-b7a3-18af31904bce
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 438c0f49-c157-4286-81f2-36c01f2a344f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=31220
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/ Frame E625 3 KB
2 KB 462ms
67ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Sep 2024 01:27:53 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E625 204 KB
63 KB 504ms
46ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d605368ba73813b6dc99edf17ebaf694895e3c2a29700b3d1a2f64a00db2a3d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64898
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Aug 2024 02:17:11 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame E625 10 KB
0 44ms
44ms Script
application/x-javascript 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/craindfp44917164363/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-51-58-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vhllMQq6aHL0wqgkGTf5Aw==
storage-tier: Standard
content-length: 3856
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:07 GMT
opc-request-id: iad-1:wR24524ijGWB1rvYJcjGcAdIqZKEQsi-tWqWgQg-0C2XnDs8boWbN4wkXWMScmnG
x-api-id: native
etag: 001ba0e4-6408-48ba-b7a3-18af31904bce
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 438c0f49-c157-4286-81f2-36c01f2a344f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=31220
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 3816578092049288920
tpc.googlesyndication.com/simgad/ Frame E625 48 KB
48 KB 459ms
71ms Image
image/jpeg 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3816578092049288920

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

090aacbb90b265ededde0cabe232448fade91f47a99f3c27c86a10a76153fc4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 23 Aug 2024 09:47:17 GMT
x-content-type-options: nosniff
age: 229693
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
last-modified: Fri, 17 May 2024 17:48:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Aug 2025 09:47:17 GMT

GET
H2

200

15412410002129978775
tpc.googlesyndication.com/pimgad/
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDbtoX5iwEQMhgyKAEyCAAJwJ_TspT3
https://tpc.googlesyndication.com/pimgad/15412410002129978775

2 KB
2 KB

53ms
47ms

Image
image/png

2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pimgad/15412410002129978775

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cada3f814f586b15b4b382132baa55d0e8371bea4ed37a3899ab0993c2b7da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

allow-fenced-frame-automatic-beacons: true
date: Wed, 21 Aug 2024 18:01:59 GMT
x-content-type-options: nosniff
age: 372811
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2186
x-xss-protection: 0
last-modified: Mon, 12 Nov 2018 16:30:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Aug 2025 18:01:59 GMT

Redirect headers

date: Sun, 25 Aug 2024 21:44:18 GMT
x-content-type-options: nosniff
server: cafe
age: 13872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/pimgad/15412410002129978775
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Sep 2024 21:44:18 GMT

GET
H2 200 5116716263566628956
tpc.googlesyndication.com/simgad/ 9 KB
10 KB 569ms
117ms Image
image/jpeg 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5116716263566628956?

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d28462bd2908e6534cd08420a2631f660f5194d7b2c50c4f89f6d1761f8afa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

allow-fenced-frame-automatic-beacons: true
date: Thu, 22 Aug 2024 11:48:59 GMT
x-content-type-options: nosniff
age: 308791
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9622
x-xss-protection: 0
last-modified: Fri, 19 Jul 2024 20:41:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Aug 2025 11:48:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
26 B 112ms
111ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulUteAKInIRgpl4-RlS8qBw-PUWOZ0S2AeX7ANrUi6tRmsmnJsUNXO7Kgjk8D0TkHx54R8-HRn3nABRsPSYsUuIte6geAZW4ztRP7Qi38Ts-jHCV-zdSHQSd0T5dXwIqTrJsgoclxfEP8BVhQJn5K0E-s2cDD5cINQO6WX1hKC9n0Csn7ln8-jpBwK54phpiBCZvSY1-aYoIR9CRjhn_WAusrlt6bZJ8Da24AOrk7P3VlUBsYXOnAL_OsaptwYmR4QvQ4OfDLudev5eSTF7bXKhHHkc_ujVHrusbLdAGBAeCT0Glq3iwNJaUQDn0H3WFvR09ItLQ-3MnDmSBNI8VeoCYGWnxxhHlYaaej9auZQz8UKklubY5_24wmzddQ1xcp_EnC_chqp&sai=AMfl-YQ7Y0HORCfE-3svtlfk1NCEwPiF-Aa7aWFAn7UX6mNFNnnME9YHRgFJkATpj6yrg1sRS5VIc3F7jtu5UeSw0SYIK9rilij8zH1fvphOQXCVxyN5VOG_l4vyTyRgMV9QsoZtoiEf6JkvCLB8pZGYNZQ&sig=Cg0ArKJSzLXnG3GlMSBIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E625 0
26 B 111ms
111ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwar8TIQTnmITmKmpP3f3zcZcvcIE4efa958b0DDRn0X5_829_YtgUaioA2PPXju0l4UQz6fRkjLVPmd0_3CiaRsIWHlnR9Ad7B8zv5eGNXQTyIdm0x8s39iAFpSV9dB1JtM8zpv6whINpFjeIA_0e_RlFgJZesptErmTkkG5J1O3Zv7dtufvU4j0FFBBPFjLaBzXRDDiKRAWADh1i7h85nevie4NsU7ujw2fJm6-UeGSYV32x-IDQKn6OKybx7_dDA9k5utVYdBz96GdyhXkHDUxJVVADZ0A4cKu5k9tiyVU2s_Rq7J67l2kUSyUoZX-w68KSzd1wth471SXPYFMudJQG2jnlP9UfkY_RDCScmEplo3tPDQ&sai=AMfl-YRgGfgrKXt3lDV1_lWLtxssi08pYbaWQSmesbe-UQFhuATdG6HF3pgPtu_VflOeqhgd-DbV2TsBZ-y8pX4HNnl7WBJG0PbFZ_0jWQr1SigE5mdG4AZymcSS4E5PgJZdpRsH8W5IFZbJZT6tMdlI3kY&sig=Cg0ArKJSzERAug7U9yMaEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/ Frame 58BE 3 KB
0 438ms
438ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Sep 2024 01:27:53 GMT

GET
H3 200 ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 58BE 204 KB
0 464ms
464ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64898
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Aug 2024 02:17:11 GMT

GET
H2 200 moatad.js
z.moatads.com/craindfp44917164363/ Frame 58BE 10 KB
0 5ms
5ms Script
application/x-javascript 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/craindfp44917164363/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-51-58-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vhllMQq6aHL0wqgkGTf5Aw==
storage-tier: Standard
content-length: 3856
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:07 GMT
opc-request-id: iad-1:wR24524ijGWB1rvYJcjGcAdIqZKEQsi-tWqWgQg-0C2XnDs8boWbN4wkXWMScmnG
x-api-id: native
etag: 001ba0e4-6408-48ba-b7a3-18af31904bce
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 438c0f49-c157-4286-81f2-36c01f2a344f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=31220
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 16993375091110671538
tpc.googlesyndication.com/simgad/ Frame 58BE 65 KB
65 KB 392ms
122ms Image
image/jpeg 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16993375091110671538

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c72f7117f8074a4938b64c241b62929ce19615e9766d4a8c6cff8608735e5fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sat, 24 Aug 2024 20:23:41 GMT
x-content-type-options: nosniff
age: 105109
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66905
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 19:29:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Aug 2025 20:23:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/ Frame 13FB 3 KB
0 47ms
47ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Sep 2024 01:27:53 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 13FB 204 KB
0 454ms
454ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d605368ba73813b6dc99edf17ebaf694895e3c2a29700b3d1a2f64a00db2a3d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64898
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Aug 2024 02:17:11 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame 13FB 10 KB
0 0ms
0ms Script
application/x-javascript 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/craindfp44917164363/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-51-58-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vhllMQq6aHL0wqgkGTf5Aw==
storage-tier: Standard
content-length: 3856
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:07 GMT
opc-request-id: iad-1:wR24524ijGWB1rvYJcjGcAdIqZKEQsi-tWqWgQg-0C2XnDs8boWbN4wkXWMScmnG
x-api-id: native
etag: 001ba0e4-6408-48ba-b7a3-18af31904bce
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 438c0f49-c157-4286-81f2-36c01f2a344f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=31220
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 17256545596353978317
tpc.googlesyndication.com/simgad/ Frame 13FB 27 KB
27 KB 368ms
98ms Image
image/jpeg 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17256545596353978317

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44775fb5108d392e83241ce0f915ec94a8bf9f3982d9f720eb6904415eb7d3df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

allow-fenced-frame-automatic-beacons: true
date: Mon, 19 Aug 2024 04:16:21 GMT
x-content-type-options: nosniff
age: 595149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27391
x-xss-protection: 0
last-modified: Fri, 16 Aug 2024 12:20:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Aug 2025 04:16:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/ Frame 902A 3 KB
0 48ms
48ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Sep 2024 01:27:53 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 902A 204 KB
0 442ms
442ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d605368ba73813b6dc99edf17ebaf694895e3c2a29700b3d1a2f64a00db2a3d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64898
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Aug 2024 02:17:11 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame 902A 10 KB
0 0ms
0ms Script
application/x-javascript 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/craindfp44917164363/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-51-58-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vhllMQq6aHL0wqgkGTf5Aw==
storage-tier: Standard
content-length: 3856
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:07 GMT
opc-request-id: iad-1:wR24524ijGWB1rvYJcjGcAdIqZKEQsi-tWqWgQg-0C2XnDs8boWbN4wkXWMScmnG
x-api-id: native
etag: 001ba0e4-6408-48ba-b7a3-18af31904bce
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 438c0f49-c157-4286-81f2-36c01f2a344f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=31220
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 13352690025645360862
tpc.googlesyndication.com/simgad/ Frame 902A 36 KB
36 KB 420ms
151ms Image
image/jpeg 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13352690025645360862

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

717f0eab31b50a7bd1a49df754c241fda5f3b1031701c1c7a718b9137d72dbb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Tue, 26 Aug 2025 01:35:30 GMT
date: Mon, 26 Aug 2024 01:35:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36872
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 20:07:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/ Frame E1E3 3 KB
0 49ms
49ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Sep 2024 01:27:53 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E1E3 204 KB
0 428ms
428ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d605368ba73813b6dc99edf17ebaf694895e3c2a29700b3d1a2f64a00db2a3d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64898
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Aug 2024 02:17:11 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame E1E3 10 KB
0 0ms
0ms Script
application/x-javascript 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/craindfp44917164363/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-51-58-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vhllMQq6aHL0wqgkGTf5Aw==
storage-tier: Standard
content-length: 3856
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:07 GMT
opc-request-id: iad-1:wR24524ijGWB1rvYJcjGcAdIqZKEQsi-tWqWgQg-0C2XnDs8boWbN4wkXWMScmnG
x-api-id: native
etag: 001ba0e4-6408-48ba-b7a3-18af31904bce
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 438c0f49-c157-4286-81f2-36c01f2a344f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=31220
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 12328937770629736648
tpc.googlesyndication.com/simgad/ Frame E1E3 51 B
176 B 122ms
122ms Image
image/gif 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12328937770629736648

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a926196a97d8e400c8c714bcc663de7e30e226928ed7432e3c8f03ba9183eab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 23 Aug 2024 09:22:36 GMT
x-content-type-options: nosniff
age: 231174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
last-modified: Wed, 13 Apr 2016 17:30:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Aug 2025 09:22:36 GMT

GET
H2 200 container.html
acd0a51f851dc4fa450f1d424db29953.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 96CE 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://acd0a51f851dc4fa450f1d424db29953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 01:35:29 GMT
expires: Mon, 26 Aug 2024 01:35:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 12328937770629736648
tpc.googlesyndication.com/simgad/ Frame 8B26 51 B
0 124ms
124ms Image
image/gif 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12328937770629736648

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a926196a97d8e400c8c714bcc663de7e30e226928ed7432e3c8f03ba9183eab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 23 Aug 2024 09:22:36 GMT
x-content-type-options: nosniff
age: 231174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
last-modified: Wed, 13 Apr 2016 17:30:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Aug 2025 09:22:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/ Frame 8B26 3 KB
0 51ms
51ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Sep 2024 01:27:53 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8B26 204 KB
0 349ms
349ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d605368ba73813b6dc99edf17ebaf694895e3c2a29700b3d1a2f64a00db2a3d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64898
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Aug 2024 02:17:11 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame 8B26 10 KB
0 0ms
0ms Script
application/x-javascript 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/craindfp44917164363/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-51-58-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vhllMQq6aHL0wqgkGTf5Aw==
storage-tier: Standard
content-length: 3856
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:07 GMT
opc-request-id: iad-1:wR24524ijGWB1rvYJcjGcAdIqZKEQsi-tWqWgQg-0C2XnDs8boWbN4wkXWMScmnG
x-api-id: native
etag: 001ba0e4-6408-48ba-b7a3-18af31904bce
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 438c0f49-c157-4286-81f2-36c01f2a344f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=31220
access-control-allow-credentials: true
accept-ranges: bytes

