www.bnnbloomberg.ca Open in urlscan Pro
104.70.84.198 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Submission: On May 05 via manual (May 5th 2021, 2:48:45 pm UTC) from US

Summary HTTP 116 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 46 IPs in 6 countries across 40 domains to perform 116 HTTP transactions. The main IP is 104.70.84.198, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.bnnbloomberg.ca.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 15th 2021. Valid for: a year.

This is the only time www.bnnbloomberg.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	104.70.84.198 104.70.84.198	16625 (AKAMAI-AS) (AKAMAI-AS)
18	2.18.234.219 2.18.234.219	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a02:26f0:6c0... 2a02:26f0:6c00:2a6::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.19.150.54 104.19.150.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:210... 2600:9000:2104:ca00:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
3	104.109.85.134 104.109.85.134	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 4	34.252.115.248 34.252.115.248	16509 (AMAZON-02) (AMAZON-02)
2 4	65.9.73.27 65.9.73.27	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 1	34.253.145.149 34.253.145.149	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
3	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.243.47.58 34.243.47.58	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b0::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	2.18.234.36 2.18.234.36	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	65.9.86.127 65.9.86.127	16509 (AMAZON-02) (AMAZON-02)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	52.214.0.210 52.214.0.210	16509 (AMAZON-02) (AMAZON-02)
1	52.212.177.60 52.212.177.60	16509 (AMAZON-02) (AMAZON-02)
2	54.85.197.32 54.85.197.32	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:1b:... 2a04:4e42:1b::714	54113 (FASTLY) (FASTLY)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
1	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
5	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
1	35.181.18.61 35.181.18.61	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	52.48.18.249 52.48.18.249	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
116	46

16 104.70.84.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-84-198.deploy.static.akamaitechnologies.com

www.bnnbloomberg.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beta.ctvnews.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2.18.234.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-219.deploy.static.akamaitechnologies.com

webapps.9c9media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images2.9c9media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.9c9media.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.9c9media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:2a6::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.150.54 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:ca00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.109.85.134 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-85-134.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.252.115.248 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-115-248.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.73.27 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.145.149 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-145-149.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.47.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-47-58.eu-west-1.compute.amazonaws.com

bellmedia.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.36 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-36.deploy.static.akamaitechnologies.com

cdns.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.86.127 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.0.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-0-210.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.177.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-177-60.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.85.197.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-197-32.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.181.18.61 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

bellmedia.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4aec1fecf46fe5bca90025009e74d9cc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.18.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-18-249.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	9c9media.com webapps.9c9media.com images2.9c9media.com capi.9c9media.com	399 KB
15	bnnbloomberg.ca www.bnnbloomberg.ca	720 KB
7	googlesyndication.com 4aec1fecf46fe5bca90025009e74d9cc.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	25 KB
6	moatads.com z.moatads.com mb.moatads.com geo.moatads.com px.moatads.com	75 KB
5	yahoo.com c2shb.ssp.yahoo.com	2 KB
5	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	107 KB
5	facebook.net connect.facebook.net	233 KB
5	demdex.net 1 redirects dpm.demdex.net bellmedia.demdex.net	7 KB
5	adobedtm.com assets.adobedtm.com	99 KB
4	facebook.com www.facebook.com	648 B
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	91 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com	5 KB
3	criteo.com bidder.criteo.com gum.criteo.com	448 B
3	amazon-adsystem.com c.amazon-adsystem.com	36 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	33 KB
2	casalemedia.com htlb.casalemedia.com as-sec.casalemedia.com	736 B
2	adnxs.com secure.adnxs.com ib.adnxs.com	2 KB
2	chartbeat.net ping.chartbeat.net	337 B
2	google-analytics.com www.google-analytics.com	19 KB
2	gstatic.com www.gstatic.com	4 KB
2	addthis.com s7.addthis.com	190 KB
2	9c9media.ca auth.9c9media.ca	46 KB
1	twitter.com analytics.twitter.com	651 B
1	google.com adservice.google.com	165 B
1	google.de adservice.google.de	165 B
1	omtrdc.net bellmedia.sc.omtrdc.net	393 B
1	t.co t.co	448 B
1	addthisedge.com v1.addthisedge.com	565 B
1	gigya.com cdns.gigya.com
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	rlcdn.com api.rlcdn.com	331 B
1	adsrvr.org match.adsrvr.org	547 B
1	criteo.net static.criteo.net	37 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	googletagservices.com www.googletagservices.com	21 KB
1	ctvnews.ca beta.ctvnews.ca	7 KB
1	indexww.com js-sec.indexww.com	34 KB
1	permutive.com cdn.permutive.com	70 KB
116	40

	Domain	Requested by
15	www.bnnbloomberg.ca	www.bnnbloomberg.ca
11	images2.9c9media.com	www.bnnbloomberg.ca
5	c2shb.ssp.yahoo.com	js-sec.indexww.com
5	connect.facebook.net	www.bnnbloomberg.ca connect.facebook.net
5	assets.adobedtm.com	www.bnnbloomberg.ca assets.adobedtm.com
4	www.facebook.com	www.bnnbloomberg.ca
4	sb.scorecardresearch.com	2 redirects www.bnnbloomberg.ca
4	dpm.demdex.net	1 redirects assets.adobedtm.com www.bnnbloomberg.ca
4	webapps.9c9media.com	www.bnnbloomberg.ca
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	c.amazon-adsystem.com	www.bnnbloomberg.ca c.amazon-adsystem.com
3	z.moatads.com	www.bnnbloomberg.ca s7.addthis.com
2	bidder.criteo.com	static.criteo.net
2	cm.g.doubleclick.net	2 redirects
2	ping.chartbeat.net	www.bnnbloomberg.ca
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	px.ads.linkedin.com	2 redirects
2	www.google-analytics.com	www.bnnbloomberg.ca www.google-analytics.com
2	cdn.krxd.net	www.bnnbloomberg.ca cdn.krxd.net
2	www.gstatic.com	www.bnnbloomberg.ca
2	s7.addthis.com	www.bnnbloomberg.ca s7.addthis.com
2	auth.9c9media.ca	www.bnnbloomberg.ca
2	static.chartbeat.com	www.bnnbloomberg.ca
1	beacon.krxd.net	cdn.krxd.net
1	analytics.twitter.com	static.ads-twitter.com
1	gum.criteo.com	static.criteo.net
1	as-sec.casalemedia.com	js-sec.indexww.com
1	4aec1fecf46fe5bca90025009e74d9cc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	consumer.krxd.net	cdn.krxd.net
1	bellmedia.sc.omtrdc.net	www.bnnbloomberg.ca
1	htlb.casalemedia.com	js-sec.indexww.com
1	ib.adnxs.com	js-sec.indexww.com
1	secure.adnxs.com	js-sec.indexww.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	t.co	www.bnnbloomberg.ca
1	mab.chartbeat.com	static.chartbeat.com
1	px.moatads.com	www.bnnbloomberg.ca
1	geo.moatads.com	z.moatads.com
1	mb.moatads.com	z.moatads.com
1	px4.ads.linkedin.com	www.bnnbloomberg.ca
1	www.linkedin.com	1 redirects
1	v1.addthisedge.com	s7.addthis.com
1	capi.9c9media.com	www.bnnbloomberg.ca
1	cdns.gigya.com	www.bnnbloomberg.ca
1	static.ads-twitter.com	www.bnnbloomberg.ca
1	snap.licdn.com	www.bnnbloomberg.ca
1	bellmedia.demdex.net	assets.adobedtm.com
1	api.rlcdn.com	js-sec.indexww.com
1	match.adsrvr.org	js-sec.indexww.com
1	static.criteo.net	js-sec.indexww.com
1	cm.everesttech.net	1 redirects
1	www.googletagservices.com	www.bnnbloomberg.ca
1	beta.ctvnews.ca	www.bnnbloomberg.ca
1	js-sec.indexww.com	www.bnnbloomberg.ca
1	cdn.permutive.com	www.bnnbloomberg.ca
116	58

This site contains links to these domains. Also see Links.

Domain
support.bell.ca
www.bellmedia.ca

Subject Issuer	Validity	Valid
news.bellmedia.ca Entrust Certification Authority - L1K	`2021-03-15` - `2022-04-14`	a year	crt.sh
v.bellmedia.ca Entrust Certification Authority - L1K	`2021-04-05` - `2022-04-05`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2021-03-02` - `2022-03-01`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
cdns.gigya.com DigiCert SHA2 Secure Server CA	`2021-03-05` - `2022-03-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-01-12` - `2022-01-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-18` - `2021-09-08`	6 months	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-30` - `2021-11-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Frame ID: 0E9D74546B46B84EEF482DC34EF3431A
Requests: 111 HTTP requests in this frame

Frame: https://bellmedia.demdex.net/dest5.html?d_nsid=0
Frame ID: 6452545C2B5D2FA4D3C423168E51E312
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.bnnbloomberg.ca
Frame ID: 9849A19DC62CEFC3F7D437EFD603B02D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 1C2F044A35E146B86043D3A6CE109AEE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i

Page Statistics

116
Requests

100 %
HTTPS

38 %
IPv6

40
Domains

58
Subdomains

46
IPs

6
Countries

2272 kB
Transfer

8063 kB
Size

18
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://support.bell.ca/Billing-and-Accounts/Security_and_privacy/How_does_Bell_respect_my_privacy#displayStep
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.bellmedia.ca/sales/political-ads-registry/
Title: Political Ad Registry

Search URL Search Domain Scan URL

URL: https://www.bellmedia.ca/bell-media-website-terms-conditions/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: http://www.bellmedia.ca/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://sb.scorecardresearch.com/cs/3005664/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 33

https://cm.everesttech.net/cm/dd?d_uuid=22779117649111458913817241985003417461 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJKwOAAAAFdYYg_u HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YJKwOAAAAFdYYg_u

Request Chain 57

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1620226104633&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2254610%26time%3D1620226104633%26url%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1620226104633&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1620226104633&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&liSync=true&e_ipv6=AQJkF-H_X2I77gAAAXk9AF-3HmbJhL1_1I5pamSXoRoEnWVqkzg7xMdHLFLWCoaubIP14t-X

Request Chain 77

https://sb.scorecardresearch.com/b?c1=2&c2=3005664&cs_it=b2&cv=3.8.0.210223&ns__t=1620226104961&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&c8=Hackers%20Target%20Iconic%20Japan%E2%80%99s%20Toshiba%20Rival%20Hoya%20With%20Ransomware%20-%20BNN%20Bloomberg&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005664&cs_it=b2&cv=3.8.0.210223&ns__t=1620226104961&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&c8=Hackers%20Target%20Iconic%20Japan%E2%80%99s%20Toshiba%20Rival%20Hoya%20With%20Ransomware%20-%20BNN%20Bloomberg&c9=

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjI3NzkxMTc2NDkxMTE0NTg5MTM4MTcyNDE5ODUwMDM0MTc0NjE= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjI3NzkxMTc2NDkxMTE0NTg5MTM4MTcyNDE5ODUwMDM0MTc0NjE=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOCQ2b5crEFM7vD9rT0UZW4&google_cver=1?gdpr=0&gdpr_consent=

116 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280 Show response
www.bnnbloomberg.ca/ 202 KB
32 KB 762ms
701ms Document
text/html 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0e96dad6bfbaac636d46789bd70caaf704f7fd3a733d41c73a68540290817fef

