www.bloomberg.com Open in urlscan Pro
151.101.129.73 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSour...
Submission: On June 18 via api (June 18th 2024, 4:47:01 pm UTC) from US — Scanned from DE

Summary HTTP 111 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 12 domains to perform 111 HTTP transactions. The main IP is 151.101.129.73, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.bloomberg.com. The Cisco Umbrella rank of the primary domain is 25939.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 18th 2024. Valid for: a year.

This is the only time www.bloomberg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
54	151.101.129.73 151.101.129.73	54113 (FASTLY) (FASTLY)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
14	18.66.102.11 18.66.102.11	16509 (AMAZON-02) (AMAZON-02)
1	35.201.104.135 35.201.104.135	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	54.157.55.199 54.157.55.199	14618 (AMAZON-AES) (AMAZON-AES)
2	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.13.162.139 3.13.162.139	16509 (AMAZON-02) (AMAZON-02)
5	69.187.26.120 69.187.26.120	10361 (BLOOMBERG...) (BLOOMBERG-NET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	3.208.81.161 3.208.81.161	14618 (AMAZON-AES) (AMAZON-AES)
1	132.226.214.62 132.226.214.62	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	13.32.110.51 13.32.110.51	16509 (AMAZON-02) (AMAZON-02)
2	216.58.212.164 216.58.212.164	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
2	44.194.233.32 44.194.233.32	14618 (AMAZON-AES) (AMAZON-AES)
2	18.221.139.147 18.221.139.147	16509 (AMAZON-02) (AMAZON-02)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
3	162.247.243.30 162.247.243.30	54113 (FASTLY) (FASTLY)
111	21

54 151.101.129.73 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.bwbx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net

sourcepointcmp.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com

vi.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.157.55.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-55-199.compute-1.amazonaws.com

eventrecorder.cm.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.13.162.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-162-139.us-east-2.compute.amazonaws.com

location.cm.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.187.26.120 (United States)

ASN10361 (BLOOMBERG-NET, US)

login.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.81.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-81-161.compute-1.amazonaws.com

coordinator.cm.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 132.226.214.62 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.110.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-51.vie50.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.194.233.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-233-32.compute-1.amazonaws.com

gatehouse.cm.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.221.139.147 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-221-139-147.us-east-2.compute.amazonaws.com

personalization.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.243.30 (United States)

ASN54113 (FASTLY, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	bwbx.io assets.bwbx.io — Cisco Umbrella Rank: 25119	1 MB
40	bloomberg.com www.bloomberg.com — Cisco Umbrella Rank: 25939 sourcepointcmp.bloomberg.com — Cisco Umbrella Rank: 38348 eventrecorder.cm.bloomberg.com — Cisco Umbrella Rank: 29535 location.cm.bloomberg.com — Cisco Umbrella Rank: 69353 login.bloomberg.com — Cisco Umbrella Rank: 37951 coordinator.cm.bloomberg.com — Cisco Umbrella Rank: 41654 gatehouse.cm.bloomberg.com — Cisco Umbrella Rank: 61901 personalization.bloomberg.com — Cisco Umbrella Rank: 46874	265 KB
6	stripe.com js.stripe.com — Cisco Umbrella Rank: 1556	150 KB
3	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 3419	1 KB
3	moatads.com z.moatads.com — Cisco Umbrella Rank: 860 mb.moatads.com — Cisco Umbrella Rank: 1367	94 KB
2	google.com www.google.com — Cisco Umbrella Rank: 5	972 B
2	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 3917	28 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	239 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235	177 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 893	18 KB
1	gstatic.com www.gstatic.com	207 KB
1	ml314.com vi.ml314.com — Cisco Umbrella Rank: 8604	464 B
111	12

	Domain	Requested by
48	assets.bwbx.io	www.bloomberg.com assets.bwbx.io
14	sourcepointcmp.bloomberg.com	www.bloomberg.com sourcepointcmp.bloomberg.com
9	eventrecorder.cm.bloomberg.com	assets.bwbx.io
6	js.stripe.com	www.bloomberg.com
6	www.bloomberg.com	www.bloomberg.com
5	login.bloomberg.com	www.bloomberg.com
3	bam-cell.nr-data.net	www.bloomberg.com
2	personalization.bloomberg.com	www.bloomberg.com
2	gatehouse.cm.bloomberg.com	www.bloomberg.com
2	www.google.com	www.bloomberg.com
2	cdn.amplitude.com	www.bloomberg.com
2	www.googletagmanager.com	www.bloomberg.com
2	z.moatads.com	www.bloomberg.com
2	securepubads.g.doubleclick.net	www.bloomberg.com
1	js-agent.newrelic.com	www.bloomberg.com
1	www.gstatic.com	www.bloomberg.com
1	mb.moatads.com	z.moatads.com
1	coordinator.cm.bloomberg.com	www.bloomberg.com
1	location.cm.bloomberg.com	www.bloomberg.com
1	vi.ml314.com	www.bloomberg.com
111	20

This site contains links to these domains. Also see Links.