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 58BE 0
26 B 113ms
112ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszy4KeaMzFRohsKzuXGlmzVfSArygs1frc7eM0h6HFsbdjoWT5-MCCOYlNPi3-J9Ean6wye7nOz2SFy2yJyaO0jRFfJXD3VkB7PQBIf_bQzmRbD_j92lIEqMyvqtn0SkHiFjzO-P_t8EhqHYG2KCX0r771Jk4X_viHq1UR18jmof5Q5m42q2EocOHsna_s6gzEvMleupJw6F8Uw3YLNj47D4r_aHi0T509EWpbMYh3LPtGv-sePcGaN4xwFR33MwJgVQ-RGcBd3QOBTl9MSTSpIO-U4zcxH7jIPXsW0KNDsnk2k-Pp4LTbLOZb8bx_t0BvDON23xaAz0fMn3r3hbbcEPTT42-jBZ_KjKv6UXJ0CbTxB7K1Ag&sai=AMfl-YS21OIhYQ1nnnDaQdMZOpYpqc7IcGFpUCWRg2EzCD6T-n1NoJdMtRBwNOaP_irPZLA_BHo9wCfd-xr4Xcil4NfhjbMZtSs6sI-1x69vcqxjCUL63-PBB7vBe-2mEVqoEmapbzK2cyuNch-qSWaJMF4&sig=Cg0ArKJSzFf8QlJGk6C-EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 13FB 0
26 B 115ms
113ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsse3jhAAGblhzMBNJcNrmJrQatJZTjzIsLekEGEqfZqWfQXjf8b2BtR8HCdwuEClaZpxsQHRHJZHg-vVj1wK9l_w2paChCuKkGzmztAmtkVWqoWvE-jQBUrQ0YjIQGO44qaK5GMqcvjVvvhwq5gqGgQV1pIWjR41c_m6-o7mZJxwdeWPEUGQI9Oq1TCXxSN1EiZ_olpAeq-74_3gHFWr9pz8p-5VisQXDSR1DDFnZjeTGR1bVLL2zeo_5-gSPQYKwju5LrSCns-dasyS-_N1UKtTx-R7r59jG0hJHD9K4LqohK5c9zhmdbj0bkCFgrx4ZQ5a7bBJ-y4tYQsdWfHd4rzj7HeySTbm1atU58Ha2FvVh7im0qivg&sai=AMfl-YSlgXFABim9XwlLitY0Cr3dM5-qK2rOuDU3JHuO2AJnMU8EMcbpGgpmvuR4q58G_N3Fx6NtyQXeVsWMg_BWnM-zm6ameKg_GsDNyZGDrD2tz3jdFTNULmo-6j3-8M3JEOtJkLACxlTEJN45nR1QGAI&sig=Cg0ArKJSzLESyRZ5SGSMEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 902A 0
26 B 115ms
113ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKgOXfMdTtb4MZySWh0T4U4bkvDmW9hFBwfwjjeidl0sJjrSt24Rz3QsjCbr01hobOiMSTVuLNT1bceNZXNANCdywSqybmexlaBPgTDW95YVpbpss40O1LViuCqZ4OG5N2ETCue71pORvcgD1cpoZrqp8w9Bygc0hN_DQisg0VsNKVarEwrrOcoMiZWGmGvRPWEkvYb1dcDfM0pikf94yrJ1IYehITm2JB8Z-Ip8Mru0l_zTqkDW8T_s7chs6YZCBcu_s7hzGPRMRRpmmwg-nRF9kxA-OKuBZADEHv_xa7CbdNfwtrHXOIi0rO9paK9Is3mi3mMRd04b3xnbPhpGqM08o_JNycQMpfev99_963r0dm3YvPgw&sai=AMfl-YQ9niZUBgpKv5GLvefsce1ENNBkoXfADi10KwH8ZBa7EOzyvmEflSjKWTzEebmsToojU4a0HgploM4QLBgEvcorBVtFYvKORmlTr7Wk7LUon1TRxL-NSxGgXnQm8wTPQd1DLX0bA7AhoBbfeSb3Wik&sig=Cg0ArKJSzHWv2fj4azIxEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E1E3 0
26 B 115ms
114ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIVJxAzCDq8C5R5WPYLd981_p17Cd8yom2QuIG-eZjSBD4TL96VlNa_q0RSK_mZ8wq1i-glbvKZDgGwmprgz-kEUygo-74FVwNY_BfVPe2iLvZJnYaSkZBcAPuZu5VHi5_d6Vvgagc9fJboKYyJ2ew-lks9uTy0l7r5npIz6K-kZdk90susuF0Lh7agI8WCYITmnJuf68fjyfVuHN6YVJj5UscpDP_X_t8IDumNbsCtws-w2HY7CjGf8AyV42yjeC1WxmnoXcoIK20LGY1LDfb2_lJDKxApXOXaebyH4aDjq95MHZODdmdF5Vq7q1MNaJyVMkVY4lIjvQHP77BNdHPFt2iOT33GsxS3Dwa7XIAdomS2zgaag&sai=AMfl-YSFntBhthXoL2onXW8UVzezYY6miA49aKmYu_dG3dfVsRRaeGVvjOEefO3N1JRiJUCtvIwTewCc8VO8TjoQxAFVK0u8JRYQmjmq3BP6vRCece67KYPFNo1kERELQs3FEQtB5A-yR9K9z8j6Nrhc7Ck&sig=Cg0ArKJSzPUHXpT1YLI5EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8B26 0
26 B 116ms
116ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbzkeJ5Ygp8hE7IzxdCq-tCErQv4KIykDAOHYw9hG4fau0UsINQTaTi7G8ENxywDX9McTgo-dDT27UHahmXde85vrnMMqUr1mma4Q6cp2fTQfs8zVYqTKkFwfJrIsPk-wXOxkN1ROPlpUTrWqv1OdVJaBwP4xiOqR--ihW5VjLDra2clKvHZ5gO3Sph9zz-R9NWa3m2FKYJUeVvyzU9SqFrarJ44L437iRhmyp0XXKH-3ACUSwV_PNFR2lS-m8YTB9rFFUdVc3xlcFW6uqPlZPH9AUyLjlzyu_IqNxu6l66JJYrcW0kZ2aDDzZp7IYq0geuohDk6LcOhNNll1xfVe9hJGVPxj_81pJhONix3wnn5wl1kY57Q&sai=AMfl-YSrqac4S9eaV1OnpqeWauM39LwICVrHpXQHkPLuLjjOj3NyBdlYm4KENbUXavkX7yleHR52oZYdu62YtaH4lAmL7x4pAv0XChMNAaMBXIFT5SkXcOz8XOIYH1D8AN6TViFkDY6yqwu6rlJnPkWXnm8&sig=Cg0ArKJSzM5u-UqZszUdEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E625 457 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d30820b307020903ce9f7a05f520f7f231beab67fd1a38dc3157109d4a13d50a

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 58BE 457 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f92eac619ddf8f0c3d4811a4148af7149d0619e033654e707adb1c7fa42b2dc9

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 13FB 543 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db377a9b7e365cd88283bed10b6c5f43fcb1683afe0a8738382421615e259327

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 902A 546 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ddcf2d7c1ed2a4344a219bbb47865721c1d9c8db1aa246e5bf22487484ec4af

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1E3 365 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07e6a26d0308ef58ca53b8e71012693ceebe00e1d0094d70a6af25b8b9c818cb

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8B26 365 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91941262d3cc5915ca8a431b42026adb9692961414e82ea9362e509c848a081b

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/ Frame 077B 3 KB
0 52ms
52ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240821/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Sep 2024 01:27:53 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 077B 204 KB
0 295ms
295ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d605368ba73813b6dc99edf17ebaf694895e3c2a29700b3d1a2f64a00db2a3d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64898
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Aug 2024 02:17:11 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/craindfp44917164363/ Frame 077B 10 KB
0 0ms
0ms Script
application/x-javascript 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/craindfp44917164363/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-51-58-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vhllMQq6aHL0wqgkGTf5Aw==
storage-tier: Standard
content-length: 3856
opc-meta-btime: 2024-04-22T05:24:19Z
opc-meta-mtime: 1713763459
last-modified: Mon, 22 Apr 2024 19:37:07 GMT
opc-request-id: iad-1:wR24524ijGWB1rvYJcjGcAdIqZKEQsi-tWqWgQg-0C2XnDs8boWbN4wkXWMScmnG
x-api-id: native
etag: 001ba0e4-6408-48ba-b7a3-18af31904bce
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 438c0f49-c157-4286-81f2-36c01f2a344f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=31220
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 16938990547249472395
tpc.googlesyndication.com/simgad/ Frame 077B 20 KB
20 KB 336ms
148ms Image
image/jpeg 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16938990547249472395

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca3f5d6e15dcbfbb5b053bb71a20773df5aaf61b7b15b7d33b5bf45c2bb7636b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

expires: Tue, 26 Aug 2025 01:35:30 GMT
date: Mon, 26 Aug 2024 01:35:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20783
x-xss-protection: 0
last-modified: Tue, 16 Jul 2024 14:40:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 077B 0
26 B 111ms
110ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukQOuLc1lNIUUurMzTlc0KL670cDEs8OJMqDBpWIn7_xoPpUaXwMmP94G2SXfe8XzVd_tCswsqDmbZ6tBtM8XYmSgUN8lC7pOqecTP5RdX_JBBQJcqIj4lf_XPdYy7EJ83hL-8bJcz19aCk7GFEcXCMrYdsHXutsqI9XQH4kDljDxVNY9_6zGLLCMtMFM37F_B2DR55oxrRqSGNqvVlxa3atf9YsSukEzrOkb7qse22Qq-cxRzARFMoH6uoqVADuq4Fw-UlWqM16mmAWz1DivNHW_6zxeuDt4RAmzGHFckFHT0NtGIyXQ-Kftl5iyAiaE1r-w8VVVwuqzuBd6AjwVCFByiQ8aOd8_yNaKLzBL2r6UAUvTNhw&sai=AMfl-YTRoNVHRCDxWgHOvuRug81RAB9hjNLYTBI_wF9Jg7Zdkd1Cie34xQf9OXwDWFWqBqcg3TM5kZQD-7cghiIg0jMpMXV_VikZVJmxcpDAp6ZxsZX92hG4B5YB3tCE9YPrNjcrT9NyDVPpRkAT4lXfJtU&sig=Cg0ArKJSzCB_Ex0NPs2JEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 187044856 Show response
bat.bing.com/p/insights/t/ 712 B
883 B 105ms
101ms Script
application/x-javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/187044856

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/187044856.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

107bc5efd729985c99cd035ef3e1d1e9b3f8034df064998427e7a5403f89d351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 26 Aug 2024 01:35:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B92DE1EFB9764D53A00161A3737F3E2E Ref B: YTO01EDGE0822 Ref C: 2024-08-26T01:35:30Z
vary: Accept-Encoding
x-azure-ref: 20240826T013530Z-177ffcc9f5d72jzd0vnv5segrn0000000de000000000adrq
content-type: application/x-javascript
x-cache: CONFIG_NOCACHE
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 604
expires: -1

GET
H2 204 0
bat.bing.com/action/ 0
361 B 51ms
48ms Image
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187044856&tm=al001&Ver=2&mid=df8a7208-7135-4ac7-9334-cce3448be54e&sid=7a7a2c40634b11efbfd0f14bdd53547f&vid=7a7aebf0634b11ef9402296968b54fc1&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Flagstar%20bank%20paid%20%241%20million%20in%20bitcoin%20to%20a%20ransomware%20group%20%7C%20Crain%27s%20Detroit%20Business&p=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&r=&lt=3741&pt=1724636125383,,,,,0,1,26,26,178,28,178,2674,2706,2684,3689,3695,3741,,,&pn=0,0&evt=pageLoad&sv=1&cdb=AQAQ&rn=414877

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Aug 2024 01:35:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 523317F334FE4262A8CDB0F008918FF4 Ref B: YTO01EDGE0822 Ref C: 2024-08-26T01:35:30Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 track Show response
trackerapi.ebxcdn.com/v1/ 0
501 B 402ms
163ms XHR
application/octet-stream 2606:4700:3037::6815:25c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trackerapi.ebxcdn.com/v1/track?r=&l=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&sp=70&u=urn:traffic:applet:ejvehkiv&tz=America/Vancouver

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:25c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 26 Aug 2024 01:35:30 GMT
content-security-policy: default-src 'self'
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CzZrN%2BwE57tkB7uCTW71OFtPwxXJIrvr%2Bd4v1BmkVjNu8C7%2FhQuPw2qMkuldiNK0RswqUI0xsOkr8EvjRvJ1aEHMxR8NvGoW3ij1fxhUH9jzY3wI%2Fu9aS2hDF7SpkhjUXdevuIcKzquQm1%2FdScd52VZKrss%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cf-ray: 8b9015e668e538e4-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ Frame 077B 446 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f496004877a9ae51e1a11c48e615a988b1ea887772ac4e88f1b0422ab882200

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H2 200 modules.8da33a8f469c3b5ffcec.js Show response
script.hotjar.com/ 223 KB
56 KB 291ms
85ms Script
application/javascript 18.164.96.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1906609.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-87.jfk50.r.cloudfront.net

Software

Resource Hash

76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 30 Jul 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 1abf103face183cd8172f37e6ac30038.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 2286744
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56385
last-modified: Tue, 30 Jul 2024 14:22:40 GMT
etag: "0728625a147ca79276a1790b9cf3175d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: lmY66Xh2iXiqsunSDC4hUqVrsXUNPdAtj4ngH-xkdBJPVxBSpU0ykA==