Request headers

:method: GET
:authority: www.bnnbloomberg.ca
:scheme: https
:path: /hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html;charset=utf-8
content-encoding: gzip
x-vcache: MISS
accept-ranges: bytes
content-length: 32298
cache-control: public, max-age=60, s-maxage=60
expires: Wed, 05 May 2021 14:49:23 GMT
date: Wed, 05 May 2021 14:48:23 GMT
vary: Accept-Encoding
set-cookie: TS01ed3f75=017a1c6bed3c3fe08d71ed7e428b98020aa686a505da98236305032b32e7aed90aac9de3004bbe0a28c30178a4118a98fcd25d1433; Path=/; Secure

GET
H2 200 style.css
www.bnnbloomberg.ca/css/bnn-bloomberg/ 1 MB
88 KB 27ms
26ms Stylesheet
text/css 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1619513829
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2a52552fcf93b6fc6d56261c88a1aa4d80b6acc9a684b46c8dff4f8eafad201a

Request headers

:path: /css/bnn-bloomberg/style.css?v1619513829
pragma: no-cache
cookie: TS01ed3f75=017a1c6bed3c3fe08d71ed7e428b98020aa686a505da98236305032b32e7aed90aac9de3004bbe0a28c30178a4118a98fcd25d1433
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.bnnbloomberg.ca
referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:23 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 18:38:18 GMT
etag: W/"1052567-1599071898000"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 89392
expires: Wed, 05 May 2021 14:53:23 GMT

GET
H2 200 jquery.min.js Show response
www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/ 91 KB
33 KB 48ms
46ms Script
application/javascript 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

:path: /js/bellmedia/vendor/jquery/jquery.min.js?v1619513829
pragma: no-cache
cookie: TS01ed3f75=017a1c6bed3c3fe08d71ed7e428b98020aa686a505da98236305032b32e7aed90aac9de3004bbe0a28c30178a4118a98fcd25d1433
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bnnbloomberg.ca
referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:23 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 18:38:18 GMT
etag: W/"93435-1599071898000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 33430
expires: Wed, 05 May 2021 14:53:23 GMT

GET
H2 200 jquery-ui-1.10.4.custom.min.js Show response
www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/ 143 KB
38 KB 52ms
50ms Script
application/javascript 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery-ui-1.10.4.custom.min.js?v1619513829
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 47fb8b7f5571b3f676d97f8c7d625bcd773796133c7bdd499a484c5f118a9452

Request headers

:path: /js/bellmedia/vendor/jquery/jquery-ui-1.10.4.custom.min.js?v1619513829
pragma: no-cache
cookie: TS01ed3f75=017a1c6bed3c3fe08d71ed7e428b98020aa686a505da98236305032b32e7aed90aac9de3004bbe0a28c30178a4118a98fcd25d1433
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bnnbloomberg.ca
referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:23 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 18:38:18 GMT
etag: W/"146617-1599071898000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 38948
expires: Wed, 05 May 2021 14:53:23 GMT

GET
H2 200 jquery.ui.touch-punch.min.js Show response
www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/ 1 KB
801 B 52ms
51ms Script
application/javascript 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.ui.touch-punch.min.js?v1619513829
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Request headers

:path: /js/bellmedia/vendor/jquery/jquery.ui.touch-punch.min.js?v1619513829
pragma: no-cache
cookie: TS01ed3f75=017a1c6bed3c3fe08d71ed7e428b98020aa686a505da98236305032b32e7aed90aac9de3004bbe0a28c30178a4118a98fcd25d1433
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bnnbloomberg.ca
referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:23 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 18:38:18 GMT
etag: W/"1291-1599071898000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 597
expires: Wed, 05 May 2021 14:53:23 GMT

GET
H2 200 player.js Show response
webapps.9c9media.com/vidi-player/1.9.x/js/ 1 MB
256 KB 141ms
33ms Script
application/javascript 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapps.9c9media.com/vidi-player/1.9.x/js/player.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 0a8ebb33cfa7f04f0d413129889d87f44f59da9595debf3ea2a23456dbcb8cad

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:23 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 14:42:49 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
content-length: 261446
expires: Wed, 05 May 2021 14:58:23 GMT

GET
H2 200 launch-EN8508e1965b004de29de2dbd977d7156a.min.js Show response
assets.adobedtm.com/ 344 KB
84 KB 24ms
8ms Script
application/x-javascript 2a02:26f0:6c00:2a6::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a6::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b324515d91dc14401794248a4c9c4602e16a99b53711a3cb053d37e4345cc20f

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:23 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 17:32:46 GMT
server: AkamaiNetStorage
etag: "e29d77a8ec1a6d735b9eb26a6cff808d:1615829566.850323"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 85375
expires: Wed, 05 May 2021 15:48:23 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/bellmediaprebidheader755367530455/ 205 KB
73 KB 98ms
33ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/bellmediaprebidheader755367530455/moatheader.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fd5d7bdc3fca8970c5a87052fd2ca8e847ab38cd8ad5a8cd8d7e62f0fb1c6bda

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
last-modified: Wed, 17 Mar 2021 18:09:29 GMT
server: AmazonS3
x-amz-request-id: ZPBKWH0BJ49BAFER
etag: "36d2912c7f11870e316de99a65e5a67b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=57943
accept-ranges: bytes
content-length: 73803
x-amz-id-2: Fxy2/Mrwe2Q6j09pke3k1l/8+wjLfjaXSbTtJ7v/pKdfX2SBIGjzwQv67zVWJMGFSpogGDsFl3U=

GET
H2 200 289d106c-df24-4cd9-a9fa-753e928c23ad-web.js Show response
cdn.permutive.com/ 278 KB
70 KB 144ms
105ms Script
application/javascript 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb93c8cd98d01cf2229670d6cb8f5e66121cc562453817e807d1dd88cd2362f0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 289d106c-df24-4cd9-a9fa-753e928c23ad
age: 220
x-guploader-uploadid: ABg5-UyWIMAoCFm7BT-u34gyS9GdP87ciidsav-GwoE_ksAV4fRYlYJlfUI1Z-4OqSO-CzWFsSkuThcxR0mMMUzTxbA56rQOgg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
cf-request-id: 09de9973ff0000cdb7a78ba000000001
last-modified: Wed, 05 May 2021 06:44:22 GMT
server: cloudflare
etag: W/"99fba2d82b3bafe4722133f613ad299c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=LM7TEQ==, md5=mfui2Cs7r+RyITP2E60pnA==
x-goog-generation: 1620197062663162
cache-control: public, max-age=300
x-goog-stored-content-length: 77531
cf-ray: 64aac4fffc91cdb7-CDG
expires: Wed, 05 May 2021 14:53:24 GMT

GET
H/1.1 200
OK 183816-157675210059039.js Show response
js-sec.indexww.com/ht/p/ 114 KB
34 KB 743ms
672ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fe8023dca8a85845e95ca19fe14f53238de3d57bdd877900bb716f73c81034ec

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 14:48:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 May 2021 14:45:18 GMT
Server: Apache
ETag: "904a36-1c6b0-5c1963e4fab89"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3599
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 34482
Expires: Wed, 05 May 2021 15:48:23 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 22 KB
9 KB 45ms
13ms Script
application/x-javascript 2600:9000:2104:ca00:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ca00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:00:09 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2020 01:43:44 GMT
server: nginx
age: 82095
etag: W/"5fc6f150-5976"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: COOmFwVCGiPkRAx_LyMArDIVY5OP1A9oAagzbU5ta4S-V2JtKrg2LA==
expires: Wed, 05 May 2021 16:00:09 GMT

GET
H2 200 2021_4_30_4c6e47be-3473-44d1-ba26-a3cdbc5fd54d_jpg_980x551.jpg
images2.9c9media.com/image_asset/ 11 KB
11 KB 62ms
33ms Image
image/jpeg 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_4_30_4c6e47be-3473-44d1-ba26-a3cdbc5fd54d_jpg_980x551.jpg?height=135&width=240
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 03862701caca12427fdc26a145ee29aa26fb5f1d09991d27957c008dbd0d3dae

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Fri, 30 Apr 2021 04:00:00 GMT
x-powered-by: ASP.NET
etag: "YHgjduE3141oOb0gEco9bA=="
x-varnish: 252680339 252779220
access-control-allow-origin: *
cache-control: public, max-age=2178000
accept-ranges: bytes
content-type: image/jpeg
content-length: 11112
expires: Sun, 30 May 2021 19:48:24 GMT

GET
H2 200 2021_3_2_a056d666-1769-4101-96bf-bd39275dd430_jpg_980x551.jpg
images2.9c9media.com/image_asset/ 8 KB
8 KB 67ms
38ms Image
image/jpeg 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_3_2_a056d666-1769-4101-96bf-bd39275dd430_jpg_980x551.jpg?height=135&width=240
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: e295ca49c438f26cc28cc6ad767a86fb4b231e3a36b168133920dc99b2ea9d62

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Wed, 28 Apr 2021 04:00:00 GMT
x-powered-by: ASP.NET
etag: "pHG3NpuDDPTJZ1OeTIixbQ=="
x-varnish: 258399025 243457109
access-control-allow-origin: *
cache-control: public, max-age=2019892
accept-ranges: bytes
content-type: image/jpeg
content-length: 8404
expires: Fri, 28 May 2021 23:53:16 GMT

GET
H2 200 2021_2_4_2ab26449-3dd0-4904-a55e-abe6507be617_jpg_980x551.jpg
images2.9c9media.com/image_asset/ 7 KB
7 KB 65ms
36ms Image
image/jpeg 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_2_4_2ab26449-3dd0-4904-a55e-abe6507be617_jpg_980x551.jpg?height=135&width=240
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: bf4e5cb47da1c0ca12d6664390c99d30e07d6d6b7e69e8ce6e4989e5ac9e317b

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Thu, 22 Apr 2021 04:00:00 GMT
x-powered-by: ASP.NET
etag: "2suzSVFyHy7Hr3Tj2/97WA=="
x-varnish: 225823009 215630233
access-control-allow-origin: *
cache-control: public, max-age=1503806
accept-ranges: bytes
content-type: image/jpeg
content-length: 7212
expires: Sun, 23 May 2021 00:31:50 GMT

GET
H2 200 2021_1_29_0680d867-38fb-4c92-9406-6679238229bc_jpg_742x405.jpg
images2.9c9media.com/image_asset/ 9 KB
9 KB 64ms
35ms Image
image/jpeg 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_1_29_0680d867-38fb-4c92-9406-6679238229bc_jpg_742x405.jpg?height=135&width=240
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 0523a9e5902eb1fc66074d4732aca096560971bfcb29b1ffc96ada47ab9b4ea0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Wed, 14 Apr 2021 04:00:00 GMT
x-powered-by: ASP.NET
etag: "GB2c+i1yQE94IVMMEgC+Tg=="
x-varnish: 158877959 165559845
access-control-allow-origin: *
cache-control: public, max-age=782901
accept-ranges: bytes
content-type: image/jpeg
content-length: 9128
expires: Fri, 14 May 2021 16:16:45 GMT

GET
H2 200 2021_1_27_bc485b3f-ad11-456c-838a-e2c4b6532be4_jpg_980x551.jpg
images2.9c9media.com/image_asset/ 6 KB
6 KB 61ms
32ms Image
image/jpeg 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_1_27_bc485b3f-ad11-456c-838a-e2c4b6532be4_jpg_980x551.jpg?height=135&width=240
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 12f81971df0264fc9e026fed13e7a704c99ad945a3332dd79548a0fbc17aa216

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Wed, 14 Apr 2021 04:00:00 GMT
x-powered-by: ASP.NET
etag: "JA7IttIYlH9FmyqLXMc+pw=="
x-varnish: 167649741 163644105
access-control-allow-origin: *
cache-control: public, max-age=762084
accept-ranges: bytes
content-type: image/jpeg
content-length: 5731
expires: Fri, 14 May 2021 10:29:48 GMT