Domain
bba.bloomberg.net
service.bloomberg.com
www.facebook.com
www.instagram.com
www.linkedin.com
twitter.com
www.youtube.com
pro.bloomberglaw.com
pro.bloombergtax.com
about.bgov.com
about.bnef.com
www.bloomberglive.com
www.bloombergradio.com
www.bloombergmedia.com
pro.bloombergenvironment.com
bloom.bg
subscribe.businessweek.com
bloomberg.com
nytech.org

Subject Issuer	Validity	Valid
www.bloomberg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-18` - `2025-04-14`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
sourcepointcmp.bloomberg.co.jp R3	`2024-04-30` - `2024-07-29`	3 months	crt.sh
vi.ml314.com WR3	`2024-05-18` - `2024-08-16`	3 months	crt.sh
eventrecorder.cm.bloomberg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-23` - `2025-03-23`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
location.cm.bloomberg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-08-06` - `2024-09-04`	a year	crt.sh
login.bloomberg.com DigiCert SHA2 Extended Validation Server CA	`2023-12-18` - `2025-01-16`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
coordinator.cm.bloomberg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-08` - `2025-02-06`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-05-22` - `2024-08-22`	3 months	crt.sh
cdn.amplitude.com Amazon RSA 2048 M02	`2023-12-14` - `2025-01-12`	a year	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
gatehouse.cm.bloomberg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-03` - `2025-02-01`	a year	crt.sh
personalization-prod2a.cm.bloomberg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-08` - `2025-03-09`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Frame ID: AC75EEDC73AB65C8727F77982549BC3A
Requests: 103 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: D60B06A4152F7DBB67A01E299CC75009
Requests: 1 HTTP requests in this frame

Frame: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Frame ID: 83FC3356272B44C7C61E19879FEC1DCB
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf7rDgfAAAAAI8VMW8SVVA-1mJZE25oy_WF1AGi&co=aHR0cHM6Ly93d3cuYmxvb21iZXJnLmNvbTo0NDM.&hl=de&v=KXX4ARWFlYTftefkdODAYWZh&size=invisible&cb=bdug8cs66c4t
Frame ID: A452036D203937CB78E35CDF8E2520BB
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-muas-control-aecae99ce12d7ac8543548845f815115.html
Frame ID: 6CD93E2AF79228D5063A3C5AF667F88C
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-317263348376de9d8fcd6514a85aa8ec.html
Frame ID: 7E8AD0BB7BE2E569FD2B1F771A75670B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-0403562c894b3592ea096027940ce68e.html
Frame ID: 424B5A7544CFD6D913E583FFAC1FC1FD
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 01B08EFC71136002CF82060F4C187C64
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Caesars Paid Millions in Ransom in Hack Weeks Before MGM Las Vegas Attack - Bloomberg

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

111
Requests

100 %
HTTPS

15 %
IPv6

12
Domains

20
Subdomains

21
IPs

3
Countries

2545 kB
Transfer

9408 kB
Size

20
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://bba.bloomberg.net/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Anywhere Remote LoginBloomberg Anywhere Login

Search URL Search Domain Scan URL

URL: https://service.bloomberg.com/portal/sessions/new?utm_source=bloomberg-menu&utm_medium=bcom
Title: Manage Products and Account Information

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Bloomberglp
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bloomberg/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/2494
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/bloomberg
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@bloomberglp
Title: YouTube

Search URL Search Domain Scan URL

URL: https://pro.bloomberglaw.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Law

Search URL Search Domain Scan URL

URL: https://pro.bloombergtax.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Tax

Search URL Search Domain Scan URL

URL: https://about.bgov.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Government

Search URL Search Domain Scan URL

URL: https://about.bnef.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: BloombergNEF

Search URL Search Domain Scan URL

URL: https://www.bloomberglive.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Live Conferences

Search URL Search Domain Scan URL

URL: https://www.bloombergradio.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Radio

Search URL Search Domain Scan URL

URL: https://www.bloombergmedia.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Advertising

Search URL Search Domain Scan URL

URL: https://pro.bloombergenvironment.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Environment

Search URL Search Domain Scan URL

URL: http://bloom.bg/dg-ws-core-bcom-m1
Title: Before it’s here, it’s on the Bloomberg TerminalBloomberg Terminal LEARN MORE

Search URL Search Domain Scan URL

URL: https://subscribe.businessweek.com/pubs/BW/BWK/BWK_50_for_149.jsp?cds_page_id=266946&cds_mag_code=BWK&id=1703792422805&lsid=33621340228031432&vid=1&source=bbwhomepage
Title: Magazine