GET 89c436af-9388-4561-b245-3c052ee7dcbd
https://www.crainsdetroit.com/ Frame 0
0

GET
H3 200 tag.aspx Show response
ml314.com/ 38 KB
12 KB 32ms
32ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?2572024
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:04:18 GMT
via: 1.1 google
content-encoding: br
age: 1872
x-guploader-uploadid: AHxI1nNOlh4c8i2c4yEiA4Na9jMBM78ArD0BSYapXnH9lwzmlZ_tehS0Kg7DpvgKO1Nepay3YVzfawDX1w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12522
last-modified: Wed, 24 Jul 2024 19:30:50 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1721849450340665
x-goog-hash: crc32c=6sDw2Q==, md5=YyYW/xWCXwMKqzORpY7wQg==
content-type: application/javascript
cache-id: YYZ
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 39162
accept-ranges: bytes

GET
H2 200 ii.js Show response
mb.moatads.com/ 128 B
227 B 69ms
66ms Script
text/html 129.80.52.16
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6711380340&callback=lineItemInfo6711380340Callback_73303961
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.52.16 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 23382e8a8ec5a7f6746a78d26ba9b37b6ff09e37f3050b882371e830f2850458

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:30 GMT
server: istio-envoy
etag: "f7fe0105e1a0a9c5abbdc720f8deff1c993867af"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 6
timing-allow-origin: *
content-length: 128

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 72ms
48ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1724636128731&de=738505329120&rx=455503024899&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=2&cb=1&cu=1724636128731&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6711380340%3A138482970723&zMoatMMV_MAX=na&zMoatPS=interstitial&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3921%3A3921%3A0%3A3690&tz=interstitial&iq=na&tt=na&fs=208210&na=1844717994&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:30 GMT

GET
H2 200 rules-p-J_kXLtyWmukpz.js Show response
rules.quantcount.com/ 160 B
634 B 331ms
75ms Script
application/javascript 2600:9000:21dd:ce00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-J_kXLtyWmukpz.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:ce00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b022a884114de14db9cefdd4d2554c1f281ae12820f33976f3c7e768f7998fbc

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 00:40:00 GMT
via: 1.1 4667374d732461e741437d79cda68ba0.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 3331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:30:53 GMT
server: AmazonS3
etag: "599ac3fe3327eee0bd61b8e478fad20a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: ZVFQwqLlwrNS23NWvVHU99aPjxmH0hShz8u_3Pc_N4yNI0iPyvs74w==

POST
H2 200 delivery Show response
craommunications.tt.omtrdc.net/rest/v1/ 957 B
1 KB 283ms
76ms XHR
application/json 63.140.38.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://craommunications.tt.omtrdc.net/rest/v1/delivery?client=craommunications&sessionId=ca11888b41e6470eb4a936d02a855f15&version=2.10.2

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.217 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-217.data.adobedc.net

Software

jag /

Resource Hash

d8fd265fc5ab4b0a3f7a45543eebe4d678eb7a11285e559ca3cf75cdf4defdf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Mon, 26 Aug 2024 01:35:30 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.crainsdetroit.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 6ea6605e-384d-4d76-b9fb-ce75747b9b8e

GET
DATA 200
OK truncated
/ Frame 50A2 359 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8e4a58f20af6a9e45385388c92b611508d5faf6a6ea3feb3f22208711d49a9d

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

OPTIONS
H2 204 authorization
www.pelcro.com/api/v1/sdk/members/ip/ Frame 0
0 208ms
207ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8b9015e90e0cab60-YYZ
date: Mon, 26 Aug 2024 01:35:30 GMT
expires: Mon, 26 Aug 2024 01:35:30 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H/1.1 200
OK apple-pay-sdk.js Show response
applepay.cdn-apple.com/jsapi/v1/ 162 KB
48 KB 394ms
120ms Script
application/javascript 2620:149:a0e:f000::5
APPLE-AUSTIN

General

Check archive.org

Show headers Download Go to

Full URL

https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2620:149:a0e:f000::5 Newark, United States, ASN6185 (APPLE-AUSTIN, US),

Reverse DNS

Software

Apple /

Resource Hash

afd584eb5736dd0208473226960ee2d03ca960465d28b21bf9e3a610c70899e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 25 Aug 2024 03:58:42 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
content-encoding: gzip
Age: 77809
X-Cache: hit-fresh, hit-fresh
CDNUUID: c23f55dd-116f-4bca-916e-610d892f84a3-3889220525
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 48790
x-xss-protection: 1; mode=block
apple-tk: false
Server: Apple
apple-seq: 0
x-conversation-id: 5aa9ed51-f7aa-6e3e-446f-0f73c24b5e18
apple-originating-system: wp-content-server-prod1-use1
vary: Accept-Encoding
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, stale-while-revalidate=86400, s-maxage=86400
access-control-allow-credentials: false

GET
H2 404 authorization Show response
www.pelcro.com/api/v1/sdk/members/ip/ 76 B
171 B 289ms
288ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2057b29ca580da0aab4aa5c20f0cf9204c5e80025bbcaa343ecefbf0b0f420

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.19.0
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: no-cache, private
cf-ray: 8b9015ea5f14ab60-YYZ

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
201 B 82ms
80ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Aug 2024 01:35:30 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 97D9F6A8B9E94D979C5DB0757FE16998 Ref B: YTO01EDGE0813 Ref C: 2024-08-26T01:35:30Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.crainsdetroit.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYgjCPxO8MpApiMQUw6+Q==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 53ms
52ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F5116716263566628956%3F&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&bq=11&g=0&h=100&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=650&gp=550&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=738505329120&rx=455503024899&cu=1724636128731&m=1695&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=550&lb=4747&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&as=0&ag=173&an=0&gf=173&gg=0&ix=173&ic=173&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=173&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=345&cd=0&ah=345&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6711380340%3A138482970723&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=na&zMoatPS=interstitial&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=DOMSEARCH&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=interstitial&iq=na&tt=na&tc=0&fs=208210&na=1594114461&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E625 0
0 316ms
120ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk0ZVSv6x28bZHOGypieqVhwiSB7t4IPSmetceXsfE61aGJrZ_XpB-4daaZjVM-X0Y8wrswv-Bp0fhNwBpzeTJvOnvjbwO_Ois2RWgN7VcjCzx2ryPyrriQz4Qc87kwVzQY5b2ZJ6qSVE1CVMe9wuOsMckGnW1IQ7-YVPXFGRNV9CD2LxEmKH4U2-xU9LNJTc32nVw4guOJm7gwN7DRIKNk5yqZ6nuDvR1nii8HERpr6QRJEPuR39455Np2G5bFexjb3fh8zHHDxkW3mBKkTKi6UxfMWKcsu1hdO6bXMvZrVxdL98oNTlsahWUood6op2MAG45Sfy-hlfH5M3LaRODMnfDxq-hqGuBg4_M8x2rZU5I-K8gFf8W&sai=AMfl-YRlgzcqq-F3XpmGO29cIHz-ywvtUg-dUTTscY5Xan1_jjVv3VOax31-3_-ICJFXeAOcPCaUBt6vGIDw5O42ZSLn2T1k3iTWj_27lvRTqNzSe-uobNGcc14oIUCVxzyNpI91I8wI3EdiFvVkOrJAnQ8&sig=Cg0ArKJSzK1TKbN23fxHEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Aug 2024 01:35:31 GMT

GET
H2 200 ii.js Show response
mb.moatads.com/ 43 B
118 B 64ms
63ms Script
text/html 129.80.52.16
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6727407095&callback=lineItemInfo6727407095Callback_73303961
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.52.16 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: c7c2959dfa1588ba1be5ed9fe4d6b5900048b0a4c797c7c31a4c452361577518

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:30 GMT
server: istio-envoy
etag: "92fe04c953112066a41d4b5f74c2887631ffe269"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 4
timing-allow-origin: *
content-length: 43

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 13FB 0
0 269ms
122ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOBIAxE8rVpczub11NV53k-2iIFZfnjJGrMNMU7ZXW92qdBKiG3G8Ebcl--QwL1tpFkPVhpAW_0hKS7gY6yfee-OAjC-GE14CMhHL_xs9aTQ_LANOF91gynEVhJe2raUu6zYwkwwrMCjsX06VCkehL3DQMN8HHeHMmgF22T4QtLAGxLISi8oj2P27RnndLvvCJ2q4a-KfYcR8vSeMR_XN-ZisM7g3lCig0hRAJlkXbTvuWUhXRQKtAp_6-jGbyPY2mqoNPpLEhai2jdQGuSytXifzD8OikKnwQTrs8oJUPudQA5zb_9iJ6sHpj6V6t5zy0OOImEOfwe5IuOFojlPcLkCRthWZ7HI__aAdD7sbI5y1EUSnTIZK3&sai=AMfl-YSXpCmsAVIpqkZ8CQAi1ZRa89yWPLCfF6M3BI_LJWejkVzkvUbXXVaRCG09MeRITIKIUhID1j3LAcsY3WxcntbU1hVALR_UgPlciqk90zWNmwt03ISBNlHCmS8pF7EvtPuezrcuYOgYvKgRtJYPFQA&sig=Cg0ArKJSzGsrhoD79tOCEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Aug 2024 01:35:31 GMT

GET
H2 200 ii.js Show response
mb.moatads.com/ 128 B
228 B 76ms
74ms Script
text/html 129.80.52.16
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6767184699&callback=lineItemInfo6767184699Callback_73303961
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.52.16 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 537571535e6644ba898574419a2b3c843e00efbda871650b4e0df90b2863cff1

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:31 GMT
server: istio-envoy
etag: "424dc7966e0f36810ab2299a12457ecef4ec940f"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 11
timing-allow-origin: *
content-length: 128

GET
H2 200 0.7.44 Show response
bat.bing.com/p/insights/s/ 35 KB
15 KB 50ms
50ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.44

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/187044856

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0af02a29fef2b9f1bb1cd699d6cac52dc69c6d8f83b0d4f3631d99ac675cde65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 26 Aug 2024 01:35:30 GMT
x-cache: CONFIG_NOCACHE
x-fd-int-roxy-purgeid: 51562430
content-length: 15148
last-modified: Tue, 20 Aug 2024 14:50:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A1E5909761B848E283220A3E0A62186E Ref B: YTO01EDGE0822 Ref C: 2024-08-26T01:35:30Z
etag: W/"0x8DCC127812220E2"
vary: Accept-Encoding
x-azure-ref: 20240826T013530Z-177ffcc9f5dx6h2rf4fdte2ps40000000e9g00000000ar7k
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: b1c6c93c-001e-0034-0b9a-f31d13000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 902A 0
0 181ms
122ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssg_zDKhlkY-EN1IjlfK6dgUVfZdjRZAOxJmD5KLnz9Vu21Is4wcIPFVZrWiXxOB6fjLCKOBifPWmt8B4TE8z0E3XppTuJ3eMEkSE7IJOA56rIauVvSMh79p1PFyrAhtqlA1U5i6yFyC3fCuM7sszY6mpXL8LiMQy8BcAs6wQ2n7Rl8JYzKcT-FAzPwOnUnqeZmyokEpjgoTsQBu9ey0LT7wHoeangoKZDDOeiqn3P9bZLngcuDtxaJi5pWvE_Cdv7M0NWmc_OR0mGEWC6S7vzAYWNdtMCq2Sy57s_2yTeLeZITQnJ5arL3TsVgfvVJ90T3D1EFY7IOvspYc_RrFiiIXx6vxS9HFn1KJ-Lg15ROEVa8SouIgHYN&sai=AMfl-YRuBLUlibK1I3b79XPF5GsFutknhJnoMhssMIM1lIc07BlhRHQZZPep_nSRhNKPDMBpjXjS10eH2_SxON4uocHJEvOCDJ8IkHcrPNFNoTLS2JFNXkmMyLA_dhbw-yvSt44oj8vYcujV3Br3p5luZUE&sig=Cg0ArKJSzJW3SC1aVIvyEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Aug 2024 01:35:31 GMT

GET
H2 200 ii.js Show response
mb.moatads.com/ 128 B
201 B 93ms
93ms Script
text/html 129.80.52.16
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6478990289&callback=lineItemInfo6478990289Callback_73303961
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.52.16 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 8a8e014889df6548ac8fdfba4eb5da266ebf0938f184eabf520f78ec2b074fd6

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:31 GMT
server: istio-envoy
etag: "86516e4a1f889768d819c7613dd30a8866ad072d"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 9
timing-allow-origin: *
content-length: 128

POST
H2 200 plan Show response
www.pelcro.com/api/v1/sdk/ 3 KB
1 KB 240ms
238ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/plan

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b7b687fa1ad2aacb0d8cd5fe8c5b3c8e752adc8b7bf41f1d19739002e930029