GET
H2 200 2021_1_11_9bf726a9-1699-4f6b-858b-e965741148ac_jpg_980x551.jpg
images2.9c9media.com/image_asset/ 9 KB
9 KB 66ms
37ms Image
image/jpeg 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_1_11_9bf726a9-1699-4f6b-858b-e965741148ac_jpg_980x551.jpg?height=135&width=240
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 6138b52d005d422eea998f1684fb93d93f728b96c981e3bcb365acf1ab2c52f3

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Fri, 16 Apr 2021 04:00:00 GMT
x-powered-by: ASP.NET
etag: "EKJ8ISJ7nw9LQ2ZpFdXfTw=="
x-varnish: 208923422 187783984
access-control-allow-origin: *
cache-control: public, max-age=916348
accept-ranges: bytes
content-type: image/jpeg
content-length: 8741
expires: Sun, 16 May 2021 05:20:52 GMT

GET
H2 200 plugins.min.js Show response
www.bnnbloomberg.ca/js/bellmedia/ 607 KB
176 KB 26ms
26ms Script
application/javascript 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/plugins.min.js?v1619513829
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 95341489d89aa8908b9abe2e7564d0fa12126317225ff006f626c8b38556b058

Request headers

:path: /js/bellmedia/plugins.min.js?v1619513829
pragma: no-cache
cookie: TS01ed3f75=017a1c6bed3c3fe08d71ed7e428b98020aa686a505da98236305032b32e7aed90aac9de3004bbe0a28c30178a4118a98fcd25d1433
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bnnbloomberg.ca
referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:23 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 18:38:18 GMT
etag: W/"621522-1599071898000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 180077
expires: Wed, 05 May 2021 14:53:23 GMT

GET
H2 200 angular.min.js Show response
www.bnnbloomberg.ca/js/bellmedia/ 344 KB
93 KB 26ms
25ms Script
application/javascript 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1294d18482911edd15526fb7a913e11ff77b52866fa729e7ec28d71bd8dfb238

Request headers

:path: /js/bellmedia/angular.min.js?v1619513829
pragma: no-cache
cookie: TS01ed3f75=017a1c6bed3c3fe08d71ed7e428b98020aa686a505da98236305032b32e7aed90aac9de3004bbe0a28c30178a4118a98fcd25d1433; AMCV_BB3937CB5B349FE70A495EAE%40AdobeOrg=-1124106680%7CMCIDTS%7C18753%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bnnbloomberg.ca
referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:23 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 18:38:18 GMT
etag: W/"352468-1599071898000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 95186
expires: Wed, 05 May 2021 14:53:23 GMT

GET
H2 200 main.js Show response
auth.9c9media.ca/auth/ 195 KB
46 KB 54ms
30ms Script
application/javascript 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.9c9media.ca/auth/main.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 85f221f40551269ff0011c811f4acf258c760f6deabfa5a51a05c3797a02c79d

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:23 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 18:48:44 GMT
etag: "08ecb85a60d71:0"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 47312

GET
H2 200 bnn-bloomberg.min.js Show response
www.bnnbloomberg.ca/js/bellmedia/ 272 KB
58 KB 30ms
29ms Script
application/javascript 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/bnn-bloomberg.min.js?v1619513829
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 414dbbbec94367affb47e64423a7d45353438bd3fac60f77aa9f9a376c140e2c

Request headers

:path: /js/bellmedia/bnn-bloomberg.min.js?v1619513829
pragma: no-cache
cookie: TS01ed3f75=017a1c6bed3c3fe08d71ed7e428b98020aa686a505da98236305032b32e7aed90aac9de3004bbe0a28c30178a4118a98fcd25d1433; AMCVS_BB3937CB5B349FE70A495EAE%40AdobeOrg=1; AMCV_BB3937CB5B349FE70A495EAE%40AdobeOrg=-1124106680%7CMCIDTS%7C18753%7CMCMID%7C22649317272972490833750357840086422509%7CMCAAMLH-1620830903%7C6%7CMCAAMB-1620830903%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620233303s%7CNONE%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bnnbloomberg.ca
referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:23 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 18:38:18 GMT
etag: W/"278768-1599071898000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 59034
expires: Wed, 05 May 2021 14:53:23 GMT

GET
H2 200 articles.min.js Show response
www.bnnbloomberg.ca/js/bellmedia/partials/common/ 1 KB
692 B 27ms
26ms Script
application/javascript 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/partials/common/articles.min.js?v1619513829
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b3916c96656bea206c1f5b3098e81544b462efdb59c1f293317844a42f0a6236

Request headers

:path: /js/bellmedia/partials/common/articles.min.js?v1619513829
pragma: no-cache
cookie: TS01ed3f75=017a1c6bed3c3fe08d71ed7e428b98020aa686a505da98236305032b32e7aed90aac9de3004bbe0a28c30178a4118a98fcd25d1433; AMCVS_BB3937CB5B349FE70A495EAE%40AdobeOrg=1; AMCV_BB3937CB5B349FE70A495EAE%40AdobeOrg=-1124106680%7CMCIDTS%7C18753%7CMCMID%7C22649317272972490833750357840086422509%7CMCAAMLH-1620830903%7C6%7CMCAAMB-1620830903%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620233303s%7CNONE%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bnnbloomberg.ca
referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 18:38:18 GMT
etag: W/"1200-1599071898000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 488
expires: Wed, 05 May 2021 14:53:24 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 97ms
46ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 05 May 2021 14:48:24 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 includeAuth3.js Show response
beta.ctvnews.ca/content/dam/static-resources/ 30 KB
7 KB 56ms
30ms Script
application/javascript 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://beta.ctvnews.ca/content/dam/static-resources/includeAuth3.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-198.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d84c419bb39b3ef7ee04cce175b7b79ff638616976aab07ba909377bcc773b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.ampproject.org/ https://.ctvnews.ca https://.cms.9c9media.net/ https://use.fontawesome.com/ 'unsafe-inline' data: blob: https://adservice.google.com/ https://adservice.google.ca/ https://.casalemedia.com/ https://aax.amazon-adsystem.com/ https://.doubleclick.net/ https://.9c9media.com/ https://.9c9media.ca/ https://.bellmedia.ca/ https://.googlesyndication.com/ https://www.googletagservices.com/ https://.chartbeat.com/ https://.krxd.net/ https://.scorecardresearch.com/ 'unsafe-eval' https://.akamaized.net/ https://.gstatic.com/ https://.agkn.com/ https://smetrics.ctv.ca/ https://z.moatads.com/ https://px.moatads.com/ https://ssl.p.jwpcdn.com/ https://.googleapis.com/ https://entitlements.jwplayer.com/ https://.conviva.com/ https://.2mdn.net/ https://jwpltx.com/ http://.ctvnews.ca/ https://.chartbeat.net/ https://www.googletagservices.com/ https://.facebook.net/ https://.facebook.com/ https://.ampproject.net/ https://.twitter.com/ https://.instagram.com/ https://.twimg.com/ https://.adroll.com/ https://.turn.com/ https://.yahoo.com/ https://.advertising.com/ https://.everesttech.net/ https://.fbcdn.net https://.adform.net/ https://.betrad.com/ https://.evidon.com/ https://.youtube.com/ https://.akamaihd.net/ https://.jwpsrv.com/ https://assets.adobedtm.com/ https://.demdex.net/ https://bellmedia.sc.omtrdc.net/ https://bellmedia.hb.omtrdc.net https://.appspot.com/ https://bellmedia.amp.permutive.com/ https://www.adsrvr.org/ https://.permutive.com/ https://www.google/ads/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jul 2020 17:34:41 GMT
etag: "7835-5ab0b279ace40"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=17809137
date: Wed, 05 May 2021 14:48:24 GMT
content-security-policy: default-src 'self' https://cdn.ampproject.org/ https://*.ctvnews.ca https://*.cms.9c9media.net/ https://use.fontawesome.com/ 'unsafe-inline' data: blob: https://adservice.google.com/ https://adservice.google.ca/ https://*.casalemedia.com/ https://aax.amazon-adsystem.com/ https://*.doubleclick.net/ https://*.9c9media.com/ https://*.9c9media.ca/ https://*.bellmedia.ca/ https://*.googlesyndication.com/ https://www.googletagservices.com/ https://*.chartbeat.com/ https://*.krxd.net/ https://*.scorecardresearch.com/ 'unsafe-eval' https://*.akamaized.net/ https://*.gstatic.com/ https://*.agkn.com/ https://smetrics.ctv.ca/ https://z.moatads.com/ https://px.moatads.com/ https://ssl.p.jwpcdn.com/ https://*.googleapis.com/ https://entitlements.jwplayer.com/ https://*.conviva.com/ https://*.2mdn.net/ https://jwpltx.com/ http://*.ctvnews.ca/ https://*.chartbeat.net/ https://www.googletagservices.com/ https://*.facebook.net/ https://*.facebook.com/ https://*.ampproject.net/ https://*.twitter.com/ https://*.instagram.com/ https://*.twimg.com/ https://*.adroll.com/ https://*.turn.com/ https://*.yahoo.com/ https://*.advertising.com/ https://*.everesttech.net/ https://*.fbcdn.net https://*.adform.net/ https://*.betrad.com/ https://*.evidon.com/ https://*.youtube.com/ https://*.akamaihd.net/ https://*.jwpsrv.com/ https://assets.adobedtm.com/ https://*.demdex.net/ https://bellmedia.sc.omtrdc.net/ https://bellmedia.hb.omtrdc.net https://*.appspot.com/ https://bellmedia.amp.permutive.com/ https://www.adsrvr.org/ https://*.permutive.com/ https://www.google/ads/;
accept-ranges: bytes
content-length: 6087
x-xss-protection: 1;mode=block
expires: Sat, 27 Nov 2021 17:47:21 GMT

GET
H2 200 omnitureTVE.js Show response
www.bnnbloomberg.ca/js/bellmedia/ 6 KB
2 KB 25ms
25ms Script
application/javascript 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/omnitureTVE.js?v1619513829
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dfefc713c8aa5219d62a4a95472c746c14dfcec3fade42c35b21ce8f4e493e48

Request headers

:path: /js/bellmedia/omnitureTVE.js?v1619513829
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bnnbloomberg.ca
referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 18:38:18 GMT
etag: W/"5773-1599071898000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 1612
expires: Wed, 05 May 2021 14:53:24 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Wed, 05 May 2021 14:48:24 GMT

GET
H3-29 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ 4 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Wed, 05 May 2021 14:48:24 GMT

GET
H2 200 jwplayer.js Show response
webapps.9c9media.com/vidi-player/1.9.19/lib/jwplayer/ 111 KB
36 KB 33ms
32ms Script
application/javascript 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapps.9c9media.com/vidi-player/1.9.19/lib/jwplayer/jwplayer.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 078feae69d4c91814c191cc9ebd12c75ab755132f9b7cb3759cd6712d6a16eca

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 14:42:53 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
content-length: 36678
expires: Wed, 05 May 2021 14:58:24 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 596 B
1 KB 141ms
37ms XHR
application/json 34.252.115.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=BB3937CB5B349FE70A495EAE%40AdobeOrg&d_nsid=0&ts=1620226103788

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-115-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

8e714bc3b8e26dea772b229d76d0125ca75615bb2a30b407b070d4e010af3cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v005-0332023b8.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: HnvTUd46Q34=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.bnnbloomberg.ca
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 439
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00:2a6::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a6::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Wed, 05 May 2021 15:48:24 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:6c00:2a6::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a6::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Wed, 05 May 2021 15:48:24 GMT