Search URL Search Domain Scan URL

URL: https://bloomberg.com/context
Title: About Us

Search URL Search Domain Scan URL

URL: https://nytech.org/made
Title: Made in NYC

Search URL Search Domain Scan URL

URL: https://www.bloombergmedia.com/contact
Title: Advertise

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

111 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request caesars-entertainment-paid-millions-in-ransom-in-recent-attack Show response
www.bloomberg.com/news/articles/2023-09-13/ 305 KB
47 KB 874ms
737ms Document
text/html 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty / Express

Resource Hash

c66564ec6c3787bd7b9548ed52ac22d23f758d4f0f56c21c7918c0f63512b2ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.bloomberg.com https://.bloomberg.com upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: public, max-age=120
content-encoding: br
content-length: 46540
content-security-policy: frame-ancestors 'self' http://*.bloomberg.com https://*.bloomberg.com upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Tue, 18 Jun 2024 16:46:53 GMT
etag: "15y71kf7dpb6p32"
fastly-restarts: 1
link: <https://assets.bwbx.io>; rel=preconnect; crossorigin, <https://assets.bwbx.io>; rel=preconnect, <https://sourcepointcmp.bloomberg.com>; rel=preconnect; crossorigin, <https://tpc.googlesyndication.com >; rel=preconnect; crossorigin, <https://www.google-analytics.com>; rel=preconnect; crossorigin, <https://www.googletagmanager.com>; rel=preconnect, <https://www.googletagmanager.com>; rel=preconnect; crossorigin
permissions-policy: join-ad-interest-group=(), run-ad-auction=(), browsing-topics=()
referrer-policy: no-referrer-when-downgrade
server: openresty
strict-transport-security: max-age=31557600
vary: Accept-Encoding, Accept-Encoding
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-powered-by: Express
x-served-by: cache-fra-etou8220135-FRA

GET
H2 200 1200x800.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/iO8xB8RJODeg/v1/ 97 KB
97 KB 184ms
150ms Image
image/jpeg 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iO8xB8RJODeg/v1/1200x800.jpg

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

e2180f7403ac35a3f4b17647175e187152f89b209f9c2613c04e4fbaacb9a2da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
age: 1870934
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: 654428d3-6118-4cb7-afa3-33a073e12f5c
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 98968
x-served-by: cache-lga21920-LGA, cache-fra-etou8220135-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-7p8lj
server: Apache
x-timer: S1718729213.416707,VS0,VE84
etag: "0af0ed704a8e3fcb346b9182b01e16cc5"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 24, 0

GET
H2 200 event-recorder-client.min.js Show response
assets.bwbx.io/s3/foundation/event-recorder-client/1.0/ 3 KB
2 KB 182ms
42ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d3a6cb4ba7d2e169e837325c066262b1127bb8b525bf8146d9d7dbde5bbaa0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: oIEfxgYiej3sqUYfNMp6KYOENf1HvXBv
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: MVQ6CV5SHFSYED4C
age: 1167
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1257
x-amz-id-2: Dkh+yCxj4mR+rg/rB9gyUGgkNYSmtvBU75liAuVRQZPtP06E8jTFmToSNV8ckZ00lF1fU35SqYk=
x-served-by: cache-bfi-kbfi7400072-BFI, cache-fra-etou8220090-FRA
last-modified: Fri, 24 May 2024 19:17:44 GMT
server: AmazonS3
x-timer: S1718729214.523954,VS0,VE0
etag: "3b6bde335cf4231518f4b0e4e6faf18c"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=7200
accept-ranges: bytes
x-cache-hits: 172824, 9

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
31 KB 176ms
88ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

35f9345280beb429b02ade29a3c776bf3ff537e4aad5e53cceeef6407b3bcaf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32140
x-xss-protection: 0
server: cafe
etag: 247 / 19892 / m202406130101 / config-hash: 1716807674107158036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Jun 2024 16:46:53 GMT

GET
H2 200 spritz.mjs Show response
assets.bwbx.io/s3/spritz/v1/ 3 KB
2 KB 180ms
40ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/spritz/v1/spritz.mjs

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d44e673ab7f35cd2babde98f4e434d45f63b53c6c4c68cc6ae3541d66877d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: dkEHlonD2QCJO.8vGmxQusZAF6_vrIkT
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: FQP1DGXQ758DQ6G5
age: 22181
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1247
x-amz-id-2: /IT8F/nyFSuYAH8D+caRtEDDgPfSxgo1tdx39lS7Ti3MygoxkzwRYhd9oW8kJI5J8DG9B70Lu5U=
x-served-by: cache-bfi-kbfi7400055-BFI, cache-fra-etou8220090-FRA
last-modified: Wed, 08 Mar 2023 15:43:50 GMT
server: AmazonS3
x-timer: S1718729214.523212,VS0,VE0
etag: "a6774be5256f7356266f0f551c498948"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=345600
accept-ranges: bytes
x-cache-hits: 12126, 65