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.crainsdetroit.com/
X-Pelcro-Sdk-Version: 2.19.0
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

date: Mon, 26 Aug 2024 01:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=0
cf-ray: 8b9015ed396fab60-YYZ
expires: Mon, 26 Aug 2024 01:35:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 50ms
49ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1724636128731&de=12518282&rx=455503024899&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=3&cb=1&cu=1724636128731&ll=2&lm=0&ln=0&em=0&en=0&d=5358421904%3A3568691461%3A6759380348%3A138485581116&zMoatMMV_MAX=slotNoHistData&zMoatPS=NTV_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=0x0&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3921%3A3921%3A0%3A3690&tz=NTV_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&fs=208210&na=1027040053&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:31 GMT

OPTIONS
H2 204 plan
www.pelcro.com/api/v1/sdk/ Frame 0
0 262ms
260ms Preflight 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/plan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type,x-pelcro-sdk-version
Access-Control-Request-Method: POST
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: cache-control,content-type,x-pelcro-sdk-version
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8b9015eb980cab60-YYZ
date: Mon, 26 Aug 2024 01:35:31 GMT
expires: Mon, 26 Aug 2024 01:35:31 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 077B 0
0 112ms
111ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAl31ech3K3FWxtOVm9kA2wDMnYQ685BfmlhZywOxuppZ1crdFfKWktyS5mbXwMNP7YVCW9kIaPvfp7Wh26THP5gzxESglnMgf2aQkKwdEL_Hpz4YJwy0he1FXKYSeD_FttE4ri6QixZ87db7D-WIFOHZIb_wxFsdTd_ZyXBRAHtKLl7imwdusqR-Zbvokrqnl9IqaE_JXWYlfGmHMcVp4sdxcpM2Zx5DY56bZ5k0OqzC8zx6o5hsY5GKPxaFvtm86XWo0lZ3J3Sn8WFGJJ8qlceki0y0ApclMWdqFlcV0AUoyEN3ltUNsv-x7UVg5WVrzUAZjikaMXyOMvdkr8H-jVY9D7cwmRJC34yiWkqXOuMSDJIPB8-qt&sai=AMfl-YR8PiErxLkQpUfOGowbCpEpmx8Whqnv92JaJdZVXcCilgM9I_y9bPULJRkwVLW71LZNqsjposjEwdeDOkSQHTekXOkd2BFk_uf6cGxEC6jKD2wLSvTnJf4aTMFNfFaK3_Fo_iTbH14ucJ8coCHqhnw&sig=Cg0ArKJSzFBbGTv53gGWEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Aug 2024 01:35:31 GMT

GET
H2 200 ii.js Show response
mb.moatads.com/ 128 B
200 B 67ms
67ms Script
text/html 129.80.52.16
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6755207713&callback=lineItemInfo6755207713Callback_73303961
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.52.16 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 5faef0203d07eb1e6e5cf5ec3c0780da0075a67d7a078bc8dbe31379520aa23b

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:31 GMT
server: istio-envoy
etag: "c81aaeb1c0f95c92c6248a5f8cfc424b6a6318ce"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 4
timing-allow-origin: *
content-length: 128

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8B26 0
0 129ms
129ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbfWfKjtyprLPTxbfrdRaTyYjAi8m9IqsTRHFSVFksc9QoIiD3pZhQS3LFrcK_gPXDgqQQcRd2MwqkcYjjbfHryIL4Fe1mFjqGkiEAST7ct-hr-g7ZHcDRckbK_03c9Jb_Qn6hKvo5Er-Vkl0MxplssMnCAONllesG3TEZVAtggAdzCdiSVSk3c_JCeRPUQIzqyLZ_KCtyOwaHr9dxshtjsqHzEnfHDeSonctukQJHZJb0YbOkLpg3MuPKQtlS23WPp7x5pwK5Q2o24w6WMTQdYlDDTaBKfjcmVJmhf8bCGJ32hPkOdFofSjmLwv0cSPaGmoYSJ48dXbcZkatH3NB33HLFGBBwSxv2bDYJiKuMsIjuiKuvSnPp&sai=AMfl-YSdmVfA48NtcV4zXmcvLQFDCG8QXJehGcOMTevw5qfHaPpxK__BppaqPa6Uk8rEk3Y0J1ljw80UHliBxBdhfxa_izqUdgM9JWTQHlNA3CClQ_sgJcmreeshTFchLEGj9LcJqynupIWFjZcdW2R9ias&sig=Cg0ArKJSzKpFrARGWOtgEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Aug 2024 01:35:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E625 0
0 318ms
111ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 13FB 0
0 426ms
110ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 s88111440174395 Show response
crain.112.2o7.net/b/ss/craindetroit/1/JS-2.20.0/ 43 B
392 B 384ms
76ms XHR
image/gif 63.140.39.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://crain.112.2o7.net/b/ss/craindetroit/1/JS-2.20.0/s88111440174395

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.65 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-65.data.adobedc.net

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 01:35:31 GMT
server: jag
etag: 3703627890400788480-4618492038666992491
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.crainsdetroit.com
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 25 Aug 2024 01:35:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 902A 0
0 410ms
110ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1E3 0
0 511ms
108ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 107 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b98c22958e1ca412ad825cb5462746ef42eedb75b967aa954879b3eab227f2c8

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E1E3 0
0 112ms
111ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_UOF_Gw4S0RCU1dVkDNjXkZG5ncTjQnujouOXqx-A1TKHZ6DyMIO5CYPs_gz8Fg6xWsPOh8q4XyWwJ4vzpVyV8S0yRUYcDwg4zqhJW2cU3pboo6wD07mdjaqMUNOuxC1eu2oHZdobuxNCddL4jXFK-yRw-DN11lltvKmvmhyyL_o_yHAxxS7gdYI1YpHAjgLpz0ZW0JQpXaJnoKmGTe7SDUL38tRBRN3b5DQXsSB27Yq3jYfny5ncHCTsXv4WIXI-d3isxIDMSa2htKGA_T6DjvV8J9-uBftkMavPV1Q204DJ-PO0XZQPNtdMK8ZIPwsE9_OIB5JvznnSMZvHYzrItITOZygpVj2ef2r2-Rbg9Q-U4DQpurn7&sai=AMfl-YRtjNTtRVJ1Y5nSWpdNSGUxrTMnV3pVbR5SCg-ZelKZ7ntQd7JXJuUYT35qUywr3VmEOYc1CIXO7wAqHai9QDOTDmjk2KTqd7eYWaUzOGF7rPbGOw1ifyikjXMEr1QsRbUrv5MyD1-7Ctp77rzuvmU&sig=Cg0ArKJSzJtNuyo9bWcMEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Aug 2024 01:35:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 077B 0
0 591ms
110ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B26 0
0 701ms
112ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 52ms
50ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1724636128731&de=909855464414&rx=455503024899&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=4&cb=1&cu=1724636128731&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6727407095%3A138476415646&zMoatMMV_MAX=slotNoHistData&zMoatPS=LB_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3921%3A3921%3A0%3A3690&tz=LB_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&fs=208210&na=587996519&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:31 GMT

GET
H2 200 pixel;r=727381828;rf=0;a=p-J_kXLtyWmukpz;url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group;uht=2;fpan=1;fpa=P0-634259154-172463613043...
pixel.quantserve.com/ 35 B
409 B 73ms
55ms Image
image/gif 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=727381828;rf=0;a=p-J_kXLtyWmukpz;url=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group;uht=2;fpan=1;fpa=P0-634259154-1724636130439;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=pai;gdpr=0;ref=;d=crainsdetroit.com;dst=1;et=1724636131394;tzo=420;ogl=site_name.Crain's%20Detroit%20Business%2Ctype.article%2Curl.https%3A%2F%2Fwww%252Ecrainsdetroit%252Ecom%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitco%2Ctitle.Flagstar%20paid%20%241M%20bitcoin%20ransom%20after%20cyberattack%20in%202021%252C%20court%20filings%20show%2Cimage.https%3A%2F%2Fs3-rd-prod%252Ecrainsdetroit%252Ecom%2Fstyles%2F1200x630%2Fs3%2F2JEN3RX%252Ejpg%2Cimage%3Aurl.https%3A%2F%2Fs3-rd-prod%252Ecrainsdetroit%252Ecom%2Fstyles%2F1200x630%2Fs3%2F2JEN3RX%252Ejpg%2Cupdated_time.2024-03-13T12%3A21%3A03-04%3A00;ses=23846d0a-5136-4c20-ba6d-e291f8a191f6;mdl=
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:31 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ii.js Show response
mb.moatads.com/ 134 B
211 B 70ms
70ms Script
text/html 129.80.52.16
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=6759380348&callback=lineItemInfo6759380348Callback_73303961
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.52.16 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 2edcb699eefebd736e8e59f6bedd08f30eac8a2c40ce5a9f92d654093a8bdff0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:31 GMT
server: istio-envoy
etag: "bb7d9c184959dfe77a24c088557da19690682947"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 7
timing-allow-origin: *
content-length: 134

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 110ms
110ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.crainsdetroit.com%2F%2Fbanking-finance%2F-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=0&h=90&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=261&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=909855464414&rx=455503024899&cu=1724636128731&m=2167&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=261&lb=3953&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&as=0&ag=89&an=0&gf=89&gg=0&ix=89&ic=89&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=89&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=178&cd=0&ah=178&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6727407095%3A138476415646&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=LB_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=DOMSEARCH&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=1568742397&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:31 GMT

POST
H2 204 f Show response
bat.bing.com/p/insights/c/ 0
214 B 72ms
67ms XHR
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/f