GET
H2 200 moatcontent.js Show response
z.moatads.com/bellmedia966Bwny69/ 0
256 B 71ms
65ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/bellmedia966Bwny69/moatcontent.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Fri, 26 Mar 2021 18:45:53 GMT
server: AmazonS3
x-amz-request-id: 4YR384E8ARDSV7X3
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: application/x-javascript
cache-control: max-age=58881
accept-ranges: bytes
content-length: 0
x-amz-id-2: Z+f1S3ykIMkBCHniDQa9MZjt+BJ5bNhQkSqaW/krQkeKdu5PCwUZCByjEplhYqcGtnZ0fIbWwps=

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/3005664/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
4 KB

29ms
28ms

Script
application/javascript

65.9.73.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:44:04 GMT
via: 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb7.cloudfront.net (CloudFront)
etag: "5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 261
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 3690
x-amz-cf-id: xC--onRhokz9dGWzVaGdvmW_JNcsbXXa7Ehn1KwudFaVcYhhs8u4CA==

Redirect headers

date: Wed, 05 May 2021 14:48:24 GMT
via: 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb7.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: jRezqaOKTGns7-ndBfUMENbiX-0t_CQSqHHdAfJIo_086f-G4p98mA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 61 KB
21 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d835ee0b2f97a1383475022cc9cceeb1f34249f5fc2a503a1b8a79f7b88fee3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "862 / 604 of 1000 / last-modified: 1620213035"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21188
x-xss-protection: 0
expires: Wed, 05 May 2021 14:48:24 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=22779117649111458913817241985003417461
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJKwOAAAAFdYYg_u
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YJKwOAAAAFdYYg_u

42 B
973 B

38ms
38ms

Image
image/gif

34.252.115.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YJKwOAAAAFdYYg_u

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-115-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0a0d870e0.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: M2kNp8HOTrM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v005-00a91d7f9.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: q15KnWnhTis=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YJKwOAAAAFdYYg_u
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 114 KB
37 KB 51ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:29 GMT
server: nginx
etag: W/"605322dd-1c9d1"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 May 2021 14:48:24 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
547 B 104ms
33ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183816
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8f75ecee0fa1eb323b4f768512289808b29865a4e6b764669163a7b17742891c

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 04 Jun 2021 14:48:24 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
331 B 93ms
40ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 controltag Show response
cdn.krxd.net/ 28 KB
11 KB 78ms
24ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag?confid=InSaVlLc
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fb94f25440a627aef0324c8c4c694a78e8427fef4055643657e3f0107b92eb6e

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 05 May 2021 14:48:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 462
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 10432
x-served-by: config-service-a004-ash-prod.krxd.net, cache-bwi5136-BWI, cache-hhn4024-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1620226104.398949,VS0,VE1
etag: "631e8323ef2584150acb9866c1f5741df37f762b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 2, 1

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1f3555e5bebe3dea9575c38bb2374c356f3e14100398f3a3b56f0787898e66ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: cPOgxL7RBLF+fNQ/uVHWVw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: w3SEUfw/meVlZOCgLp1N9QjaCww1WrmK1M+7vyWevHpspv0jXnxqZP5r4n+/nHH8S/PjNaMF/S5K0H7aNHzrZw==
x-fb-trip-id: 686109401
x-fb-content-md5: 8d0ebb0eb20c723f62cf01e9a1a5e3d1
x-frame-options: DENY
date: Wed, 05 May 2021 14:48:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8e438f9c7969fb217278f9d449a68fea"
timing-allow-origin: *
expires: Wed, 05 May 2021 14:54:56 GMT

GET
H2 200 BNN-Sprites-x3.png
www.bnnbloomberg.ca/img/bnn/ 103 KB
103 KB 26ms
25ms Image
image/png 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bnnbloomberg.ca/img/bnn/BNN-Sprites-x3.png
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1619513829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3c423060975a447c389133494d357ed141f474e4c8a2939a4f34047224ec5e3c

Request headers

:path: /img/bnn/BNN-Sprites-x3.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bnnbloomberg.ca
referer: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1619513829
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1619513829
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Wed, 02 Sep 2020 18:38:18 GMT
etag: W/"105019-1599071898000"
x-vcache: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 105019
expires: Wed, 05 May 2021 14:53:24 GMT

GET
H/1.1 200
OK dest5.html Show response
bellmedia.demdex.net/ Frame 6452 7 KB
3 KB 153ms
35ms Document
text/html 34.243.47.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bellmedia.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-47-58.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: bellmedia.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bnnbloomberg.ca/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bnnbloomberg.ca/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 5 May 2021 14:48:24 GMT
DCS: dcs-prod-irl1-1-v005-0332023b8.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 22 Apr 2021 14:22:49 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 9gTSRynUS1I=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: PY13NZAAywb/ZuQylrHi6APjHMeSWazQ9sz74czodJFVPyiNZG0CHyFt8rDH/GungWdhNKwYDN8ZwHaENkqZ7Q==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 05 May 2021 14:48:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 19ms
18ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 14:48:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=9174
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 80ms
25ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 53344
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1620226104.410778,VS0,VE0
x-served-by: cache-fra19148-FRA

GET
H2 200 preloader_black.svg
www.bnnbloomberg.ca/img/elements/preloaders/ 6 KB
2 KB 44ms
43ms Image
image/svg+xml 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bnnbloomberg.ca/img/elements/preloaders/preloader_black.svg?1579786406
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1619513829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cf39400dc753631915a397967da2fde8d95e89f728e374a08d8c6fd10d4b5971

Request headers

:path: /img/elements/preloaders/preloader_black.svg?1579786406
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bnnbloomberg.ca
referer: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1619513829
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1619513829
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 18:38:18 GMT
etag: W/"6587-1599071898000"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
x-vcache: MISS
accept-ranges: bytes
content-length: 1362
expires: Wed, 05 May 2021 14:53:24 GMT

GET
H2 200 video-play.png
www.bnnbloomberg.ca/img/icons/ 5 KB
5 KB 25ms
25ms Image
image/png 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bnnbloomberg.ca/img/icons/video-play.png
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1619513829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 289d4b67d5b25037a74bf891dbd7db6fc946e56bbdb5946523e94322b296fa55

Request headers

:path: /img/icons/video-play.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bnnbloomberg.ca
referer: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1619513829
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1619513829
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Wed, 02 Sep 2020 18:38:18 GMT
etag: W/"4936-1599071898000"
x-vcache: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4936
expires: Wed, 05 May 2021 14:53:24 GMT

GET
H/1.1 403
Forbidden gigya.js
cdns.gigya.com/js/ 0
0 202ms
138ms Script
text/javascript 2.18.234.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.gigya.com/js/gigya.js?apiKey=3_XLe6j4XtKn0CRHynAmTCyx8RZxX1brcJGNNjgzFIuFKCAqvkD4HVYHMykJ5z969V
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 30ms
29ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=57483
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1292
date: Wed, 05 May 2021 14:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 05 May 2021 16:26:52 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 14ms
14ms Script
application/x-javascript 2600:9000:2104:ca00:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ca00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 15:43:59 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:06:15 GMT
server: nginx
age: 83065
etag: W/"60665ff7-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 3UsfFMLeLfbQHofHLyclVNJhQ8kb4A4KrPDsURlneyaiVRfVKWS9Hw==
expires: Wed, 05 May 2021 15:43:59 GMT

GET
H2 200 RCe714d7b84ce14ee0a28df675bbd5cf5b-source.min.js Show response
assets.adobedtm.com/653e7ca2fc48/14929d193258/123e547f4168/ 478 B
553 B 8ms
8ms Script
application/x-javascript 2a02:26f0:6c00:2a6::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/653e7ca2fc48/14929d193258/123e547f4168/RCe714d7b84ce14ee0a28df675bbd5cf5b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a6::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ded40c4946e42576820ef3d03c68324c0967833fb7bd4cd8b6f177522f5fccbc

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 17:32:47 GMT
server: AkamaiNetStorage
etag: "fac417e91a1e5f27f17fdf6229332f05:1615829567.87055"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 285
expires: Wed, 05 May 2021 15:48:24 GMT

GET
H2 200 RC2d6da016bf28471c8bc669fb84568d84-source.min.js Show response
assets.adobedtm.com/653e7ca2fc48/14929d193258/123e547f4168/ 512 B
593 B 10ms
10ms Script
application/x-javascript 2a02:26f0:6c00:2a6::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/653e7ca2fc48/14929d193258/123e547f4168/RC2d6da016bf28471c8bc669fb84568d84-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a6::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fe6e64f43e2669eae4cd5c250cde660a92521e0a575780740f78e2d46befc296

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 17:32:47 GMT
server: AkamaiNetStorage
etag: "fac417e91a1e5f27f17fdf6229332f05:1615829567.87055"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 325
expires: Wed, 05 May 2021 15:48:24 GMT

GET
H/1.1 200
OK contents Show response
capi.9c9media.com/destinations/bnn_web/platforms/desktop/collections/273/ 139 KB
23 KB 107ms
35ms XHR
application/json 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.9c9media.com/destinations/bnn_web/platforms/desktop/collections/273/contents?$include=[Images,Desc,ShortDesc,BroadcastDate,Type,BroadcastTime,ContentPackages,Media,Keywords,Genres,Tags]&$page=1&$top=100&$inlinecount=&Images.Type=thumbnail
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.0 /
Resource Hash: 22d71eff61c7944920a7e3bf5e6fdbc25a22e6a79be3457c1ad24e7f9ff00035

Request headers

Accept: */*
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Home: 9c9-axis-capi-2
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
Date: Wed, 05 May 2021 14:48:24 GMT
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Accept, X-FORWARDED-FOR, Home
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 22991
Expires: Wed, 05 May 2021 14:48:24 GMT

GET
H2 200 prod Show response
auth.9c9media.ca/api/config/bnn/web/ 0
0 41ms
40ms Script
text/html 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.9c9media.ca/api/config/bnn/web/prod?callback=axisconfig
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-methods: OPTIONS

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-50ec42877c97615a/ 917 B
565 B 74ms
72ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-50ec42877c97615a/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-85-134.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bf8436a515e4055bc63645c9eb3a2086fafbfdb45128a4d6e0eed96d16e78203

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
etag: -1696646022--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=50, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 388

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 126 KB
33 KB 95ms
35ms Script
application/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/bnn-bloomberg.min.js?v1619513829
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 04:56:34 GMT
content-encoding: gzip
server: Server
age: 35510
etag: 8975e8311e479cf7d71d71133ee2dff8
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
x-amz-cf-id: pkhLby2UNMcoQXj-TeIBaGdiikxq64A5P8PqiPFbFnUV_K0BX8Fz6A==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 211 KB
62 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c106e885b4a6e8ef8232f2f99a20ed1d&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b77e33093d045dfb095ce0dd819e09921191d4e9dc9b53d144bc91557e5fb4f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.bnnbloomberg.ca
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 1ZuazXklYYBgySGHx9Khsw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 63643
x-fb-rlafr: 0
x-fb-debug: MPSIfxPAJRKu/LZMknXYJR7nqXqhZuvCK51eb94fKtu9UpOiUn87qofIDiXu7c1u2xWykOI5TTa+ebkkQ0gSCA==
x-fb-content-md5: 541743e7e1bfc976c67e42e303017b34
x-frame-options: DENY
date: Wed, 05 May 2021 14:48:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "9d6b0f4f3e75c365a70e9725f04894a6"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 May 2022 14:06:13 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1620226104633&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2254610%26time%3D1620226104633%26url%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1620226104633&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&liSy...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1620226104633&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&liS...