GET
H2 200 sparkle.mjs Show response
assets.bwbx.io/s3/sparkle/v6/ 94 KB
29 KB 182ms
43ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/sparkle/v6/sparkle.mjs

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ebaf718cdb52c3b775d67c7e89ea3827b63556a1b26cd912d7466508877926d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: .SfBjL_qkjGmnxXeTP4o3HsmKcksBDoT
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 7DNKCRPXKTQMQWTZ
age: 3187
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29727
x-amz-id-2: rf0E7Fb+6DRBSTlTS607/jqYJrLBd8RRLKmDSG7L25a5yvhRehdHRwardTpfeoj4+JMVybRQy4Q=
x-served-by: cache-bfi-krnt7300102-BFI, cache-fra-etou8220090-FRA
last-modified: Fri, 07 Jun 2024 13:49:05 GMT
server: AmazonS3
x-timer: S1718729214.523719,VS0,VE0
etag: "12ebb96ff952b55a691f6c213ec6ad62"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=86400
accept-ranges: bytes
x-cache-hits: 40959, 20

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
sourcepointcmp.bloomberg.com/unified/ 129 KB
37 KB 166ms
46ms Script
text/javascript 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/unified/wrapperMessagingWithoutDetection.js
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25dfb0e395e26c92cbb9ed5e54fff3a64ec8e1a3ae653555d4c5ae81ba087213

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:32:20 GMT
content-encoding: br
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 15:29:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 873
x-amz-server-side-encryption: AES256
etag: W/"614d1a5043fbedabab7a77a278247fe8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: vbnZFfCIFRfClJjd--HKOo3s0u3yCjMVDq5bEwTrku5IAPRFf1HNRg==

GET
H2 200 cmp-client.min.js Show response
assets.bwbx.io/s3/foundation/cmp-client/v3/ 8 KB
3 KB 161ms
41ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/foundation/cmp-client/v3/cmp-client.min.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

78b0756503dbbe94648e9b26d577c582d92c8828995be06f5e8e47bd0491b9ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 0pInZZsO5TzgOKNPuEIEu9j27DQcDDYt
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: QAPZB51FXSGZEV67
age: 3007
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2855
x-amz-id-2: r+BGhbfwMQXSsxTw6nBd5yWxfqyZKTTmtXtOk9+ZUke/t+w5vpfw1e4dlUjKrEC4xRv5wmChg+s=
x-served-by: cache-bfi-kbfi7400071-BFI, cache-fra-etou8220090-FRA
last-modified: Tue, 21 May 2024 16:26:03 GMT
server: AmazonS3
x-timer: S1718729214.523594,VS0,VE0
etag: "e6dd151a711d8bd702002ecabeb51194"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=7200
accept-ranges: bytes
x-cache-hits: 215086, 20

GET
H2 200 get Show response
vi.ml314.com/ 422 B
464 B 151ms
64ms Script
application/javascript 35.201.104.135
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vi.ml314.com/get?eid=50066&tk=aO1CCthMyYq5eNlVwlKQXL9igGlRPy95K4LLnm84p2bE3d&fp=

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

135.104.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

84a28b0425e346b2bbe1393e3f6d9ec0868a99d631d2f3457fadc220989177a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
via: 1.1 google
date: Tue, 18 Jun 2024 16:46:53 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 abba-client.js Show response
assets.bwbx.io/s3/abba/abba-client/latest/ 226 KB
68 KB 41ms
41ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/abba/abba-client/latest/abba-client.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

81d4573b04d1b03a2e5f4c66f84befc2fd3b5f86f2b06b002ce2a92ad982b7e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 6Hj4uSnesAuA6halvBRV2PJianJ5Mj4K
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: CBD0FR3D2EZ85HRA
age: 22
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 69194
x-amz-id-2: MLqzcBeGw5ovKhdTwjkotGu5q/pOJgUCFtgUFWtCJoDr2XJZmbiuBABISGCki6JBa2yH6CJPJvw=
x-served-by: cache-bfi-krnt7300050-BFI, cache-fra-etou8220135-FRA
last-modified: Mon, 29 Apr 2024 16:16:44 GMT
server: AmazonS3
x-timer: S1718729213.431442,VS0,VE2
etag: "2121c2857b816d37d11c245a9ea18609"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=120,stale-while-revalidate=300
accept-ranges: bytes
x-cache-hits: 584310, 1