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/x-webinsights-gzip
Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Aug 2024 01:35:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 72FFC52289114A40AE4BD83D0BB53910 Ref B: YTO01EDGE0822 Ref C: 2024-08-26T01:35:31Z
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://www.crainsdetroit.com
access-control-allow-credentials: true
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 51ms
49ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1724636128731&de=333650928593&rx=455503024899&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=5&cb=1&cu=1724636128731&ll=2&lm=0&ln=0&em=0&en=0&d=5649190773%3A3576598246%3A6767184699%3A138486565603&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3921%3A3921%3A0%3A3690&tz=REC_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&fs=208210&na=626599696&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 113ms
109ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F17256545596353978317&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=333650928593&rx=455503024899&cu=1724636128731&m=2253&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3953&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&as=0&ag=44&an=0&gf=44&gg=0&ix=44&ic=44&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=44&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=88&cd=0&ah=88&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5649190773%3A3576598246%3A6767184699%3A138486565603&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=848077294&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 49ms
48ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1724636128731&de=949092780558&rx=455503024899&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=6&cb=1&cu=1724636128731&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6478990289%3A138467128672&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_02&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=300x600&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3921%3A3921%3A0%3A3690&tz=REC_02&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&fs=208210&na=1544851540&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:31 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E625 42 B
65 B 111ms
111ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJt_AHGFvfBQmpOE6Gn9QgRwsjqrVV-W5r1w9P7wnA2MYFKSibmu-lFgfXeDiULiJJIfsyayVSMY-NMOIrfE31YuxUGRSVxe9DS_q2sD6vrME67PXw_NMrjcHQN9t3B9FB9gxb10Nqm3sbI3prQb7pYRA2pRmnLX0&sig=Cg0ArKJSzMNJzvfEQaaUEAE&id=lidar2&mcvt=1000&p=261,436,351,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240821&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3277692642&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2056893000&rst=1724636129794&rpt=1083&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 115ms
114ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F13352690025645360862&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=949092780558&rx=455503024899&cu=1724636128731&m=2299&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3953&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=47&cd=0&ah=47&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6478990289%3A138467128672&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_02&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=300x600&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_02&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=1075856856&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:32 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 13FB 42 B
65 B 118ms
118ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuA6Agn9KV3AeOy31WCX-9U2U5Yb56BXDfG2gJrK-CZFA21y5GTgmKYdb-wYEWRLqUWy23SBGwPL2uctrFuU9cDFpQuP2lETJ3bTgZ2Tdpmt0F4FbN-rPf96Tv_8DtG9VcDdzEbzYCF28TNqE881Hzs-D18FEx2kcE&sig=Cg0ArKJSzB7wWrbsJm2yEAE&id=lidar2&mcvt=1000&p=553,1130,803,1430&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240821&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2444400267&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2056893000&rst=1724636129852&rpt=1078&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 49ms
49ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1724636128731&de=554471553936&rx=455503024899&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=7&cb=1&cu=1724636128731&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A418459684%3A6354644058%3A138442311334&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_03&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=1x1&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3921%3A3921%3A0%3A3690&tz=REC_03&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&fs=208210&na=1397711766&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 48ms
48ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1724636128731&de=628111073001&rx=455503024899&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=8&cb=1&cu=1724636128731&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A2827089045%3A6755207713%3A138482659322&zMoatMMV_MAX=slotNoHistData&zMoatPS=LB_03&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=970x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3921%3A3921%3A0%3A3690&tz=LB_03&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&fs=208210&na=1366553315&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 108ms
108ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16938990547249472395&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=0&h=90&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=628111073001&rx=455503024899&cu=1724636128731&m=2433&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=3953&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=134&cd=0&ah=134&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6755207713%3A138482659322&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=LB_03&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=970x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_03&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=1204443551&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 51ms
49ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1724636128731&de=683038950359&rx=455503024899&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=9&cb=1&cu=1724636128731&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A418459684%3A6354644058%3A138441589527&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_04&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=1x1&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3921%3A3921%3A0%3A3690&tz=REC_04&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&fs=208210&na=554936368&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 113ms
112ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&h=100&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=650&gp=550&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=738505329120&rx=455503024899&cu=1724636128731&m=2519&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=550&lb=3953&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&as=1&ag=1002&an=173&gi=1&gf=1002&gg=173&ix=1002&ic=1002&ez=1&ck=1002&kw=1086&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1002&bx=173&ci=1002&jz=1086&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1086&cd=345&ah=1086&am=345&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6711380340%3A138482970723&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=na&zMoatPS=interstitial&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-interstitial5&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=interstitial&iq=na&tt=na&tc=0&fs=208210&na=2072288803&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 61ms
60ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=2&h=100&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=650&gp=550&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=738505329120&rx=455503024899&cu=1724636128731&m=2520&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=550&lb=3953&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&as=1&ag=1002&an=1002&gi=1&gf=1002&gg=1002&ix=1002&ic=1002&ez=1&ck=1002&kw=1086&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1002&bx=1002&ci=1002&jz=1086&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1086&cd=1086&ah=1086&am=1086&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6711380340%3A138482970723&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=na&zMoatPS=interstitial&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-interstitial5&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=interstitial&iq=na&tt=na&tc=0&fs=208210&na=446896827&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 130ms
119ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=3&h=100&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=650&gp=550&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=738505329120&rx=455503024899&cu=1724636128731&m=2521&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=550&lb=3953&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&as=1&ag=1002&an=1002&gi=1&gf=1002&gg=1002&ix=1002&ic=1002&ez=1&ck=1002&kw=1086&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1002&bx=1002&ci=1002&jz=1086&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1086&cd=1086&ah=1086&am=1086&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6711380340%3A138482970723&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=na&zMoatPS=interstitial&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-interstitial5&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=interstitial&iq=na&tt=na&tc=0&fs=208210&na=1799443579&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 52ms
51ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.crainsdetroit.com%2F%2Fbanking-finance%2FIFRAME&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=0&h=214&w=320&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1120&gp=2843.171875&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=12518282&rx=455503024899&cu=1724636128731&m=2672&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=2843.171875&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=152&cd=0&ah=152&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5358421904%3A3568691461%3A6759380348%3A138485581116&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=NTV_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=0x0&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=NTV_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=1782585140&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 108ms
107ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&h=90&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=261&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=909855464414&rx=455503024899&cu=1724636128731&m=3154&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=261&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&as=1&ag=1081&an=89&gi=1&gf=1081&gg=89&ix=1081&ic=1081&ez=1&ck=1081&kw=968&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1081&bx=89&ci=1081&jz=968&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=968&cd=178&ah=968&am=178&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6727407095%3A138476415646&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=LB_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-CrainMulti&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=1792023501&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 81ms
79ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=2&h=90&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=261&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=909855464414&rx=455503024899&cu=1724636128731&m=3155&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=261&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&as=1&ag=1081&an=1081&gi=1&gf=1081&gg=1081&ix=1081&ic=1081&ez=1&ck=1081&kw=968&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1081&bx=1081&ci=1081&jz=968&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=968&cd=968&ah=968&am=968&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6727407095%3A138476415646&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=LB_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-CrainMulti&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=553798409&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 66ms
61ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=3&h=90&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=261&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=909855464414&rx=455503024899&cu=1724636128731&m=3155&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=261&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&as=1&ag=1081&an=1081&gi=1&gf=1081&gg=1081&ix=1081&ic=1081&ez=1&ck=1081&kw=968&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1081&bx=1081&ci=1081&jz=968&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=968&cd=968&ah=968&am=968&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6727407095%3A138476415646&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=LB_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-CrainMulti&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=487624056&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:33 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 116ms
112ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=333650928593&rx=455503024899&cu=1724636128731&m=3362&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&as=1&ag=1155&an=44&gi=1&gf=1155&gg=44&ix=1155&ic=1155&ez=1&ck=1155&kw=992&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1155&bx=44&ci=1155&jz=992&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=992&cd=88&ah=992&am=88&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5649190773%3A3576598246%3A6767184699%3A138486565603&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=1330458710&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:33 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 65ms
63ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=333650928593&rx=455503024899&cu=1724636128731&m=3363&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&as=1&ag=1155&an=1155&gi=1&gf=1155&gg=1155&ix=1155&ic=1155&ez=1&ck=1155&kw=992&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1155&bx=1155&ci=1155&jz=992&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=992&cd=992&ah=992&am=992&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5649190773%3A3576598246%3A6767184699%3A138486565603&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=139493515&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:33 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 141ms
137ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=333650928593&rx=455503024899&cu=1724636128731&m=3363&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&as=1&ag=1155&an=1155&gi=1&gf=1155&gg=1155&ix=1155&ic=1155&ez=1&ck=1155&kw=992&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1155&bx=1155&ci=1155&jz=992&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=992&cd=992&ah=992&am=992&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5649190773%3A3576598246%3A6767184699%3A138486565603&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=397788244&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:33 GMT

POST
H2 201 i Show response
r.lr-ingest.com/ 26 KB
26 KB 627ms
185ms XHR
application/json 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.com/i?a=wlb5gx%2Fdrupal-sites&r=5-be361f5c-738f-4abe-b0ac-eb2afde41bae&t=4b13548f-e0af-4532-9c46-9a1686897892&s=0&rs=0%2Cu&u=4682ed55-cc18-4fd9-8882-b17e730d4a3f&is=1

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/logger-1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

/ Express

Resource Hash

a942b43c5f309d6797d9b07c953efff6a6be19754012ea831ffdd484e6fea412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
X-LogRocket-Relay-Version: 2023.12.0

Response headers

date: Mon, 26 Aug 2024 01:35:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
etag: W/"6660-nDmrLHItTAmLD0UeYryP3G+BwQA"
x-powered-by: Express
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
content-length: 26208

OPTIONS
H2 204 i
r.lr-ingest.com/ Frame 0
0 485ms
111ms Preflight 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.com/i?a=wlb5gx%2Fdrupal-sites&r=5-be361f5c-738f-4abe-b0ac-eb2afde41bae&t=4b13548f-e0af-4532-9c46-9a1686897892&s=0&rs=0%2Cu&u=4682ed55-cc18-4fd9-8882-b17e730d4a3f&is=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-logrocket-relay-version
Access-Control-Request-Method: POST
Origin: https://www.crainsdetroit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Mon, 26 Aug 2024 01:35:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 ii.js Show response
mb.moatads.com/ 41 B
137 B 73ms
70ms Script
text/html 129.80.52.16
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=__page__&callback=lineItemInfo__page__Callback_73303961
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crainprebidheader782626518086/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.52.16 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 8f33fad0f3444ce01079f7dda563b82c161e16e6d65ea99e49350004e2f6ae05

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:33 GMT
server: istio-envoy
etag: "82887a00b1d45dd02d9f180888b1dcfa425d613e"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 6
timing-allow-origin: *
content-length: 41

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 55ms
53ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRAIN_PREBID_HEADER1&hp=1&sst=1&wf=1&ra=5&pxm=3&sgs=6&vb=10&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1724636128731&de=692460604966&rx=455503024899&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=10&cb=1&cu=1724636128731&ll=2&lm=0&ln=0&em=0&en=0&d=crainsdetroit.com%3AFlagstar%20paid%20%241M%20bitcoin%20ransom%20after%20cyberattack%20in%202021%2C%20court%20filings%20show%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3921%3A3921%3A0%3A3690&fs=208210&na=1450658241&cs=0
Requested by: Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:33 GMT

GET
H2 200 nr-rum-1.264.0.min.js Show response
js-agent.newrelic.com/ 50 KB
16 KB 311ms
22ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum-1.264.0.min.js

Requested by

Host: www.crainsdetroit.com
URL: https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5e4322f93284388da5a74a419b92efd60fb9004b76b20c2a009d500f03fec09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.crainsdetroit.com/
Origin: https://www.crainsdetroit.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: nj25LHAYzwu_2iFhz9FW359af0HHOlHx
content-encoding: br
via: 1.1 varnish
date: Mon, 26 Aug 2024 01:35:33 GMT
strict-transport-security: max-age=300
x-amz-request-id: F8HS2Q4S089Q1JF4
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15827
x-amz-id-2: 2z0a5kUCvi27Y9Wjx1b3vkfX4kW5sHjb7PPks6G9Cx0gs/f0O76UJ2l6sJk6HsyoX0P9jogeoRQ=
x-served-by: cache-yyz4565-YYZ
last-modified: Tue, 06 Aug 2024 22:33:26 GMT
server: AmazonS3
etag: "7d1f62cf6e54173e0dee10110d44e970"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 179790

GET
H3 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame AB5E 0
0 58ms
57ms Document
text/html 3.168.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

3.168.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-122-103.jfk52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2604
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 26 Aug 2024 00:52:10 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 16 Aug 2024 23:35:56 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 bf49868a84302f57b8f20d68a5a57812.cloudfront.net (CloudFront)
x-amz-cf-id: N3Kms4lq9avTTdesyhu7NCrwcEThGEXD24ZR39OS4pIdva4iglpUig==
x-amz-cf-pop: JFK52-P7
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 412ms
141ms XHR
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202408200101&st=env

Requested by

Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d7b165dd68f2612f3a93ce79af9b03b3702cfa5aa82effcd0eac48e5598cf76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13072
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 126ms
124ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=5&pxm=3&sgs=6&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.crainsdetroit.com%2F%2Fbanking-finance%2F-&i=CRAIN_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1724636128731&de=692460604966&rx=455503024899&cu=1724636128731&m=4903&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4167&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A3921%3A3921%3A0%3A3690&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=crainsdetroit.com%3AFlagstar%20paid%20%241M%20bitcoin%20ransom%20after%20cyberattack%20in%202021%2C%20court%20filings%20show%3A__page__%3A-&gw=crainprebidheader782626518086&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=1915416802&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:33 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/1a/ 287 KB
62 KB 80ms
75ms Script
text/javascript 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/1a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9278b217cc1ff083b082a4b27ae06ab02f5718c3e1b89db4259c2de4e0db60af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Aug 2024 16:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62706
x-xss-protection: 0
last-modified: Wed, 21 Aug 2024 16:40:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Aug 2025 16:37:13 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/1a/ 180 KB
55 KB 78ms
75ms Script
text/javascript 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/1a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCWX-b-fFSASEKrMmINy_aeU1QsX6j_mmQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55c049dc4a0897a57ffb409bcba45af276a19ef9a4db1abe44fe436f5466545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 25 Aug 2024 22:20:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56074
x-xss-protection: 0
last-modified: Wed, 21 Aug 2024 16:40:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Aug 2025 22:20:10 GMT

POST
H/1.1 200
OK 6e51ac8bf4 Show response
bam.nr-data.net/1/ 150 B
718 B 383ms
186ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/6e51ac8bf4?a=165752170&v=1.264.0&to=bwMEMhYCXUUCUBBbW1ZJJwUQClxYTHcWR0RZCjoICwdWaiBcCkZGVwoKAxY/fVkHVjJbUU8lCQgQEVxaD1YWHwpODwMR&rst=8703&ck=0&s=73c943739785b9a5&ref=https://www.crainsdetroit.com/banking-finance/flagstar-bank-paid-1-million-bitcoin-ransomware-group&ptid=291a25bd05836dfb&qt=5&ap=2396&be=2674&fe=5650&dc=1067&at=Q0QHRF4YTks%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1724636125383,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:26,%22c%22:26,%22s%22:28,%22ce%22:178,%22rq%22:178,%22rp%22:2674,%22rpe%22:2706,%22di%22:3690,%22ds%22:3695,%22de%22:3742,%22dc%22:8231,%22l%22:8264,%22le%22:8324%7D,%22navigation%22:%7B%7D%7D
Requested by: Host: cdn.lr-ingest.com
URL: https://cdn.lr-ingest.com/LogRocket.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b4e795f61489cd3ae77c4621ca909655b17d330af08bbb25f90a7f5c3273882

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type: text/plain

Response headers

Date: Mon, 26 Aug 2024 01:35:34 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.crainsdetroit.com
access-control-expose-headers: Date
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 8b9015ff8b713870-YYZ
timing-allow-origin: https://www.crainsdetroit.com

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 17 KB
7 KB 392ms
86ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 01:35:34 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8932 0
0 65ms
50ms Document
text/html 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
age: 440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 01:28:14 GMT
expires: Tue, 26 Aug 2025 01:28:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame E7BA 0
0 321ms
73ms Document
text/html 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-MEAMyOKMKHjxGvl81zX-Yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crainsdetroit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'nonce-MEAMyOKMKHjxGvl81zX-Yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 01:35:34 GMT
expires: Mon, 26 Aug 2024 01:35:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Icon-40%402x.png
s3-rd-prod.crainsdetroit.com/ 550 B
901 B 90ms
85ms Other
image/webp 2606:4700::6812:b93b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-rd-prod.crainsdetroit.com/Icon-40%402x.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b93b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4908257d837a524d823ae0f7b92c981276f1b9670ef1696aa63fff4e44f39fea