0
63 B

180ms
180ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1620226104633&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&liSync=true&e_ipv6=AQJkF-H_X2I77gAAAXk9AF-3HmbJhL1_1I5pamSXoRoEnWVqkzg7xMdHLFLWCoaubIP14t-X
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:25 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: 3nTj/Q4zfBbwO/7DhCsAAA==

Redirect headers

date: Wed, 05 May 2021 14:48:25 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1620226104633&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&liSync=true&e_ipv6=AQJkF-H_X2I77gAAAXk9AF-3HmbJhL1_1I5pamSXoRoEnWVqkzg7xMdHLFLWCoaubIP14t-X
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: htUd8w4zfBawKgjd9ioAAA==

GET
H3-29 200 260030771280344 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/260030771280344?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

28a596df87b9d92470bceecddc975aa14b721cf3ab5134284aed757c05433e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74043
x-fb-rlafr: 0
pragma: public
x-fb-debug: TwjBhY/Ph+oU4kz61teZX3Vjf1eXRRS2KmNtvdssImKL9V9fadhaCC0RQwyHW15eQjmmjgRKI3Nt/+tzQxru4g==
x-frame-options: DENY
date: Wed, 05 May 2021 14:48:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl_2021042801.js Show response
securepubads.g.doubleclick.net/gpt/ 300 KB
106 KB 146ms
51ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:37:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108145
x-xss-protection: 0
expires: Wed, 05 May 2021 14:48:24 GMT

GET
H2 200 controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727 Show response
cdn.krxd.net/ctjs/ 249 KB
80 KB 24ms
24ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag?confid=InSaVlLc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
age: 3586440
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 56360
content-length: 81295
x-served-by: cache-hhn4024-HHN
last-modified: Wed, 11 Mar 2020 14:15:55 GMT
x-timer: S1620226105.677735,VS0,VE0
etag: "e4cdf7ad64ebac73f207c1ce55cc1727"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sat, 09 Mar 2030 14:15:54 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1197788506&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&ul=en-us&de=UTF-8&dt=Hackers%20Target%20Iconic%20Japan%E2%80%99s%20Toshiba%20Rival%20Hoya%20With%20Ransomware%20-%20BNN%20Bloomberg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=973028630&gjid=48080889&cid=400164843.1620226105&tid=UA-19846804-1&_gid=2110490008.1620226105&_r=1&_slc=1&z=457272671

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 May 2021 14:48:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 256 B
430 B 130ms
52ms Script
text/html 52.214.0.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-e%2Fq8rRsiY9DHPuItB1naGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&pcode=bellmediaprebidheader755367530455&callback=MoatNadoAllJsonpRequest_65654957
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/bellmediaprebidheader755367530455/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.0.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-0-210.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 3a8eeac4d696eaec4219bd45b8e13609dcb9769f65ef8de87d45e71072ef2d26

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "e49eb92c1b70d096adaefbbcec29b06abc915c17"
content-length: 256
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 114 B
289 B 125ms
42ms Script
text/html 52.212.177.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-e%2Fq8rRsiY9DHPuItB1naGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&pcode=bellmediaprebidheader755367530455&ql=&qo=0&i=BELLMEDIA_PREBID_HEADER1&hp=1&wf=1&pxm=&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1620226104717&de=228307403137&rx=408141063235&m=0&ar=e85cdf4-clean&iw=e718bb3&q=1&cb=0&cu=1620226104717&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRC=1&gu=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&id=1&ii=4&bo=undefined&bd=undefined&gw=bellmediaprebidheader755367530455&fd=1&ac=1&it=500&pe=1%3A1573%3A1573%3A0%3A1752&fs=189893&na=1545322273&cs=0&callback=MoatDataJsonpRequest_65654957
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/bellmediaprebidheader755367530455/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.177.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-177-60.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 54f79ead0695ebb4bd48e9eabd97df7b7a61485e2e13eddbf26ab6a096b06b6d

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "4d7693e4b81de2c062389fe6b255ce6e1ee9d06d"
content-length: 114
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 42ms
40ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1620226104717&de=755529507944&d=BELLMEDIA_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=e85cdf4-clean&iw=e718bb3&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=bnnbloomberg.ca&bd=bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&ac=1&bq=11&f=0&na=1074245247&cs=0
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 05 May 2021 14:48:24 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 303ms
98ms Image
image/gif 54.85.197.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=bnnbloomberg.ca&p=%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&u=CmYZJhzgMaHB3ojGF&d=bnnbloomberg.ca&g=65778&g0=Technology&g1=Daniele%20Lepido%2C%20Bloomberg%20News&n=1&f=00001&c=0&x=0&m=0&y=1692&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2061&t=NbnBOBbBg29BOegWJBFt7Ebax4kU&V=126&i=Hackers%20Target%20Iconic%20Japan%E2%80%99s%20Toshiba%20Rival%20Hoya%20With%20Ransomware%20-%20BNN%20Bloomberg&tz=-120&sn=1&sv=NM_GQBcybyNWMdBCaE0MvCbt-E6&sd=1&im=067b0fff&_
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.197.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-197-32.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 14:48:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 235 B
498 B 124ms
108ms XHR
application/json 2a04:4e42:1b::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=bnnbloomberg.ca&domain=bnnbloomberg.ca&path=%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 99b16cce76c91d13a921656ce55b6e61d81673ec14c090ee43708a21379613e2

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
expires: Mon, 03 May 2021 14:48:24 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
x-cache-hits: 0
accept-ranges: bytes
x-timer: S1620226105.819167,VS0,VE102
content-length: 177
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-served-by: cache-hhn4074-HHN

GET
H2 200 adsct
t.co/i/ 43 B
448 B 179ms
129ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o49jr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 105
pragma: no-cache
last-modified: Wed, 05 May 2021 14:48:24 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ba5c166cd72632bdbf80cdfba8a65afc
x-transaction: 003a0d900075b53c
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
88 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-19846804-1&cid=400164843.1620226105&jid=973028630&gjid=48080889&_gid=2110490008.1620226105&_u=IEBAAEAAAAAAAC~&z=848704019

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 05 May 2021 14:48:24 GMT
content-type: text/plain
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 autoplay-off.json Show response
webapps.9c9media.com/config/vidi-player/v1/bnn/ 32 KB
9 KB 111ms
36ms XHR
application/json 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapps.9c9media.com/config/vidi-player/v1/bnn/autoplay-off.json
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 756e4ddc381d9acab2a88ab3da6e2ab5baf1f51071a64c0faaab7ee015065c1e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:25 GMT
content-encoding: gzip
last-modified: Mon, 03 May 2021 16:28:56 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
content-length: 8501
expires: Wed, 05 May 2021 14:58:25 GMT

GET
H2 200 2021_5_5_d133d801-2bf7-40a6-8a40-d3d0b2ea4307_jpg_980x551.jpg
images2.9c9media.com/image_asset/ 5 KB
5 KB 46ms
45ms Image
image/jpeg 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_5_5_d133d801-2bf7-40a6-8a40-d3d0b2ea4307_jpg_980x551.jpg?width=140&height=79
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: b91db2aa8be975a61d95186b301ecefd37055a1be40301c872c290dc32e4c3c9

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Wed, 05 May 2021 04:00:00 GMT
x-powered-by: ASP.NET
etag: "uG3TzzT0/R8Bx/F2j8nbBw=="
x-varnish: 269970092 272458389
access-control-allow-origin: *
cache-control: public, max-age=2590980
accept-ranges: bytes
content-type: image/jpeg
content-length: 4742
expires: Fri, 04 Jun 2021 14:31:24 GMT

GET
H2 200 2021_5_5_c87c4b05-da40-4b9d-a1c1-71dfb2e137a5_PNG_763x428.jpg
images2.9c9media.com/image_asset/ 4 KB
4 KB 46ms
45ms Image
image/jpeg 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_5_5_c87c4b05-da40-4b9d-a1c1-71dfb2e137a5_PNG_763x428.jpg?width=140&height=79
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 8bfd760b2837a72858803a03eb1f77120b1651212ccb2e3358586bf79e2c2a13

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Wed, 05 May 2021 04:00:00 GMT
x-powered-by: ASP.NET
etag: "acKOKA7TLguQcEVrVNF94A=="
x-varnish: 273867951 275596888
access-control-allow-origin: *
cache-control: public, max-age=2587945
accept-ranges: bytes
content-type: image/jpeg
content-length: 4306
expires: Fri, 04 Jun 2021 13:40:49 GMT

GET
H2 200 2021_5_5_e7b36c35-55e4-4111-8d39-ac4734b1862e_PNG_764x428.jpg
images2.9c9media.com/image_asset/ 3 KB
4 KB 47ms
45ms Image
image/jpeg 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_5_5_e7b36c35-55e4-4111-8d39-ac4734b1862e_PNG_764x428.jpg?width=140&height=79
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 02f9c2939a0392f3234207c2e82e47e2cd948be1c19e6891c7781feca50fbf72

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Wed, 05 May 2021 04:00:00 GMT
x-powered-by: ASP.NET
etag: "zCxhtTvgvMw2H8RhFJ8/7w=="
x-varnish: 272959223 272958591
access-control-allow-origin: *
cache-control: public, max-age=2586808
accept-ranges: bytes
content-type: image/jpeg
content-length: 3540
expires: Fri, 04 Jun 2021 13:21:52 GMT

GET
H2 200 2021_5_5_4d4744df-fa59-4771-80a0-37153572f535_jpg_741x418.jpg
images2.9c9media.com/image_asset/ 4 KB
4 KB 47ms
46ms Image
image/jpeg 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_5_5_4d4744df-fa59-4771-80a0-37153572f535_jpg_741x418.jpg?width=140&height=79
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 79727b6880d5e020ab2b496ac7f7be48647281e32c44739d5580a88afe5628e7

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Wed, 05 May 2021 04:00:00 GMT
x-powered-by: ASP.NET
etag: "2gaSLhyISQiW14FzsyPiMg=="
x-varnish: 275039403 276310052
access-control-allow-origin: *
cache-control: public, max-age=2586567
accept-ranges: bytes
content-type: image/jpeg
content-length: 4069
expires: Fri, 04 Jun 2021 13:17:51 GMT

GET
H2 200 2021_5_5_624bca98-701c-454e-9d07-dd9079f90321_jpg_980x551.jpg
images2.9c9media.com/image_asset/ 4 KB
4 KB 47ms
46ms Image
image/jpeg 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_5_5_624bca98-701c-454e-9d07-dd9079f90321_jpg_980x551.jpg?width=140&height=79
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 1b4175dc2e0cf3f15ffe8497c8fa1f4334106e6abafc0179fc7449e485cfac39

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Wed, 05 May 2021 04:00:00 GMT
x-powered-by: ASP.NET
etag: "4WC/UjTGNwvdtmA/0BD5ug=="
x-varnish: 275825992 275978955
access-control-allow-origin: *
cache-control: public, max-age=2587099
accept-ranges: bytes
content-type: image/jpeg
content-length: 3605
expires: Fri, 04 Jun 2021 13:26:43 GMT

GET
H2 200 preloader_black_video.gif
www.bnnbloomberg.ca/img/elements/preloaders/ 7 KB
8 KB 26ms
25ms Image
image/gif 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bnnbloomberg.ca/img/elements/preloaders/preloader_black_video.gif
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8733ad4061e0afc25916e6154d2249da919d8ae5d0b113cda5368ec41d480f03