GET
H2 200 282392dd7388ded3.css
assets.bwbx.io/s3/lightsaber/_next/static/css/ 27 KB
7 KB 39ms
39ms Stylesheet
text/css 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/css/282392dd7388ded3.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eba0f96944a600c7bf9eb5affa52c9ba467ebcd4b9b8eba8c234dc3f9757ee41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 7piPvU35oqBuTO5tma.wHGeW048K0rEI
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: X762HPMH3CJGG51D
age: 417457
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6296
x-amz-id-2: 9FuKj6X3g+dcbbgws2ZSCbTVCvLHWV3eFp6WzhcFra2MFVTqddD64dE4qXtZRIlUh/RYhGaiXwg=
x-served-by: cache-bfi-kbfi7400090-BFI, cache-fra-etou8220135-FRA
last-modified: Thu, 13 Jun 2024 20:43:56 GMT
server: AmazonS3
x-timer: S1718729213.431701,VS0,VE0
etag: "ac89ff30d899067e9e799abdd77148f3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 8, 1649

GET
H2 200 8aabfb97421f7fd1.css
assets.bwbx.io/s3/lightsaber/_next/static/css/ 99 KB
13 KB 77ms
77ms Stylesheet
text/css 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/css/8aabfb97421f7fd1.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3a35b9186a2119220b3c8f08e105a22745afafd640c2614fe6f7c37d0c4ca895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: NeqC8hYOL5GseDCKfA55ImauZyRRCf3z
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: C1T7Y6X2D0MAN2RP
age: 1042342
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12881
x-amz-id-2: bZxjRbKxDYN9XXMoABbvspAH30P1mNxHv33stFU/3BThKf5T6ookMlMiyHCIOlrVJ2cBPPwACMQ=
x-served-by: cache-bfi-krnt7300089-BFI, cache-fra-etou8220135-FRA
last-modified: Thu, 06 Jun 2024 15:08:21 GMT
server: AmazonS3
x-timer: S1718729213.436134,VS0,VE0
etag: "166f679d495a05bd20d0080de9c19f36"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 1, 3919

GET
H2 200 76a96731efe03c49.css
assets.bwbx.io/s3/lightsaber/_next/static/css/ 216 KB
29 KB 76ms
75ms Stylesheet
text/css 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/css/76a96731efe03c49.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ff157e8c4d6cd382a7eb3f3801ea4ab7e626afd4a0210d35b69fc5aadeef7323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: _T3df15zq3ILtJk8TEASVmF2EBNeGOQp
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: X763TD3SW7H5PE6E
age: 417457
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29145
x-amz-id-2: 4P4nziMauAGizqv0LvSBGWj0THo/+RvN9UuXIDwcSwHvtw0DGwicassNZqclcpa7/xtwo73mv8Q=
x-served-by: cache-bfi-krnt7300114-BFI, cache-fra-etou8220135-FRA
last-modified: Thu, 13 Jun 2024 20:43:56 GMT
server: AmazonS3
x-timer: S1718729213.436139,VS0,VE0
etag: "313eb3fc2bcdf246a2f390374bd98627"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 7, 1835

GET
H2 200 12d4164e218f8725.css
assets.bwbx.io/s3/lightsaber/_next/static/css/ 33 KB
5 KB 81ms
80ms Stylesheet
text/css 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/css/12d4164e218f8725.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

44a51e14b839745d386198b5454b3f517cdcc4ab94c2b8b4d58c65cbb4a9680a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: CU.HPoS..4W92eVyDJCHxP8xqrygE14o
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 0B92PD5H2BZ7A8NM
age: 79223
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5138
x-amz-id-2: FpdEZgUgmEgGGP8D193hP6Uz97lcSEPZiGK5MdpbQjFqAn+86s3zvXYkQFDc7tYJWpppL68Hmlw=
x-served-by: cache-bfi-kbfi7400080-BFI, cache-fra-etou8220135-FRA
last-modified: Mon, 17 Jun 2024 18:40:36 GMT
server: AmazonS3
x-timer: S1718729213.436268,VS0,VE0
etag: "77c65123f3fb625169923ab1ca26d78e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 35, 324

GET
H2 200 webpack-2327e7b70cfeb6a5.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 5 KB
3 KB 47ms
45ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/webpack-2327e7b70cfeb6a5.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b98c6558c343a5f0e1b4cefedf8ffa0b53cb9ce1b0f81601ac9513673f1b4091

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qI0muXFwF9HIvoFRqq_1YtztMmzvxhWI
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 0B95ANMHKJFVB03C
age: 79223
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2468
x-amz-id-2: OilM/LG/S3TORC8U89vW5Xpq7dK913kRuHsql5yPLAQuwJG4+9hkXEtCHCx4l/yMCMPUo9chng0=
x-served-by: cache-bfi-kbfi7400056-BFI, cache-fra-etou8220135-FRA
last-modified: Mon, 17 Jun 2024 18:40:36 GMT
server: AmazonS3
x-timer: S1718729213.474367,VS0,VE0
etag: "02ca00270d0144d683446921303567e5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 36, 317