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 01:35:35 GMT
cf-cache-status: HIT
x-amz-request-id: 8PWBDA0R287Y5VFB
cf-polished: origFmt=png, origSize=719
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Icon-40%402x.webp"
content-length: 550
x-amz-id-2: 4nYJ+0ZHfDwoVZaYEnkL82IKDUCLz2VffGe/e1Ov4yd/XaDN8bPzeBN4F8ykXwfO/T9Xy+CK569mAAeblp7PyRZSQuOVdsPE
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Feb 2023 09:21:03 GMT
server: cloudflare
etag: "19a2aeb7e476cbf462ad0f81d378386e"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 8b901604babeaab4-YYZ
expires: Mon, 26 Aug 2024 02:35:35 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 61ms
60ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=4&h=100&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=650&gp=550&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=738505329120&rx=455503024899&cu=1724636128731&m=6643&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=550&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A8324%3A3690&as=1&ag=5125&an=1002&gi=1&gf=5125&gg=1002&ix=5125&ic=5125&ez=1&ck=1002&kw=1086&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5125&bx=1002&ci=1002&jz=1086&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5096&cd=1086&ah=5096&am=1086&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=211798204%3A2827089045%3A6711380340%3A138482970723&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=na&zMoatPS=interstitial&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-interstitial5&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=interstitial&iq=na&tt=na&tc=0&fs=208210&na=1001757503&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:35 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 123ms
86ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=4&h=90&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=261&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=909855464414&rx=455503024899&cu=1724636128731&m=7261&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=261&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A8324%3A3690&as=1&ag=5188&an=1081&gi=1&gf=5188&gg=1081&ix=5188&ic=5188&ez=1&ck=1081&kw=968&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5188&bx=1081&ci=1081&jz=968&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5065&cd=968&ah=5065&am=968&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=211798204%3A2827089045%3A6727407095%3A138476415646&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=LB_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-CrainMulti&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=569629559&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 52ms
51ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=333650928593&rx=455503024899&cu=1724636128731&m=7262&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A8324%3A3690&as=1&ag=5055&an=1155&gi=1&gf=5055&gg=1155&ix=5055&ic=5055&ez=1&ck=1155&kw=992&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5055&bx=1155&ci=1155&jz=992&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4887&cd=992&ah=4887&am=992&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=5649190773%3A3576598246%3A6767184699%3A138486565603&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=65086202&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 77ms
74ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=5&h=90&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=261&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=909855464414&rx=455503024899&cu=1724636128731&m=7467&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=261&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A8324%3A3690&as=1&ag=5394&an=5188&gi=1&gf=5394&gg=5188&ix=5394&ic=5394&ez=1&ck=1081&kw=968&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5394&bx=5188&ci=1081&jz=968&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5277&cd=5065&ah=5277&am=5065&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=211798204%3A2827089045%3A6727407095%3A138476415646&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=LB_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-CrainMulti&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=1488251852&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 155ms
141ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=949092780558&rx=455503024899&cu=1724636128731&m=7471&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3921%3A3921%3A8324%3A3690&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5011&cd=47&ah=5011&am=47&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6478990289%3A138467128672&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_02&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=300x600&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_02&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=290880165&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 124ms
73ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&h=90&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=628111073001&rx=455503024899&cu=1724636128731&m=7675&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3921%3A3921%3A8324%3A3690&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5170&cd=134&ah=5170&am=134&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6755207713%3A138482659322&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=LB_03&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=970x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_03&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=1810859748&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 91ms
63ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&h=214&w=320&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1120&gp=2843.171875&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=12518282&rx=455503024899&cu=1724636128731&m=7877&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=2843.171875&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3921%3A3921%3A8324%3A3690&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5155&cd=152&ah=5155&am=152&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5358421904%3A3568691461%3A6759380348%3A138485581116&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=NTV_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=0x0&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=NTV_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=627330330&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:36 GMT

GET
H2 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ 176 B
693 B 56ms
49ms Script
text/javascript 3.168.122.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.168.122.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-122-54.jfk52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 26 Aug 2024 00:53:15 GMT
via: 1.1 fa52f1a23716e225ace4af997301194a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 2547
x-amz-cf-pop: JFK52-P7
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 176
last-modified: Thu, 22 Aug 2024 18:16:36 GMT
server: Cloudfront
etag: "96f5b26d366f47393b3ff36fe7471474"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: BKkQ_zvw7uMJlQiCg5WnXagckqcM5UlbfoCjq3dZ3zuIwz-KEocXZQ==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 116ms
115ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=5&pxm=3&sgs=6&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAIN_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=4167&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=4167&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1724636128731&de=692460604966&rx=455503024899&cu=1724636128731&m=10130&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A3921%3A3921%3A8324%3A3690&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5046&cd=0&ah=5046&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=crainsdetroit.com%3AFlagstar%20paid%20%241M%20bitcoin%20ransom%20after%20cyberattack%20in%202021%2C%20court%20filings%20show%3A__page__%3A-&gw=crainprebidheader782626518086&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=261086800&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 51ms
50ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=5&h=100&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=650&gp=550&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=738505329120&rx=455503024899&cu=1724636128731&m=11556&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=550&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A8324%3A3690&as=1&ag=10040&an=5125&gi=1&gf=10040&gg=5125&ix=10040&ic=10040&ez=1&ck=1002&kw=1086&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10040&bx=5125&ci=1002&jz=1086&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10005&cd=5096&ah=10005&am=5096&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=211798204%3A2827089045%3A6711380340%3A138482970723&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=na&zMoatPS=interstitial&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-interstitial5&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=interstitial&iq=na&tt=na&tc=0&fs=208210&na=426502648&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 109ms
109ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=https%3A%2F%2Fwww.crainsdetroit.com%2F%2Fbanking-finance%2F-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=6&h=90&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=261&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=909855464414&rx=455503024899&cu=1724636128731&m=12167&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=261&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A8324%3A3690&as=1&ag=10094&an=5394&gi=1&gf=10094&gg=5394&ix=10094&ic=10094&ez=1&ck=1081&kw=968&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10094&bx=5394&ci=1081&jz=968&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9981&cd=5277&ah=9981&am=5277&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=211798204%3A2827089045%3A6727407095%3A138476415646&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=LB_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=728x90&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=CRAIN_PREBID_HEADER1-CrainMulti&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=LB_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=1399278480&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 73ms
72ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=5&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=333650928593&rx=455503024899&cu=1724636128731&m=12369&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A8324%3A3690&as=1&ag=10163&an=5055&gi=1&gf=10163&gg=5055&ix=10163&ic=10163&ez=1&ck=1155&kw=992&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10163&bx=5055&ci=1155&jz=992&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10005&cd=4887&ah=10005&am=4887&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=5649190773%3A3576598246%3A6767184699%3A138486565603&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=1838958249&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 50ms
49ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=11&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&k=&bq=11&f=0&j=&t=1724636128731&de=554471553936&rx=455503024899&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=11&cb=1&cu=1724636128731&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A418459684%3A6354644058%3A138442311334&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_03&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=1x1&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3921%3A3921%3A8324%3A3690&tz=REC_03&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&fs=208210&na=1819461540&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 54ms
50ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=11&i=CRAINDFP1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&k=&bq=11&f=0&j=&t=1724636128731&de=683038950359&rx=455503024899&m=0&ar=9cc5b3e58a7-clean&iw=b53e35f&q=12&cb=1&cu=1724636128731&ll=2&lm=0&ln=0&em=0&en=0&d=211798204%3A418459684%3A6354644058%3A138441589527&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_04&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=1x1&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&bo=104555044&bd=415459684&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&gw=crainprebidheader782626518086&fd=1&it=500&ti=0&ih=2&pe=1%3A3921%3A3921%3A8324%3A3690&tz=REC_04&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&fs=208210&na=1884323295&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 54ms
52ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F17256545596353978317&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=6&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=333650928593&rx=455503024899&cu=1724636128731&m=12574&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3921%3A3921%3A8324%3A3690&as=1&ag=10367&an=10163&gi=1&gf=10367&gg=10163&ix=10367&ic=10367&ez=1&ck=1155&kw=992&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10367&bx=10163&ci=1155&jz=992&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10207&cd=10005&ah=10207&am=10005&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=5649190773%3A3576598246%3A6767184699%3A138486565603&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_01&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=300x250&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_01&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=991384640&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 109ms
109ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&sst=1&wf=1&ra=6&pxm=3&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRAINDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL!D35lK%7D%249.%2CBH7%3Ab%5EqP%23s1Tlw4djTdrfloI%40s1ki%2F*TpPR.gW%7CHZwzi%404Y%40QA%60%2Cb%5B%60ce%7C9czny%5Bh%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3F%3C%3D*h4i0Kc%5Eiy2iVSdK%3Eo%26)FK%3D%5BlE*F%5EDLgxECSR23_Ln7jC%3Df%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBjvg5Y1T5x%2F0RJniF9z0wEtqcL5ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=260&qd=260&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&vf=1&vg=100&bq=11&g=2&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&id=1&ii=4&pl=0&f=0&j=&t=1724636128731&de=949092780558&rx=455503024899&cu=1724636128731&m=12575&ar=9cc5b3e58a7-clean&iw=b53e35f&cb=1&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=undefined&lb=4167&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3921%3A3921%3A8324%3A3690&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10119&cd=5011&ah=10119&am=5011&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=211798204%3A2827089045%3A6478990289%3A138467128672&bo=104555044&bd=415459684&gw=crainprebidheader782626518086&zMoatOrigSlicer1=104555044&zMoatOrigSlicer2=415459684&dfp=0%2C1&la=415459684&zMoatMMV_MAX=slotNoHistData&zMoatPS=REC_02&zMoatMMV=slotNoHistData&zMoatMData=1&zMoatMSafety=unsafe&zMoatMGV=slotNoHistData&zMoatSZ=300x600&zMoatCURL=crainsdetroit.com%2Fbanking-finance%2Fflagstar-bank-paid-1-million-bitcoin-ransomware-group&zMoatDev=Mobile&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=REC_02&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=unsafe&tc=0&fs=208210&na=298933484&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crainsdetroit.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 01:35:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Aug 2024 01:35:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.crainsdetroit.com
URL: blob:https://www.crainsdetroit.com/67cf8617-1fab-48c4-8246-427af8f71756

Domain: www.crainsdetroit.com
URL: blob:https://www.crainsdetroit.com/89c436af-9388-4561-b245-3c052ee7dcbd

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408200101&jk=2046796233840890&bg=!3N-l35DNAAag2_gngNs7ADQBe5WfOANm7naJJ9iEZyE6oOCPjZHX8aZfRgpjiBLI4JWf53sSuZEM-wgRU-WyPMDKHWqPAgAAAXVSAAAAAmgBB34ANSMDHFc6CmeLSLATXQWoDFXCdRnwwTMneoezoGzLh6INd16pYm_mlSgjieJcRnA0XOm6vaBimQKqUWwAbu1CQ2SiPjQEVngcIHxXalF_-7YIcmkQVgY5l3vWXmjQX1ySZR2CAzQe0r_kfgHRB2s3JAUlecCBi0Pc4yOLHjtp15YY4-fb3GKSnve-1_Oe6NFIbsf3lhluPGQQkQbKKsapljiq8dwGzx6oipdCZ2IStj40ry49Thjw3sAVBihqwA0eFP22SFOxEtN6aWu9B6M78sjUkZscB1kokEbCKH-sUqjtLgtdIZswm46GqLEYQQwxWkSYiC-czm5KyT_HIQJevQTzpJY9s2kOSFlUTjKvY6KzfdSzz8viOpnd0XSj3WUZT_mRDvSOz5iCvH3SDdRtyvrA8-PPi8Uf60hso5jbnptqnAmeVSX1xKQNHYyA_OB8LvLAllWhiEKEjjaVqSUq3KTvJCjmu8wOLDonDecxoz_KGSRRj5dErNiIxIf69vgQW4iAa_JtaYBU3yXlgk2MYUfR7VHCnwC6IZpUGHV_1rsSRQtGoltBw67hJdhEqpivAI_V05SmTaT4UAOJjacursuYW9f3zty9THjCeeS9V6JuD3DItLeVyNFBHtSAwxoxAH7aOsrnEU9WIJf065wu4_PHvg2E8bcoEGI8HwJUHPzFJ_snT6E6OhZ7SY8xYhD9j8atZ8TafPQdGGfwqUovqWHLQL9eiernap1GoB0r_1FKCoA5jjQ9V9edFlALUXLTb7YbM_ryBv-DgxRIpmgAOO2aTZJGta8uNkGw_5mlrxOZOHyKn9LDsGwvLFb7zutP-YEaYLI1pqeuWWmScSIXO_Cth_F0XwnXR47Dr7TMNPSsdJMl--uDkjFE8rqJPab_9oqMQHL6F8YNgJLROMUWVny5Id5dY0TdMvlv-9VjdkPtUnED8CXNGdrZevfaX9fX8PTXce_WXegG_h3Z7oiv60ZpWw