Request headers

:path: /img/elements/preloaders/preloader_black_video.gif
pragma: no-cache
cookie: BM-BNN-Continuous-Play=true; ctaClosed=%22false%22; __atuvc=1%7C18; __atuvs=6092b03802cb1caa000; _cb_ls=1; _ga=GA1.2.400164843.1620226105; _gid=GA1.2.2110490008.1620226105; _gat=1; _cb=CmYZJhzgMaHB3ojGF; _chartbeat2=.1620226104765.1620226104765.1.NM_GQBcybyNWMdBCaE0MvCbt-E6.1; _cb_svref=null
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bnnbloomberg.ca
referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Wed, 02 Sep 2020 18:38:18 GMT
etag: W/"7622-1599071898000"
x-vcache: MISS
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7622
expires: Wed, 05 May 2021 14:53:24 GMT

GET
H2 200 BNN-Sprites_smaller.png
www.bnnbloomberg.ca/img/bnn/ 80 KB
81 KB 25ms
25ms Image
image/png 104.70.84.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bnnbloomberg.ca/img/bnn/BNN-Sprites_smaller.png
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1619513829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-84-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f5e038d94254f00ca0c849d9d312b9024811735c4531745167d7b4fa5fe24bfe

Request headers

:path: /img/bnn/BNN-Sprites_smaller.png
pragma: no-cache
cookie: BM-BNN-Continuous-Play=true; ctaClosed=%22false%22; __atuvc=1%7C18; __atuvs=6092b03802cb1caa000; _cb_ls=1; _ga=GA1.2.400164843.1620226105; _gid=GA1.2.2110490008.1620226105; _gat=1; _cb=CmYZJhzgMaHB3ojGF; _chartbeat2=.1620226104765.1620226104765.1.NM_GQBcybyNWMdBCaE0MvCbt-E6.1; _cb_svref=null
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.bnnbloomberg.ca
referer: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1619513829
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1619513829
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:24 GMT
last-modified: Wed, 02 Sep 2020 18:38:18 GMT
etag: W/"82160-1599071898000"
x-vcache: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 82160
expires: Wed, 05 May 2021 14:53:24 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005664&cs_it=b2&cv=3.8.0.210223&ns__t=1620226104961&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-wi...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005664&cs_it=b2&cv=3.8.0.210223&ns__t=1620226104961&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-w...

64 B
329 B

44ms
43ms

Image
image/gif

65.9.73.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005664&cs_it=b2&cv=3.8.0.210223&ns__t=1620226104961&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&c8=Hackers%20Target%20Iconic%20Japan%E2%80%99s%20Toshiba%20Rival%20Hoya%20With%20Ransomware%20-%20BNN%20Bloomberg&c9=
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:25 GMT
via: 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb7.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: x0lxFXK_glNrDxyFUdiy2noHb9yvgXy8S7q-yXm5e80WeJgvOpCuuA==

Redirect headers

date: Wed, 05 May 2021 14:48:24 GMT
via: 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb7.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=3005664&cs_it=b2&cv=3.8.0.210223&ns__t=1620226104961&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&c8=Hackers%20Target%20Iconic%20Japan%E2%80%99s%20Toshiba%20Rival%20Hoya%20With%20Ransomware%20-%20BNN%20Bloomberg&c9=
content-length: 361
x-amz-cf-id: wYVHfE_YqqFqN5s0jEFoALdXSuT7zd8szq6bUTQWcyHJ9ZGIlN19_Q==

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 29ms
28ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 05 May 2021 14:48:24 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
373 B 56ms
55ms XHR
text/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3733&u=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&pid=XWMzIi4ecMZEu&cb=0&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F5479%2Fctv.bnn%2FTechnology%2FArticle%2Fleaderboard-ad%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5479%2Fctv.bnn%2FTechnology%2FArticle%2Ffluid-ad%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%2230x1%22%5D%2C%22sn%22%3A%22%2F5479%2Fctv.bnn%2FTechnology%2FArticle%2FadSlimCut%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:25 GMT
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: PJwTZAOtPHVQElJGu7-gPuaB9edmX9P7G71za_n3XaThJApa_u5Eqg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 86ms
29ms XHR
application/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 67520
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Tue, 04 May 2021 20:03:06 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 9QWKtl_8XmChSn8aPrKSNLtFVP9AhwAK4ImhwuQSsl5-IKVS3bxJtA==

GET
H3-29 200 417766778714379 Show response
connect.facebook.net/signals/config/ 255 KB
73 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/417766778714379?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86488387bb7d778b5c5741c32edfba5bac5b10371c249d27a7253ff54a97aa8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74453
x-xss-protection: 0
pragma: public
x-fb-debug: 8CCauZxIADBRJBGI4fz7r0GV1+rp6KcF6a6qssvYyXuPQPRIAYypECfdABbFQaqmDA8hyUqqVkKeYXlZESIDvA==
date: Wed, 05 May 2021 14:48:25 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEOCQ2b5crEFM7vD9rT0UZW4&google_cver=1
dpm.demdex.net/ Frame 6452
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjI3NzkxMTc2NDkxMTE0NTg5MTM4MTcyNDE5ODUwMDM0MTc0NjE=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjI3NzkxMTc2NDkxMTE0NTg5MTM4MTcyNDE5ODUwMDM0MTc0NjE=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOCQ2b5crEFM7vD9rT0UZW4&google_cver=1?gdpr=0&gdpr_consent=

42 B
973 B

44ms
43ms

Image
image/gif

34.252.115.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOCQ2b5crEFM7vD9rT0UZW4&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-115-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://bellmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0a2e37b07.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 42J4hLAVTVE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 05 May 2021 14:48:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOCQ2b5crEFM7vD9rT0UZW4&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-prod.json Show response
webapps.9c9media.com/config/vidi-chromecast/v2/bnn/ 11 KB
4 KB 35ms
35ms XHR
application/json 2.18.234.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapps.9c9media.com/config/vidi-chromecast/v2/bnn/web-prod.json
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-219.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: dc80f30d11919d02f5126767744d4887cd92f61cc016716b981ff164aec925db

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:25 GMT
content-encoding: gzip
last-modified: Mon, 03 May 2021 16:24:51 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
content-length: 3516
expires: Wed, 05 May 2021 14:58:25 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 209ms
138ms XHR
application/javascript 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=15841007&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=CqZvl1BU&psa=0&promo_sizes=970x250%2C970x90&referrer=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

78cbb82ad7c4d70285369bf11ba0a4eb99317ec1ecd54d32d2a8be937f1cd150

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 14:48:25 GMT
X-Proxy-Origin: 185.246.211.87; 185.246.211.87; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.80:80
AN-X-Request-Uuid: cc825663-6485-46c7-b58c-a2caa3341c8e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bnnbloomberg.ca
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
756 B 79ms
25ms XHR
application/json 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 14:48:25 GMT
X-Proxy-Origin: 185.246.211.87; 185.246.211.87; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.216:80
AN-X-Request-Uuid: 46031331-731c-4a9b-939b-a80fa5de97ac
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bnnbloomberg.ca
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
149 B 80ms
26ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=106&profileId=154&cb=19466207740
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.bnnbloomberg.ca
date: Wed, 05 May 2021 14:48:24 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
419 B 230ms
177ms XHR
text/javascript 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=291504&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A62164088%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2210%22%2C%22siteID%22%3A%22494936%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22494937%22%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%221%22%2C%22siteID%22%3A%22323042%22%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22323046%22%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22323050%22%7D%2C%22id%22%3A%225%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2272f6f382-6441-488e-8736-266b34c9107c%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-05-05T14%3A48%3A24%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6818b25f410ad7636507338f5544dc5f584de81ab4411b581f0b6326a8a04090

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 05 May 2021 14:48:25 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[FR], RC:[IDF], CN:[EU], CIP:[185.246.211.87], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.bnnbloomberg.ca
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 86
x-ak-client-geo: 28
expires: Wed, 05 May 2021 14:48:25 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
479 B 207ms
151ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9690fd017474dafe8adb6430570013&pos=bnn.ca_desktop_atf_300x600_214&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 794327cbab491debb65e9c14b37778dfb0d4a6a118e101de3ee4103d0a59a68b

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 05 May 2021 14:48:25 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.bnnbloomberg.ca
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
479 B 202ms
146ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9690fd017474dafe8adb6430570013&pos=bnn.ca_desktop_atf_300x250_215&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: e8b8201c31af1e4822abef20e59be0a827c05601f079b263c51b382e8d5013df

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 05 May 2021 14:48:25 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.bnnbloomberg.ca
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
479 B 194ms
138ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9690fd017474dafe8adb6430570013&pos=bnn.ca_desktop_atf_728x90_205&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: bccbc897106e24940cc3443c40d0ed1566d466a440b278102c932fb553f74ed2

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 05 May 2021 14:48:25 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.bnnbloomberg.ca
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
479 B 156ms
100ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9690fd017474dafe8adb6430570013&pos=bnn.ca_desktop_atf_970x250_206&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: a0f50bfb0c07ffe7f83714e31f4b2c2dfd01a76f37f6cef58d432de00c5cdbb5

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 05 May 2021 14:48:25 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.bnnbloomberg.ca
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
479 B 135ms
79ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9690fd017474dafe8adb6430570013&pos=bnn.ca_desktop_atf_970x90_207&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 8270daa7d3d1e2b20b9d2295bd05dc62e12061b7b773a8653ecc927288215f1c

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 05 May 2021 14:48:25 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.bnnbloomberg.ca
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H2 200 s08442604368680
bellmedia.sc.omtrdc.net/b/ss/bellmediabnnbprod,bellmediaglobalprod/1/JS-2.22.0-LBQ1/ 43 B
393 B 77ms
19ms Image
image/gif 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bellmedia.sc.omtrdc.net/b/ss/bellmediabnnbprod,bellmediaglobalprod/1/JS-2.22.0-LBQ1/s08442604368680?AQB=1&ndh=1&pf=1&t=5%2F4%2F2021%2016%3A48%3A25%203%20-120&mid=22649317272972490833750357840086422509&aamlh=6&ce=UTF-8&pageName=bnnb%3Ahome%3Ahackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280%3Astory&g=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&cc=USD&ch=home&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=home%2Chackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280%2Cstory&c5=web%20page&v5=web%20page&v6=home&c7=hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&v7=hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&c8=story&v8=story&c12=anonymous&v12=anonymous&c30=web&v30=web&v38=%20-%20&c42=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&v42=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&c50=page%20view&v50=page%20view&v68=wednesday%2004%3A48%20pm&c69=bnnb&v69=bnnb&v91=bnnb%3Ahome%3Ahackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280%3Astory&v93=2021-05-05&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=BB3937CB5B349FE70A495EAE%40AdobeOrg&AQE=1

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:25 GMT
x-content-type-options: nosniff
x-c: main-1461.Id0ac08.M0-490
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 06 May 2021 14:48:25 GMT
server: jag
xserver: anedge-76898875b9-4q2zf
etag: 3479409068407455744-4622055470199229160
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 04 May 2021 14:48:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=260030771280344&ev=PageView&dl=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&rl=&if=false&ts=1620226105159&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620226105157.2124616850&it=1620226104651&coo=false&exp=l1&rqm=GET

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 05 May 2021 14:48:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=417766778714379&ev=PageView&dl=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&rl=&if=false&ts=1620226105162&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620226105157.2124616850&it=1620226104651&coo=false&exp=l1&rqm=GET

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 05 May 2021 14:48:25 GMT

GET
H2 200 ca46aa22-e6b4-464e-9077-7215dc98bc0a Show response
consumer.krxd.net/consent/get/ 237 B
428 B 103ms
50ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/ca46aa22-e6b4-464e-9077-7215dc98bc0a?idt=device&dt=kxcookie&callback=Krux.ns.bellmedia.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 691bf21d605cd659ae8c1c2b2ee7580c3f8488376f70282eb651fb185c7549e6