GET
H2 200 framework-18c7e6fcf99e5daa.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 138 KB
46 KB 47ms
45ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/framework-18c7e6fcf99e5daa.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a4ec567b6fa873f941d9d0899f323cdb894ffd4bee2667efea480d331412480f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: KUkF4be0Fakjkh.1GA7_i_mUogsqGIri
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 5KXEV5FTF5ZSKGQM
age: 4166044
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 46541
x-amz-id-2: 5eynDikPUMGGi/Xbgm+LkMkRb4AtSVp3w3JoFUVjXCO/v+5pbaGgMrUylhBxFvEYgGehTcX8QdI=
x-served-by: cache-bfi-kbfi7400080-BFI, cache-fra-etou8220135-FRA
last-modified: Fri, 08 Dec 2023 17:56:48 GMT
server: AmazonS3
x-timer: S1718729213.474376,VS0,VE0
etag: "69b45b051aaedf2eb73ddcf7f41298ca"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 390, 5155

GET
H2 200 main-f77fdccae5243624.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 111 KB
34 KB 47ms
45ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/main-f77fdccae5243624.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d41c09d06d11fd679e9dde59e294aa1c25df94d1d74e63f0daf8c136901258f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: esK0QlBL4zSwhphUIt73NFQ6wu5o4O.f
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: JETC4MK9DR4AAB3D
age: 3444877
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34722
x-amz-id-2: HenJ+4TZHgx/tVcDu8+z2COVsbV99QavKWE3hUWFP0VwaCQqXXRcHmcdEH17GZI07dT5kM4EVN4=
x-served-by: cache-bfi-krnt7300100-BFI, cache-fra-etou8220135-FRA
last-modified: Fri, 08 Dec 2023 14:37:33 GMT
server: AmazonS3
x-timer: S1718729213.474338,VS0,VE0
etag: "9f98a1f9e28bb5026d50e092365847dd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 25, 7917

GET
H2 200 _app-a2674928afc1b65d.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/pages/ 29 KB
10 KB 74ms
72ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/pages/_app-a2674928afc1b65d.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bdc4d761c33b80b352df11a191c6723f8f30c74dd8c34855a9ab41ad6cfbae71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: yHC5CJgldhWO0LHHmzLohpuRejcR7Urf
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: VF427261D9WMTHY4
age: 3047649
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10081
x-amz-id-2: ADyslvsY6QL/26M/OfpBAtc2bFH0Ak3J9Y009dssOG59tdmbZs6UY3zVAjHS+tfZnAsHAWb3Pas=
x-served-by: cache-bfi-krnt7300066-BFI, cache-fra-etou8220135-FRA
last-modified: Fri, 03 May 2024 14:37:05 GMT
server: AmazonS3
x-timer: S1718729213.475435,VS0,VE0
etag: "3e648eec9a82105fa91c94f6b2b1de48"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 4, 4702

GET
H2 200 331-06d3ff046d0d4b8c.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 44 KB
14 KB 74ms
73ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/331-06d3ff046d0d4b8c.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5e03dbf0b6170c5ab9f1babdf043b6dd76b7c730e8869fbc61b8dbd217285ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qZjaYorsWoEEwlg9zZ_10ob34Rfg3gw8
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: VF4CAXBJRARQN8ET
age: 3727717
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13922
x-amz-id-2: MuNuAVlcVSpIFYzC6eVU+Sq2/KtH3jyoJIlMTLEZ3yLRJ12MmPu0J28AQNWcMhwDRN2qE+fLDLs=
x-served-by: cache-bfi-krnt7300081-BFI, cache-fra-etou8220135-FRA
last-modified: Fri, 03 May 2024 14:37:03 GMT
server: AmazonS3
x-timer: S1718729213.475299,VS0,VE0
etag: "2e2cfe5e148493e5dbc0d8af7d92e1ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 4, 4778

GET
H2 200 311-d37f8da221a72bc4.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 375 KB
102 KB 74ms
73ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/311-d37f8da221a72bc4.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b210a600139089349de6543d9b4e2d1db21daa65652e2c4917ddb538f1bfba10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: IpqCmjZ1IFkXy5WFZ12D5RdAFIcgHtPx
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: X76582Q35SZNRM4J
age: 417457
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 104284
x-amz-id-2: wHMXYSF/OgptUhQwKbHjzOYIL4BuFSQ/AUJMihr8/aUsXynWZpk0TZx4GzHJDA+m8ga9vtx3C7U=
x-served-by: cache-bfi-krnt7300118-BFI, cache-fra-etou8220135-FRA
last-modified: Thu, 13 Jun 2024 20:43:53 GMT
server: AmazonS3
x-timer: S1718729213.475227,VS0,VE0
etag: "3c6506cae7e5946bd5d730821b267fcd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 8, 1947