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.crainsdetroit.com/	1970-01-20 23:03:57	Name: __cf_bm Value: 0UezKpW2LEY2K4UpBHoYKWKdinbhIN2KJ1KkzpQeNO4-1724636128-1.0.1.1-yPtaO3EHJenD_lebcKiscUzig4GHdi9CgXCU.h7QTl_AkMY3n8A.AMvYkfxs0YySthazkHpQPynzw.3fe6nxyA
.demdex.net/	1970-01-21 03:23:08	Name: demdex Value: 85708447097000609631744832819780929538
.crainsdetroit.com/	1970-01-20 23:03:59	Name: sailthru_hid Value:
.crainsdetroit.com/	1969-12-31 23:59:59	Name: AMCVS_138FFF2554E6E7220A4C98C6%40AdobeOrg Value: 1
.crainsdetroit.com/	1970-01-21 08:32:44	Name: _cb Value: 9zRFQBTpOaABKMh-e
.crainsdetroit.com/	1970-01-21 08:32:44	Name: _chartbeat2 Value: .1724636129442.1724636129442.1.DTo1NkMgNxTC_XUFzDA1wsIDO3ZS.1
.crainsdetroit.com/	1970-01-20 23:03:57	Name: _cb_svref Value: external
.crainsdetroit.com/	1970-01-20 23:03:57	Name: TAsessionID Value: 333c12ff-8484-424e-821b-cd9d03e2639b\|NEW
.ml314.com/	1970-01-21 07:49:32	Name: pi Value: 3646553326425735195
.ml314.com/	1970-01-20 23:24:05	Name: tp Value: 4%253B08%252F26%252F2024%2B01%253A35%253A29%253B0
.crainsdetroit.com/	1969-12-31 23:59:59	Name: _ga_R975N3VDSQ Value: GS1.1.1724636129.1.0.1724636129.0.0.0
.crainsdetroit.com/	1969-12-31 23:59:59	Name: _ga Value: GA1.1.1187118756.1724636130
.crainsdetroit.com/	1970-01-21 01:13:32	Name: _fbp Value: fb.1.1724636129625.50066840144428449
.crainsdetroit.com/	1970-01-21 07:42:20	Name: pelcro.unique.id Value: YWNodnJqeXNxdWhtMGFidG1jbA==
www.crainsdetroit.com/	1970-01-20 23:03:57	Name: sailthru_pageviews Value: 1
.dpm.demdex.net/	1970-01-21 03:23:08	Name: dpm Value: 85708447097000609631744832819780929538
.crainsdetroit.com/	1970-01-21 08:25:32	Name: __gads Value: ID=49fadbc38e23a926:T=1724636129:RT=1724636129:S=ALNI_MbmhoWmglkx1UZ8TPVImU2rQOF0Kg
.crainsdetroit.com/	1970-01-21 08:25:32	Name: __gpi Value: UID=00000ed549fa1fc3:T=1724636129:RT=1724636129:S=ALNI_MZATidlS6e8-X0-6gqVmMPjDChj3A
.crainsdetroit.com/	1970-01-21 03:23:08	Name: __eoi Value: ID=4546810d91355c6f:T=1724636129:RT=1724636129:S=AA-AfjanTHFZol0rFuZqcT-RZKgl
.t.co/	1970-01-21 08:39:56	Name: muc_ads Value: 4c3c286b-2318-41b7-b48e-26a57700cb9f
.linkedin.com/	1970-01-21 07:49:32	Name: bcookie Value: "v=2&1dfdd547-76f5-4934-8737-c1b0e775e2e0"
.linkedin.com/	1970-01-21 03:23:08	Name: li_gc Value: MTswOzE3MjQ2MzYxMjk7MjswMjHlLgBZaK+8GPyALuOa7Du+pUOBT+UZD8pLzkixKYscdw==
.linkedin.com/	1970-01-20 23:05:22	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2853:u=1:x=1:i=1724636129:t=1724722529:v=2:sig=AQGK2HZr05w9ZSyzeA33xDN48CSl-75R"
.zemanta.com/	1970-01-21 07:49:32	Name: zuid Value: na_6YBH-4pacK1fXNyXx
.twitter.com/	1970-01-21 08:39:56	Name: personalization_id Value: "v1_DU4Sm9a3RadMCpOUDYh2rw=="
.crainsdetroit.com/	1970-01-21 08:39:56	Name: AMCV_138FFF2554E6E7220A4C98C6%40AdobeOrg Value: 179643557%7CMCIDTS%7C19962%7CMCMID%7C85741381824760049381745796667767091563%7CMCAAMLH-1725240929%7C7%7CMCAAMB-1725240929%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1724643329s%7CNONE%7CMCSYNCSOP%7C411-19969%7CvVersion%7C5.5.0
.bing.com/	1970-01-21 08:25:32	Name: MUID Value: 288CEEDAE2956B561064FA3DE3BF6AAD
.bat.bing.com/	1970-01-20 23:14:00	Name: MR Value: 0
.crainsdetroit.com/	1970-01-21 01:13:32	Name: _gcl_au Value: 1.1.537945759.1724636130
.crainsdetroit.com/	1970-01-20 23:05:22	Name: Y3JhaW5zZGV0cm9pdC5jb20%3D-_lr_tabs_-wlb5gx%2Fdrupal-sites Value: {%22sessionID%22:0%2C%22recordingID%22:%225-be361f5c-738f-4abe-b0ac-eb2afde41bae%22%2C%22lastActivity%22:1724636130243}
.crainsdetroit.com/	1970-01-20 23:05:22	Name: Y3JhaW5zZGV0cm9pdC5jb20%3D-_lr_hb_-wlb5gx%2Fdrupal-sites Value: {%22heartbeat%22:1724636130244}
.crainsdetroit.com/	1969-12-31 23:59:59	Name: Y3JhaW5zZGV0cm9pdC5jb20%3D-_lr_uf_-wlb5gx Value: 5ce65838-fb52-4ca0-9dd1-1a19c20ac923
.rlcdn.com/	1970-01-21 07:49:32	Name: rlas3 Value: R4y9rukGu4vqmlPYiIFoABGJTqNI/8CJXF0ahW7aU8Y=
.adsrvr.org/	1970-01-21 07:49:32	Name: TDID Value: bc384917-9832-40cf-ae4b-350d6b7012b8
.eyeota.net/	1970-01-21 07:49:32	Name: mako_uid Value: 1918c52ec1b-599a0000010a48e7
.eyeota.net/	1970-01-20 23:03:56	Name: SERVERID Value: 18663~DM
.rlcdn.com/	1970-01-21 00:30:20	Name: pxrc Value: COK3r7YGEgUI6AcQABIFCNtOEAA=
.crwdcntrl.net/	1970-01-21 05:32:42	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 05:32:42	Name: _cc_id Value: 2a1372576f014e448479066c3234d89
.crainsdetroit.com/	1970-01-20 23:03:56	Name: cciFirstTouch Value: %7B%7D
.adsrvr.org/	1970-01-21 07:49:32	Name: TDCPM Value: CAESFgoHZDB0cm8xahILCNrmo_Os3qI9EAUYBSABKAIyCwjWmOOew96iPRAFOAE.
.crainsdetroit.com/	1969-12-31 23:59:59	Name: at_check Value: true
.ml314.com/	1970-01-20 23:03:56	Name: u Value: aHR0cHM6Ly93d3cuY3JhaW5zZGV0cm9pdC5jb20v
.doubleclick.net/	1970-01-21 08:39:56	Name: IDE Value: AHWqTUkS0jTmtM3s1ekBv41bZVXB4ZIwVf6xJ2WxqbvUfT61vDPolfOcTW1kHT0fK5s
.crainsdetroit.com/	1970-01-20 23:03:57	Name: s_depth Value: 1
.crainsdetroit.com/	1970-01-20 23:03:57	Name: s_ppn Value: banking%20%26%20finance%3ABanking%20%26%20Finance%3A895766_flagstar%20paid%20%241m%20bitcoin%20ransom%20after%20cyberattack%20in%202021%2C%20court%20filings%20show
.bat.bing.com/	1970-01-21 08:25:32	Name: MSPTC Value: iTyW3rGHtVYbcA1k8g5XUsSKfqw5bvTvtNQKUVttYUA
.crainsdetroit.com/	1970-01-21 08:39:56	Name: mbox Value: session#ca11888b41e6470eb4a936d02a855f15#1724637992\|PC#ca11888b41e6470eb4a936d02a855f15.34_0#1787880932
.crainsdetroit.com/	1970-01-20 23:47:08	Name: s_nr Value: 1724636131220-New
www.crainsdetroit.com/	1969-12-31 23:59:59	Name: chkcookie Value: 1724636131233
.crainsdetroit.com/	1969-12-31 23:59:59	Name: s_cc Value: true
www.crainsdetroit.com/	1970-01-21 07:49:32	Name: sailthru_content Value: c2ecf56f67a9c657c65c9e9b3f18f673
www.crainsdetroit.com/	1970-01-21 07:49:32	Name: sailthru_visitor Value: 96b0d047-f338-4cc6-8d9a-0325c2181f15
.crainsdetroit.com/	1970-01-21 07:49:32	Name: _hjSessionUser_1906609 Value: eyJpZCI6IjIzM2Q2YWQwLWUzNzYtNTExNC05OWFlLWU0YzA3OWM5ZjAxOSIsImNyZWF0ZWQiOjE3MjQ2MzYxMzEzMTQsImV4aXN0aW5nIjpmYWxzZX0=
.crainsdetroit.com/	1970-01-20 23:03:57	Name: _hjSession_1906609 Value: eyJpZCI6IjAzNWQ1NjVhLTMxZWUtNGY2NC04ZjJlLTNiY2RlMTliYmRhYSIsImMiOjE3MjQ2MzYxMzEzMTYsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.crainsdetroit.com/	1970-01-20 23:05:22	Name: _uetsid Value: 7a7a2c40634b11efbfd0f14bdd53547f\|yw3qlb\|2\|fon\|0\|1699
.crainsdetroit.com/	1970-01-21 08:28:24	Name: __qca Value: P0-634259154-1724636130439
.crainsdetroit.com/	1970-01-21 08:25:32	Name: _uetvid Value: 7a7aebf0634b11ef9402296968b54fc1\|162313g\|1724636131782\|1\|1\|bat.bing.com/p/insights/c/f
.crainsdetroit.com/	1969-12-31 23:59:59	Name: s_ppvl Value: banking%2520%2526%2520finance%253ABanking%2520%2526%2520Finance%253A895766_flagstar%2520paid%2520%25241m%2520bitcoin%2520ransom%2520after%2520cyberattack%2520in%25202021%252C%2520court%2520filings%2520show%2C31%2C31%2C1200%2C1600%2C1200%2C1200%2C1600%2C1%2CP
.crainsdetroit.com/	1969-12-31 23:59:59	Name: s_ppv Value: banking%2520%2526%2520finance%253ABanking%2520%2526%2520Finance%253A895766_flagstar%2520paid%2520%25241m%2520bitcoin%2520ransom%2520after%2520cyberattack%2520in%25202021%252C%2520court%2520filings%2520show%2C29%2C29%2C1200%2C1600%2C1200%2C1200%2C1600%2C1%2CP
m.stripe.com/	1970-01-21 08:39:56	Name: m Value: 60f86458-30ec-41af-9aba-81969c9a8b30e23e73
.www.crainsdetroit.com/	1970-01-21 07:49:32	Name: __stripe_mid Value: bbf99b9b-ad87-4f1f-9939-abafcecbcc9c8a2938
.www.crainsdetroit.com/	1970-01-20 23:03:57	Name: __stripe_sid Value: b7179ac8-4327-4b8d-bca4-980b788214f6938c1c