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:25 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a010-dub-prod.krxd.net, cache-hhn4030-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1620226105.229391,VS0,VE26
content-length: 190
x-cache-hits: 0, 0

POST
H2 204 events
bidder.criteo.com/csm/ 0
149 B 26ms
25ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.bnnbloomberg.ca
date: Wed, 05 May 2021 14:48:24 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bnnbloomberg.ca

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 14:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bnnbloomberg.ca

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 14:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
298 B 556ms
505ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3378486607753758&correlator=3993875909060821&output=ldjh&impl=fifs&eid=31060784%2C31060895%2C44740387&vrg=2021042801&ptt=17&sc=1&sfv=1-0-38&ecs=20210505&iu_parts=5479%2Cctv.bnn%2CTechnology%2CArticle&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250%2C320x50%7C300x250%7C300x600%2C1x1%2C30x1&fluid=0%2Cheight%2C0%2C0&ists=2&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=ksgmnt%3D%26u%3D%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData&cookie_enabled=1&bc=31&abxe=1&lmt=1620226105&dt=1620226105363&dlt=1620226103479&idt=1612&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C970%2C970%2C970&adys=197%2C298%2C1075%2C1075&adks=1403910068%2C1960385940%2C1882654456%2C2645742303&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C300x0%7C300x776%7C300x776&msz=728x90%7C300x250%7C1x0%7C30x1&ga_vid=400164843.1620226105&ga_sid=1620226105&ga_hid=1197788506&ga_fc=false&fws=128%2C132%2C132%2C132&ohw=0%2C980%2C980%2C980&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

89f089918a293bee6e81658abf7470d8cf275944b0a467cddd60346913036e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 269
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
4aec1fecf46fe5bca90025009e74d9cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 83ms
14ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://4aec1fecf46fe5bca90025009e74d9cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
317 B 97ms
36ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=291504&u=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 05 May 2021 14:48:25 GMT
Server: Apache
Access-Control-Allow-Origin: https://www.bnnbloomberg.ca
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Wed, 05 May 2021 14:48:25 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9849 0
150 B 41ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.bnnbloomberg.ca

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.bnnbloomberg.ca
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bnnbloomberg.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bnnbloomberg.ca/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1603
date: Wed, 05 May 2021 14:48:24 GMT
content-length: 0

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 186ms
135ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o49jr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Wed, 05 May 2021 14:48:25 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 70a13baaa9f27a44c3e03eb9068fc1b1
x-transaction: 00ce47b1001c7ce0
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 63 B
222 B 103ms
33ms Script
text/javascript 52.48.18.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.bellmedia.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.18.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-18-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c298c1b0c6a2992b5972e90f82657536af09adbc3e48d07c819b831b6b65060d

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:25 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=33 t=1620226105
x-served-by: beacon-n011-dub-prod.krxd.net
content-type: text/javascript

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=260030771280344&ev=Microdata&dl=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&rl=&if=false&ts=1620226105662&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Hackers%20Target%20Iconic%20Japan%E2%80%99s%20Toshiba%20Rival%20Hoya%20With%20Ransomware%20-%20%20BNN%20Bloomberg%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280%22%2C%22og%3Asite_name%22%3A%22BNN%22%2C%22og%3Atitle%22%3A%22Hackers%20Target%20Iconic%20Japan%E2%80%99s%20Toshiba%20Rival%20Hoya%20With%20Ransomware%20-%20%20BNN%20Bloomberg%22%2C%22og%3Adescription%22%3A%22A%20group%20of%20hackers%20executed%20a%20ransomware%20attack%20on%20Hoya%20Corp%2C%20marking%20the%20second%20successful%20attack%20suffered%20by%20the%20Japanese%20firm%20in%20two%20years.%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fwww.bnnbloomberg.ca%2Fimg%2Ftsn%2Flogos%2Ftsn-logo.png%22%2C%22og%3Atype%22%3A%22article%22%2C%22article%3Apublished_time%22%3A%222021-04-21T10%3A33%3A17-04%3A00%22%2C%22article%3Aauthor%22%3A%22Bloomberg%20News%22%2C%22article%3Asection%22%3A%22Technology%22%2C%22article%3Atag%22%3A%22Company%20News%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620226105157.2124616850&it=1620226104651&coo=false&es=automatic&tm=3&exp=l1&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 05 May 2021 14:48:25 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=417766778714379&ev=Microdata&dl=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&rl=&if=false&ts=1620226105664&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Hackers%20Target%20Iconic%20Japan%E2%80%99s%20Toshiba%20Rival%20Hoya%20With%20Ransomware%20-%20%20BNN%20Bloomberg%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.bnnbloomberg.ca%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280%22%2C%22og%3Asite_name%22%3A%22BNN%22%2C%22og%3Atitle%22%3A%22Hackers%20Target%20Iconic%20Japan%E2%80%99s%20Toshiba%20Rival%20Hoya%20With%20Ransomware%20-%20%20BNN%20Bloomberg%22%2C%22og%3Adescription%22%3A%22A%20group%20of%20hackers%20executed%20a%20ransomware%20attack%20on%20Hoya%20Corp%2C%20marking%20the%20second%20successful%20attack%20suffered%20by%20the%20Japanese%20firm%20in%20two%20years.%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fwww.bnnbloomberg.ca%2Fimg%2Ftsn%2Flogos%2Ftsn-logo.png%22%2C%22og%3Atype%22%3A%22article%22%2C%22article%3Apublished_time%22%3A%222021-04-21T10%3A33%3A17-04%3A00%22%2C%22article%3Aauthor%22%3A%22Bloomberg%20News%22%2C%22article%3Asection%22%3A%22Technology%22%2C%22article%3Atag%22%3A%22Company%20News%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620226105157.2124616850&it=1620226104651&coo=false&es=automatic&tm=3&exp=l1&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 05 May 2021 14:48:25 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 36ms
17ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebbe367a1570926fa4fa06036e657dda2c79d5f837069ce356b229e261b5b254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 14:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7597
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 05 May 2021 14:48:25 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1C2F 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bnnbloomberg.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bnnbloomberg.ca/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 05 May 2021 14:11:19 GMT
expires: Thu, 05 May 2022 14:11:19 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2227
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C2F 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 23:42:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 54374
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 23:42:12 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=3378486607753758&bg=!TE-lTwvNAAYXzPaOF8w7ACkAdvg8Wr1rlfXnV_gozWmun5JWOutNwf76XJuPOeoqQolxE791s8QjRgIAAABTUgAAAApoAQcKAH4iB4vk2giYTGw7mquz70ebJuC8qTi5UrwWziWlwiLd0_oRXM1sIglguqdqZP3QQyndI3clkoZl3qSi7vifjDdqnWfE_CmKXzoofRSVhUkKwnP6SA9jCyV9wDFYWA8-aFNReolWexXU0SqJ0QHfkGrYLCeTtP36Vgmv2IqSEKmZAkw3bywDbBf0dbyILp7zj5IFVjYUl-OQZ5rXCSt47xeHBLaCYIZ5-0SYGdJFzXBT5mpXzYG0lNzDJ1N-w0uxv1pNgMcf5kSSw-yMESqDlw4rU24mBDL_ZvFUjtshRfOiFYqO7GJtNrBbRlW_KQSEmcuwhHvgpN4kwOHbTmOq_iZUq7rzkCnFoMF_s2NvnR-K0mGvrUjA12d9xNwzqOrv7hMCB8Op-hZzuW_ZnXBtOJO103w8KUTHvJ-hEWxy8vurn3TcEWyWKKdZGQJOWELm1Po6FX03Qjuz3WR0wQW1Ex_oKO3M-_BLLqp9Sq-24zNbU8vzWhbm_-99LVV4NLHdJW0OD53FfVvPrlOgzdQVCOiHkdxirux5eSHOTz1hrrWLUxVUPPQl7gPBzYx-03XPYOGYXAeMXLE71067A3QXHLjYcF2HD9WR4G2t9-FLI5nWdeTFqL-ba0Xuou1g1gbXIIoFrqRBSbGtZ_XfQ6r65VhNykPglmc4jlJd_LOqLmPULjz9HHrUsMYSC5hyMv7utYN92r0lxBPOHojF8pFXPXVi_gvZcFnR7b0U6WCXezHHcOMzDUhTqSWfMzrA8ZuR63nPPcFVVSPYxp8IBji9p7Cgy-i05JLvPe_vD8UP6p-EMrB4MHoBILV6_GVt6Tu5NaCxtKxJri-Gv7iXiHviPaVTOb1IGh2hA_vCoBak9PfOvNWtBcJJMzFsL-npa8I8RdKw-UJvb1-L7nclC4aNQTSNagrkCiNXOAzuaW87PDSvFtTdo4xNjXyy0YJxcEg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 14:48:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 98ms
98ms Image
image/gif 54.85.197.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=bnnbloomberg.ca&p=%2Fhackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280&u=CmYZJhzgMaHB3ojGF&d=bnnbloomberg.ca&g=65778&g0=Technology&g1=Daniele%20Lepido%2C%20Bloomberg%20News&n=1&f=00001&c=0.25&x=0&m=0&y=1681&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=2061&t=NbnBOBbBg29BOegWJBFt7Ebax4kU&V=126&tz=-120&sn=2&sv=NM_GQBcybyNWMdBCaE0MvCbt-E6&sd=1&im=067b0fff&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.197.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-197-32.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 14:48:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Verdicts & Comments Add Verdict or Comment

295 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 22:22:58	Name: dextp Value: 771-1-1620226105070
.bnnbloomberg.ca/	1969-12-31 23:59:59	Name: pvv Value: 1
.bnnbloomberg.ca/	1970-01-19 20:13:22	Name: _fbp Value: fb.1.1620226105157.2124616850
.bnnbloomberg.ca/	1970-01-20 11:34:58	Name: AMCV_BB3937CB5B349FE70A495EAE%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18753%7CMCMID%7C22649317272972490833750357840086422509%7CMCAAMLH-1620830903%7C6%7CMCAAMB-1620830903%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620233303s%7CNONE%7CMCSYNCSOP%7C411-18760%7CvVersion%7C5.2.0
www.bnnbloomberg.ca/	1970-01-19 18:03:47	Name: _cb_svref Value: null
www.bnnbloomberg.ca/	1970-01-20 03:32:34	Name: _chartbeat2 Value: .1620226104765.1620226104765.1.NM_GQBcybyNWMdBCaE0MvCbt-E6.1
.bnnbloomberg.ca/	1970-01-19 18:03:46	Name: _gat Value: 1
.bnnbloomberg.ca/	1970-01-20 11:34:58	Name: _ga Value: GA1.2.400164843.1620226105
www.bnnbloomberg.ca/	1970-01-20 03:32:34	Name: _cb_ls Value: 1
www.bnnbloomberg.ca/	1970-01-19 18:03:47	Name: __atuvs Value: 6092b03802cb1caa000
www.bnnbloomberg.ca/	1970-01-20 03:34:00	Name: __atuvc Value: 1%7C18
www.bnnbloomberg.ca/	1970-01-19 18:04:12	Name: kxbellmedia_visits Value: 1
.bnnbloomberg.ca/	1970-01-19 18:05:12	Name: _gid Value: GA1.2.2110490008.1620226105
.demdex.net/	1970-01-19 22:22:58	Name: demdex Value: 47491777388447201823940138847655746815
.bnnbloomberg.ca/	1969-12-31 23:59:59	Name: s_cc Value: true
www.bnnbloomberg.ca/	1970-01-19 18:05:12	Name: ctaClosed Value: %22false%22
www.bnnbloomberg.ca/	1970-01-20 03:32:34	Name: _cb Value: CmYZJhzgMaHB3ojGF
www.bnnbloomberg.ca/	1970-01-20 02:49:22	Name: BM-BNN-Continuous-Play Value: true