GET
H2 200 119-527e7fa3102c595d.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 309 KB
81 KB 51ms
50ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/119-527e7fa3102c595d.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

be36dbccb8a97b8f592b3408616661b337330c56a8784cfffb64ca61b4394b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8hqERMymRE3mX1wg8XgNNQcy9ZAd2GXp
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: X76DRAF2SF7WDBCZ
age: 417457
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 83067
x-amz-id-2: UEoEuOI8LOu3AHjsk7wTlLFca7KSSOV2Aqty0R5KItETTaND6QDVzm+BiBeyLUBLEv97ULn8VIo=
x-served-by: cache-bfi-kbfi7400038-BFI, cache-fra-etou8220135-FRA
last-modified: Thu, 13 Jun 2024 20:43:53 GMT
server: AmazonS3
x-timer: S1718729213.475178,VS0,VE0
etag: "444b69feef5899fcd195b819284a6a67"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 7, 1939

GET
H2 200 822-ae83be6bf494bcad.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 15 KB
5 KB 52ms
50ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/822-ae83be6bf494bcad.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

197b8d0900267caff70fea35aa5b038bbd4a48d25e4524f3803ff442ff678d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: d7i_m_FBny2tDLZ.t_apC0fdSFjhk6qZ
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: C1T863EPGR3JRBVM
age: 1042342
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4915
x-amz-id-2: AHvpkC+s9xXBwUOgDCfRyBDwcVFVt6eH2SEfJdEQ7p5tqVF9+wskxR+WOtUZ0j9A8m5DcgpuZh4=
x-served-by: cache-bfi-kbfi7400109-BFI, cache-fra-etou8220135-FRA
last-modified: Thu, 06 Jun 2024 15:08:19 GMT
server: AmazonS3
x-timer: S1718729213.475084,VS0,VE0
etag: "40740c00e3d203285127cca66a3bd58d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1, 3676

GET
H2 200 976-2d817916438d4b40.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 72 KB
23 KB 85ms
84ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/976-2d817916438d4b40.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4c7717ef4b9883742561e16d59fb4e0ec0ac6357d3582caa68087bed4ed083c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 4AnLRpSO8TGAGadc.7V8RzjPONe6WTXO
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: X76CEC4JWATMBBJP
age: 417457
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23110
x-amz-id-2: aQIU/bUVXYaMFGpUuNevp1VO6weZ42BSYU+qapBZWiwFZwoT0zkSbILxsLxToODhNVrhXuuCihg=
x-served-by: cache-bfi-kbfi7400031-BFI, cache-fra-etou8220135-FRA
last-modified: Thu, 13 Jun 2024 20:43:54 GMT
server: AmazonS3
x-timer: S1718729213.476540,VS0,VE0
etag: "e8cdee7e55596c5fd957cba49074371b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 7, 1826

GET
H2 200 %5B...slug%5D-ad89d3467f0198d9.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/pages/content/%5Blang%5D/news/%5Btype%5D/ 299 B
587 B 85ms
84ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/pages/content/%5Blang%5D/news/%5Btype%5D/%5B...slug%5D-ad89d3467f0198d9.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ebcd963400689482d49d5bd100fe9690c581b6a4fbfc54273de5daf8e3c77529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vbog5ifAtZOmFxCuxB_P0mpmJtKSUqmu
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: X7617ZBPRECMR89G
age: 417457
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 184
x-amz-id-2: lDNbFH6p6vmR/ZNH1sdA0FjOxHqOeuDN2olNFbr6BeGf1LZaxNlgqzxCpu5Jm9U0IXinterahco=
x-served-by: cache-bfi-kbfi7400061-BFI, cache-fra-etou8220135-FRA
last-modified: Thu, 13 Jun 2024 20:43:55 GMT
server: AmazonS3
x-timer: S1718729213.476511,VS0,VE0
etag: "ccab70d793f5c7ec3555f26a86536c62"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 7, 1478

GET
H2 200 _buildManifest.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/bWb_YtIvoiShOGJwf8qAl/ 1 KB
931 B 84ms
83ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/bWb_YtIvoiShOGJwf8qAl/_buildManifest.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

88b3dd2e6b3fe7ace8921decd9c16ea439dd96fd1a03a62ec65e761e7b150d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Ly1N5Jd6Q7WzCdvxgEAG7t9MO2WI3UVJ
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 0B997QKPWCCQV82V
age: 79223
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 521
x-amz-id-2: X1UqA9fYiiuCnI+EgNbLFijVYxH2VP2YpeplX70fCrD7bjwsN2T4Xd/yNb4WyHrpZYdqerIPobM=
x-served-by: cache-bfi-kbfi7400114-BFI, cache-fra-etou8220135-FRA
last-modified: Mon, 17 Jun 2024 18:40:33 GMT
server: AmazonS3
x-timer: S1718729213.476405,VS0,VE0
etag: "83b4f315f89d1e5e1e10b941745e4cf6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 35, 297