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pubcast-files.remixd.com/player-configs/crainsdetroit.com Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.pelcro.com/api/v1/sdk/members/ip/authorization?site_id=5070&language=en Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acd0a51f851dc4fa450f1d424db29953.safeframe.googlesyndication.com
ad-delivery.net
ad.doubleclick.net
ak.sail-horizon.com
analytics.twitter.com
api.btloader.com
api.sail-personalize.com
applepay.cdn-apple.com
applets.ebxcdn.com
assets.adobedtm.com
bam.nr-data.net
bat.bing.com
btloader.com
cdn.lr-ingest.com
cdn.lr-intake.com
cdnjs.cloudflare.com
cm.everesttech.net
connect.facebook.net
consent.trustarc.com
crain-com.videoplayerhub.com
crain-global.s3.amazonaws.com
crain.112.2o7.net
craommunications.demdex.net
craommunications.tt.omtrdc.net
dpm.demdex.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
js-agent.newrelic.com
js-tag.zemanta.com
js.pelcro.com
js.stripe.com
mab.chartbeat.com
maps.googleapis.com
match.adsrvr.org
mb.moatads.com
ml314.com
p1.zemanta.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
ps.eyeota.net
pubcast-files.remixd.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
r.lr-ingest.com
rules.quantcount.com
s3-rd-prod.crainsdetroit.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.chartbeat.com
static.hotjar.com
sync.crwdcntrl.net
t.co
tags.remixd.com
tpc.googlesyndication.com
trackerapi.ebxcdn.com
vi.ml314.com
www.crainsdetroit.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.pelcro.com
z.moatads.com
pagead2.googlesyndication.com
www.crainsdetroit.com
104.198.23.205
104.244.42.3
108.138.106.49
129.80.52.16
13.107.42.14
13.225.63.82
130.211.23.194
142.251.40.102
146.75.32.157
15.197.193.217
162.247.241.14
18.164.96.87
18.238.49.4
18.238.49.99
23.51.58.26
2600:141b:1c00:209c::1e80
2600:141b:1c00:6::17df:d10d
2600:9000:21dd:ce00:6:44e3:f8c0:93a1
2600:9000:24f1:8400:18:1fcd:354:4b41
2600:9000:266a:6400:c:b42a:3740:93a1
2602:816:5001::39
2606:4700:10::6816:4bd8
2606:4700:10::6816:72d
2606:4700:10::ac43:1a0b
2606:4700:20::681a:246
2606:4700:20::681a:832
2606:4700:3030::6815:50b6
2606:4700:3030::ac43:8707
2606:4700:3034::ac43:d4ac
2606:4700:3037::6815:25c1
2606:4700::6811:190e
2606:4700::6812:b83b
2606:4700::6812:b93b
2607:f8b0:4006:808::2001
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::2004
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2001
2607:f8b0:4006:824::2003
2607:f8b0:4006:824::200a
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:149:a0e:f000::5
2620:1ec:21::14
2620:1ec:33::10
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:200::714
3.168.122.103
3.168.122.54
3.221.3.170
34.117.77.79
34.195.138.165
35.190.38.143
35.201.104.135
35.244.154.8
52.216.177.243
52.87.63.192
54.156.26.12
54.80.21.73
63.140.38.217
63.140.39.65
72.21.81.130
99.83.154.140
067fda1fb043979aa87066c7da6d28f6b5eafd55acbcb0a0f810b753fab0cc70
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
07e6a26d0308ef58ca53b8e71012693ceebe00e1d0094d70a6af25b8b9c818cb
08142330655deb1526dcc56795c92eb5c13012f75b599d5ac68db4027953ed80
090aacbb90b265ededde0cabe232448fade91f47a99f3c27c86a10a76153fc4c
093eab2d5f4ed779cd412531e1d8d836fe2f0365d6c12d36b776177cd28b7c05
0af02a29fef2b9f1bb1cd699d6cac52dc69c6d8f83b0d4f3631d99ac675cde65
107bc5efd729985c99cd035ef3e1d1e9b3f8034df064998427e7a5403f89d351
127dbf7de12bd7072e12f7bf921fe92067015763fab9a8ade76d1a3c03c2c5af
192574e33506cbc2db0a4a31e24e7a72abe1bd1fc08f10da2e1e0d789bbed5fe
19b887265030f550144409255009706920aa36859d49f480a82a2afd283afc65
1fcef0716825e85fb5a12018e61d82ba24f358254c0f6ed5cb1bae3d3a920904
226238f482ce9997adf36c64ab80c6757cc85de5a0a3a60807c8c05b0abfde59
23382e8a8ec5a7f6746a78d26ba9b37b6ff09e37f3050b882371e830f2850458
24687547639313c5eb1246acd422e286a032d244bcae90a63716b6a5b2adbcf4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25c9a9ba4dc20713fd7dfdcb2d93a95f03ad01b302c99b478575679792d9cc14
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2b4f22f30d39cb4bcedecf40d500aa953c8d891970f73e0b9b61d97c4666330b
2cada3f814f586b15b4b382132baa55d0e8371bea4ed37a3899ab0993c2b7da7
2d28462bd2908e6534cd08420a2631f660f5194d7b2c50c4f89f6d1761f8afa3
2edcb699eefebd736e8e59f6bedd08f30eac8a2c40ce5a9f92d654093a8bdff0
304a596bb9715360b71c3002d94553e04943f56dffbbefcf5c3ce3efc60db4a5
30cc81680ac73a0ed5dd4570067c32dc4867a4879e3003e695a672315d3f1a24
34bf08ff219b36887d4a53ab9eedf7858aff5d0d624d1ae67e475f90fe6771be
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cd81a57013f91cc12b14528393d54acd323c40400b3cec5c936b514ebba03fd
3d2b63f72b4b598a345bf1db52c8b8a6152fd898e9ddd62f7a9f8c6499ea22d8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44775fb5108d392e83241ce0f915ec94a8bf9f3982d9f720eb6904415eb7d3df
4734f33e74ecbf67f717b292a66c96bd9f87f801d410a766e3c649b07058ed6f
4753efaa55ec4381d4b4b320f2cec85ebce4577de533e6e24553b4fe34204022
476f3ea93ecf3d5a3d04f9ec7264d9be07c55792cae459e1e056d668fbe0eb1c
4908257d837a524d823ae0f7b92c981276f1b9670ef1696aa63fff4e44f39fea
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
4f496004877a9ae51e1a11c48e615a988b1ea887772ac4e88f1b0422ab882200
537571535e6644ba898574419a2b3c843e00efbda871650b4e0df90b2863cff1
54071ff5eb36c891ea056c1fd6a9a0aecc3782288444abf481f5f3ced68fc5e8
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
599204ec379eea66b743c70429d4a88893ae4efc631f21d22ceb5b6c03b1d905
5b4e795f61489cd3ae77c4621ca909655b17d330af08bbb25f90a7f5c3273882
5d7b165dd68f2612f3a93ce79af9b03b3702cfa5aa82effcd0eac48e5598cf76
5da1fbd73a3f4e0e389c683b527eaff83363e26a06ba5809de7f3a9aeb8b86db
5e4322f93284388da5a74a419b92efd60fb9004b76b20c2a009d500f03fec09d
5faef0203d07eb1e6e5cf5ec3c0780da0075a67d7a078bc8dbe31379520aa23b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63755a024e7a97c952f9cecf8dae12d120f3003f60b275ec13b33e7ebbab9f50
63c8a71e02dad8f567226247d5694840937f61e94ddb0c49288e8e68873c6097
660227b52daa64c6cbf776b3747a2988d1e917c8ac246e1860c03a1ed9254710
66df7e6dd16c8d2d570d07006aeb215594dc4a40cec09939ef99e59b103d4b51
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
6b7b687fa1ad2aacb0d8cd5fe8c5b3c8e752adc8b7bf41f1d19739002e930029
717f0eab31b50a7bd1a49df754c241fda5f3b1031701c1c7a718b9137d72dbb8
72eeaae2550893210694268f29a16541223c20abdf7224eebcf6c89b262a2fe9
7429f8084c66cf882a7e96a4afcf207df7c77483f13a91ec7333887392dc346a
759dcae1d98db910cbd737d94195ff51fe9f76af427a8860b5c3404da982ada0
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
7f54be1cfe2bac5fad5dd12e34e3d4f2f5cc52a87ca9ffab0656411b033d076b
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
8458e4b4a54eacfd1b843411542fb3c450c0b9cf9552297bfca73fc718a258ae
879f8ac93353fa4011fb96c803114599fccc3bdf068c906fc2ea35b9e9715d79
8a8e014889df6548ac8fdfba4eb5da266ebf0938f184eabf520f78ec2b074fd6
8ddcf2d7c1ed2a4344a219bbb47865721c1d9c8db1aa246e5bf22487484ec4af
8f33fad0f3444ce01079f7dda563b82c161e16e6d65ea99e49350004e2f6ae05
914b98c4be37d22289a09667dc5083f7c625d972fea66a049d73decad7f1df72
91941262d3cc5915ca8a431b42026adb9692961414e82ea9362e509c848a081b
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5
9278b217cc1ff083b082a4b27ae06ab02f5718c3e1b89db4259c2de4e0db60af
950fd95b6af4b4974a68ac04a5f146062dccfff965c0b150d8202306c1f6bb9f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1c26bcd6f403a967541f722322daed7c986ba524a37a4c9acc7a46bf729ad59
a52bf805948390e3ecf0ee9bf232f1563a9d8cae24a20152845730f355adedbb
a926196a97d8e400c8c714bcc663de7e30e226928ed7432e3c8f03ba9183eab3
a942b43c5f309d6797d9b07c953efff6a6be19754012ea831ffdd484e6fea412
a974b8e6ad09bf6e8b6528f0801aa00fe3d6b9d21ec785aa2346241abff9fe35
a9a4bb4011f6c5d254cbb43f1fba9fdb389f1a4f89ab6adc5d532d914f59ab74
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adccee23a958d0397ff1fcda012994d5e7bdbf8d263d6e805f870a40261dd4b6
afd584eb5736dd0208473226960ee2d03ca960465d28b21bf9e3a610c70899e5
b022a884114de14db9cefdd4d2554c1f281ae12820f33976f3c7e768f7998fbc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6dd3e8a6fb36c514c7f2c92afee8d55cc53b16e38d204ebd2df7abe186f35d0
b98c22958e1ca412ad825cb5462746ef42eedb75b967aa954879b3eab227f2c8
bb0d807d982a15f3496554f8e0ceede0aa4ca67c708ae9d1545d1c08dec9c57b
bb651d305032e44506a6776e8f983b1915dc6d6c35580b11da5b8f80feeab331
c03d980fed6f86344148c1d33e311ffe17b84985ec47519e62556e3dd82d8f7f
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c37c8810ea07ed8714faeac29f84685d20947a848d1586f94f46f352e15dc2fd
c6e1bca811af848f4ad930170f9bc77edcd142fc90badc0218cd8c6dc57f36ed
c72f7117f8074a4938b64c241b62929ce19615e9766d4a8c6cff8608735e5fe8
c7c2959dfa1588ba1be5ed9fe4d6b5900048b0a4c797c7c31a4c452361577518
ca00353ee3f7ef31746f2d857c0b3e337b5ddb1a0276d301caa536a4e8b84899
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca3f5d6e15dcbfbb5b053bb71a20773df5aaf61b7b15b7d33b5bf45c2bb7636b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04eeb649847f564a5c2cdb6379675604f27436877308e0a421af18305081e32
d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50
d30820b307020903ce9f7a05f520f7f231beab67fd1a38dc3157109d4a13d50a
d55c049dc4a0897a57ffb409bcba45af276a19ef9a4db1abe44fe436f5466545
d598b11113ca13e57538e85b580e0135467c25fbbf1f60f248dcadac20e86fad
d605368ba73813b6dc99edf17ebaf694895e3c2a29700b3d1a2f64a00db2a3d8
d6580d205951d7327484c4cc98a57ab28abb81547b986c612fd0891fb649abd8
d8fd265fc5ab4b0a3f7a45543eebe4d678eb7a11285e559ca3cf75cdf4defdf5
d918546f9f7cefb37e0c113c635a616c386ea7a9a0a5170da9b0a48b270b8d87
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d986b35a59fa7cdf953a4b6e5ad899b3d9ebfed1501c01a385f67c22e3690a0a
d9e17793347de95c9a580ba5bcdd86164a408aec5d9958d10886c37da9db0fb1
db377a9b7e365cd88283bed10b6c5f43fcb1683afe0a8738382421615e259327
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e0c72f4dff7cebbfb793dee88030ddb9dc7441dc9b5acf793a3de9d6a6fd6a06
e20ebfada267feab4be8d5b50caa3ce20a4ab3417cffd24d62efc90db2859416
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c312da75c715a16c5354091bcb185ab79ddc80f47e6e05de0ff2316bbd2284
e838430e731f466bc6d10c9e7dc2d9ff1dad72ea1e50421a75f57998df691dfb
e8e4a58f20af6a9e45385388c92b611508d5faf6a6ea3feb3f22208711d49a9d
e941d020f374fc58aa98128be91674640766aff2e65c7dbe3bacab06af251d16
ebab3ceb33eb45bd6eb4ae7e894f083a64cbbfb9f323766abdf30c340629de6d
ecefddb858623759bf80b1cea326af705be923582c6604b22717d75604a2a1ce
ee2057b29ca580da0aab4aa5c20f0cf9204c5e80025bbcaa343ecefbf0b0f420
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d178198ebf662c5734588783c9c2fd57e3eaf06ab651e4347980bd1343d2ca
f2769341fbf31a14e512d5b4138e93597e2eaf57dc58a09748a0515f4d4fd267
f2d2ac8b90bcaacd40df1122a51310170abb09aee8fe073c599b1342225d4e74
f92eac619ddf8f0c3d4811a4148af7149d0619e033654e707adb1c7fa42b2dc9
fcdeb29b63c8fbeba8854b553ff3195391ec0a6b2b918067d50497de19c84d5a
fedd74ca99d494f92c874191a293404fa2530decda3632c1650ab02c162634e9

www.crainsdetroit.com Open in urlscan Pro 2606:4700::6812:b83b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

245 Requests

95 %HTTPS

54 %IPv6

51 Domains

71 Subdomains

64 IPs

1 Countries

3660 kBTransfer

14065 kBSize

63 Cookies

12 Outgoing links

Redirected requests

245 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.crainsdetroit.com Open in urlscan Pro
2606:4700::6812:b83b Public Scan

Screenshot
Live screenshot

Full Image

245
Requests

95 %
HTTPS

54 %
IPv6

51
Domains

71
Subdomains

64
IPs

1
Countries

3660 kB
Transfer

14065 kB
Size

63
Cookies

245 HTTP transactions
10 data transactions