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.bnnbloomberg.ca/js/bellmedia/omnitureTVE.js?v1619513829(Line 81) Message: During: 4:48:24 PM
console-api	log	URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js(Line 2) Message: Error, missing Report Suite ID in AppMeasurement initialization
console-api	warning	URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js(Line 1) Message: Permutive was not initialized. localStorage not supported
console-api	error	URL: https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829(Line 4) Message: TypeError: Cannot read property 'userPlayList' of null at initPlayList (https://www.bnnbloomberg.ca/js/bellmedia/bnn-bloomberg.min.js?v1619513829:6:16054) at link (https://www.bnnbloomberg.ca/js/bellmedia/bnn-bloomberg.min.js?v1619513829:1:23852) at https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829:3:26177 at invokeLinkFn (https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829:3:26295) at nodeLinkFn (https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829:3:16484) at compositeLinkFn (https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829:3:2404) at nodeLinkFn (https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829:3:16351) at compositeLinkFn (https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829:3:2404) at publicLinkFn (https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829:3:20) at boundTranscludeFn (https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829:3:2893) at controllersBoundTransclude (https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829:3:17045) at Object.ngIfWatchAction [as fn] (https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829:7:26518) at Scope.$digest (https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829:5:27957) at Scope.$apply (https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829:5:30072) at Object.success (https://www.bnnbloomberg.ca/js/bellmedia/bnn-bloomberg.min.js?v1619513829:5:6964) at k (https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829:2:16920) at Object.fireWith [as resolveWith] (https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829:2:17707) at y (https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829:2:80804) at XMLHttpRequest.d (https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829:2:86374) <div class="add-playlist-item ng-isolate-scope" vid="{{currentStream.Id}}" video="{{currentStream}}">
console-api	error	URL: https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829(Line 4) Message: TypeError: scope.init is not a function at Object.fn (https://www.bnnbloomberg.ca/js/bellmedia/bnn-bloomberg.min.js?v1619513829:1:23843) at Scope.$digest (https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829:5:27957) at Scope.$apply (https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1619513829:5:30072) at Object.success (https://www.bnnbloomberg.ca/js/bellmedia/bnn-bloomberg.min.js?v1619513829:5:6964) at k (https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829:2:16920) at Object.fireWith [as resolveWith] (https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829:2:17707) at y (https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829:2:80804) at XMLHttpRequest.d (https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1619513829:2:86374)
console-api	log	URL: https://www.bnnbloomberg.ca/hackers-target-iconic-japan-s-toshiba-rival-hoya-with-ransomware-1.1593280(Line 4404) Message: [BmAuth] init failed [object Object]
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4aec1fecf46fe5bca90025009e74d9cc.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
analytics.twitter.com
api.rlcdn.com
as-sec.casalemedia.com
assets.adobedtm.com
auth.9c9media.ca
beacon.krxd.net
bellmedia.demdex.net
bellmedia.sc.omtrdc.net
beta.ctvnews.ca
bidder.criteo.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
capi.9c9media.com
cdn.krxd.net
cdn.permutive.com
cdns.gigya.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
consumer.krxd.net
dpm.demdex.net
geo.moatads.com
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
images2.9c9media.com
js-sec.indexww.com
mab.chartbeat.com
match.adsrvr.org
mb.moatads.com
pagead2.googlesyndication.com
ping.chartbeat.net
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
s7.addthis.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
t.co
tpc.googlesyndication.com
v1.addthisedge.com
webapps.9c9media.com
www.bnnbloomberg.ca
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
z.moatads.com
104.109.85.134
104.19.150.54
104.244.42.5
104.244.42.67
104.70.84.198
108.174.10.14
142.250.185.194
151.101.114.133
151.101.12.157
172.217.23.98
178.250.2.131
185.33.220.242
2.18.234.21
2.18.234.219
2.18.234.36
2.18.235.40
23.37.38.181
2600:9000:2104:ca00:18:1fcd:34e:d2a1
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:803::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00:2a6::1e80
2a02:26f0:6c00:2b0::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::714
34.120.133.55
34.243.47.58
34.252.115.248
34.253.145.149
35.181.18.61
37.252.172.45
52.212.177.60
52.214.0.210
52.28.203.152
52.48.18.249
54.85.197.32
65.9.73.27
65.9.86.127
76.223.111.131
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
02f9c2939a0392f3234207c2e82e47e2cd948be1c19e6891c7781feca50fbf72
03862701caca12427fdc26a145ee29aa26fb5f1d09991d27957c008dbd0d3dae
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0523a9e5902eb1fc66074d4732aca096560971bfcb29b1ffc96ada47ab9b4ea0
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
078feae69d4c91814c191cc9ebd12c75ab755132f9b7cb3759cd6712d6a16eca
0a8ebb33cfa7f04f0d413129889d87f44f59da9595debf3ea2a23456dbcb8cad
0e96dad6bfbaac636d46789bd70caaf704f7fd3a733d41c73a68540290817fef
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1294d18482911edd15526fb7a913e11ff77b52866fa729e7ec28d71bd8dfb238
12f81971df0264fc9e026fed13e7a704c99ad945a3332dd79548a0fbc17aa216
1b4175dc2e0cf3f15ffe8497c8fa1f4334106e6abafc0179fc7449e485cfac39
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
1f3555e5bebe3dea9575c38bb2374c356f3e14100398f3a3b56f0787898e66ca
22d71eff61c7944920a7e3bf5e6fdbc25a22e6a79be3457c1ad24e7f9ff00035
289d4b67d5b25037a74bf891dbd7db6fc946e56bbdb5946523e94322b296fa55
28a596df87b9d92470bceecddc975aa14b721cf3ab5134284aed757c05433e34
2a52552fcf93b6fc6d56261c88a1aa4d80b6acc9a684b46c8dff4f8eafad201a
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3a8eeac4d696eaec4219bd45b8e13609dcb9769f65ef8de87d45e71072ef2d26
3c423060975a447c389133494d357ed141f474e4c8a2939a4f34047224ec5e3c
3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb
414dbbbec94367affb47e64423a7d45353438bd3fac60f77aa9f9a376c140e2c
47fb8b7f5571b3f676d97f8c7d625bcd773796133c7bdd499a484c5f118a9452
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
54f79ead0695ebb4bd48e9eabd97df7b7a61485e2e13eddbf26ab6a096b06b6d
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6138b52d005d422eea998f1684fb93d93f728b96c981e3bcb365acf1ab2c52f3
6818b25f410ad7636507338f5544dc5f584de81ab4411b581f0b6326a8a04090
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
691bf21d605cd659ae8c1c2b2ee7580c3f8488376f70282eb651fb185c7549e6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
756e4ddc381d9acab2a88ab3da6e2ab5baf1f51071a64c0faaab7ee015065c1e
78cbb82ad7c4d70285369bf11ba0a4eb99317ec1ecd54d32d2a8be937f1cd150
794327cbab491debb65e9c14b37778dfb0d4a6a118e101de3ee4103d0a59a68b
79727b6880d5e020ab2b496ac7f7be48647281e32c44739d5580a88afe5628e7
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d84c419bb39b3ef7ee04cce175b7b79ff638616976aab07ba909377bcc773b4
8270daa7d3d1e2b20b9d2295bd05dc62e12061b7b773a8653ecc927288215f1c
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
85f221f40551269ff0011c811f4acf258c760f6deabfa5a51a05c3797a02c79d
86488387bb7d778b5c5741c32edfba5bac5b10371c249d27a7253ff54a97aa8b
8733ad4061e0afc25916e6154d2249da919d8ae5d0b113cda5368ec41d480f03
89f089918a293bee6e81658abf7470d8cf275944b0a467cddd60346913036e38
8bfd760b2837a72858803a03eb1f77120b1651212ccb2e3358586bf79e2c2a13
8e714bc3b8e26dea772b229d76d0125ca75615bb2a30b407b070d4e010af3cee
8f75ecee0fa1eb323b4f768512289808b29865a4e6b764669163a7b17742891c
95341489d89aa8908b9abe2e7564d0fa12126317225ff006f626c8b38556b058
99b16cce76c91d13a921656ce55b6e61d81673ec14c090ee43708a21379613e2
a0f50bfb0c07ffe7f83714e31f4b2c2dfd01a76f37f6cef58d432de00c5cdbb5
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b324515d91dc14401794248a4c9c4602e16a99b53711a3cb053d37e4345cc20f
b3916c96656bea206c1f5b3098e81544b462efdb59c1f293317844a42f0a6236
b77e33093d045dfb095ce0dd819e09921191d4e9dc9b53d144bc91557e5fb4f5
b91db2aa8be975a61d95186b301ecefd37055a1be40301c872c290dc32e4c3c9
bccbc897106e24940cc3443c40d0ed1566d466a440b278102c932fb553f74ed2
bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d
bf4e5cb47da1c0ca12d6664390c99d30e07d6d6b7e69e8ce6e4989e5ac9e317b
bf8436a515e4055bc63645c9eb3a2086fafbfdb45128a4d6e0eed96d16e78203
c298c1b0c6a2992b5972e90f82657536af09adbc3e48d07c819b831b6b65060d
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cb93c8cd98d01cf2229670d6cb8f5e66121cc562453817e807d1dd88cd2362f0
cf39400dc753631915a397967da2fde8d95e89f728e374a08d8c6fd10d4b5971
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d835ee0b2f97a1383475022cc9cceeb1f34249f5fc2a503a1b8a79f7b88fee3b
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dc80f30d11919d02f5126767744d4887cd92f61cc016716b981ff164aec925db
ded40c4946e42576820ef3d03c68324c0967833fb7bd4cd8b6f177522f5fccbc
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfefc713c8aa5219d62a4a95472c746c14dfcec3fade42c35b21ce8f4e493e48
e295ca49c438f26cc28cc6ad767a86fb4b231e3a36b168133920dc99b2ea9d62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b8201c31af1e4822abef20e59be0a827c05601f079b263c51b382e8d5013df
ebbe367a1570926fa4fa06036e657dda2c79d5f837069ce356b229e261b5b254
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f5e038d94254f00ca0c849d9d312b9024811735c4531745167d7b4fa5fe24bfe
fb94f25440a627aef0324c8c4c694a78e8427fef4055643657e3f0107b92eb6e
fd5d7bdc3fca8970c5a87052fd2ca8e847ab38cd8ad5a8cd8d7e62f0fb1c6bda
fe6e64f43e2669eae4cd5c250cde660a92521e0a575780740f78e2d46befc296
fe8023dca8a85845e95ca19fe14f53238de3d57bdd877900bb716f73c81034ec

www.bnnbloomberg.ca Open in urlscan Pro 104.70.84.198 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

116 Requests

100 %HTTPS

38 %IPv6

40 Domains

58 Subdomains

46 IPs

6 Countries

2272 kBTransfer

8063 kBSize

18 Cookies

4 Outgoing links

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bnnbloomberg.ca Open in urlscan Pro
104.70.84.198 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

100 %
HTTPS

38 %
IPv6

40
Domains

58
Subdomains

46
IPs

6
Countries

2272 kB
Transfer

8063 kB
Size

18
Cookies

116 HTTP transactions
0 data transactions