1) The Tor Foundation coordinates with the US government.

2) The Tor Foundation receives funding from the US government.

3) There is ample evidence of interagency cooperation.

It's too deep to go hunting now but once upon a time Roger Dingledine observed that a secret network with nothing but US intelligence assets on it wasn't exactly useful and that "protective coloration" (pedophiles, drug dealers, contract assassins, etc) was the only thing that gave the network any prospective value to the Naval Research Laboratory. It's certainly possible - even probable - that Tor can't be cracked by anyone, and anyone operating on it is truly anonymous. After all, nothing related to Tor showed up in the Shadow Brokers cache and if you find yourself relying on an unbreakable code that can be stolen by an adversary you're kind of fucked. It's also certainly possible - even probable - that the NSA has an edge when it comes to how one might shape and exploit any theoretical weaknesses created by sloppy utilization of Tor.

Now, in a recent series of filings, Department of Justice lawyers won't say how the agency accessed Al-Azhari's IP address, and are blocking discussion of the issue from entering the public docket.

There was a shit-ton of deep, deep exploits of operating systems in that Shadow Brokers cache.

Pegasus doesn't work on plus-1 telephone codes, by design, probably because State, the NSA and CIA simply don't want to deal with NSO's shit. Which virtually guarantees that the FBI has a domestic version of Pegasus. They can probably identify a fuckton more than an IP address - they probably have video of his face as he browses that ISIS site. But no. they're not going to tell you about it, no matter how formally you file your petition.