GET
H2 200 _ssgManifest.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/bWb_YtIvoiShOGJwf8qAl/ 88 B
306 B 84ms
83ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/bWb_YtIvoiShOGJwf8qAl/_ssgManifest.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a66383b381b46cccc8f600e19dedea91beedf07e06bb49f011fa7f7073ead591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: lWdOyceXLQo6FeK5IizO1QjgNctmvc.U
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 0B97H07QMD7SCQE3
age: 79223
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 60
x-amz-id-2: Ri3scGAoCsBkHwwp5loe06m842ezKrj+ZRao8iYEtJRoA+GbtJ3L14j00dvikQALXjFX2no7NMY=
x-served-by: cache-bfi-kbfi7400055-BFI, cache-fra-etou8220135-FRA
last-modified: Mon, 17 Jun 2024 18:40:33 GMT
server: AmazonS3
x-timer: S1718729213.476331,VS0,VE0
etag: "bee22ea531beed3eeff60fb48f41c658"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 38, 290

GET
H2 200 app.bundle.js Show response
assets.bwbx.io/s3/fence/fast-path/v1/ 5 KB
2 KB 46ms
43ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fence/fast-path/v1/app.bundle.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

49069a52f33fffc891b7605e081aa0c14a6d8cc16a11c53c1cb1c964298ecdf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: U4XDmijJePcvFVwTKFYnntKh.eEz2RpQ
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: K3NRC2EKBZ98N8G5
age: 29251
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2125
x-amz-id-2: c0H3oHoJ7uTKJFFKB4e0NYMIrBCarLKLDXracqLP7fqydZFhqnyHJBnNaUpvKIYqHktg2CyHj80=
x-served-by: cache-bfi-kbfi7400060-BFI, cache-fra-etou8220135-FRA
last-modified: Thu, 13 Jun 2024 20:45:39 GMT
server: AmazonS3
x-timer: S1718729213.474101,VS0,VE0
etag: "699e4812180a0f16faca1e3f4f2cb1ad"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 153, 1667

GET
DATA 200
OK truncated
/ 113 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0604e1347945a5561c8176d5eb7ad5db2d70a3494ccd72267b572e99c6f07a3a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 542 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8baed2039b7f621eac8fcebb89c159202493841f6aad9b48e128c61ee5e81e9a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 210 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9d1873e9dc49de0d9bc05cabcd59e303be9a7fcf38ff6ee4a9dd4970b0e5f34

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 828 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1c8cc14ccbd26faaf0c308b648f16aa7fa98de56b162362c8501130e0cfeb1e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 487401ead4bbfa1f3ebb914de73d9608fbc72a5dc6b3ab34de0f18117f80ac61

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 546 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 040cfadf88b5253a5a364a175a2d5326741f99674edd28294eb28f7f5bbabc2f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 620 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b36320bb6f64d37820c6b5eb4f604cf8693615f17ab433c711139009ef19dee1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 379 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b026da50fc169ef54c2afc989bc6c38a513aefed22fa11d195b1bf5f1f0e0344

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 BWHaasGrotesk-55Roman-Web-5cf5733cd9.woff2
assets.bwbx.io/s3/fontservice/fonts/ 31 KB
31 KB 46ms
44ms Font
font/woff2 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/BWHaasGrotesk-55Roman-Web-5cf5733cd9.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f00b7c9097ac1c7661f126d5fcc494efec22745d53a1d5294027db2a7c382ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: gmgEdLUmA86gblnoepLNIwtUiryDQdHN
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: CT1411FEYSKRVJZR
age: 1549941
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31420
x-amz-id-2: q3s2m8ATxsqD4fkbmoHZ0fdAqn2av6WNXHFyrD8h13+uoZaxp1ISj+fPiF8jf92dh/HWNPz7I2M=
x-served-by: cache-bfi-kbfi7400059-BFI, cache-fra-etou8220090-FRA
last-modified: Wed, 19 Apr 2023 20:39:52 GMT
server: AmazonS3
x-timer: S1718729214.622787,VS0,VE0
etag: "5cf5733cd9241d8e129282b8e5b8c193"
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1318, 3282

GET
H2 200 AvenirNextPForBBG-Regular-eb3bb1b816.woff2
assets.bwbx.io/s3/fontservice/fonts/ 36 KB
36 KB 45ms
43ms Font
font/woff2 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/AvenirNextPForBBG-Regular-eb3bb1b816.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13f07e4a2a1699b8dfc0b0ee14014fba6e822a778155a62ac588225ff8fe068a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8Tl5VGis9gmIi5st9QSz.k6zSIAoUZR0
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: MGCHNSTDTXBVH4M8
age: 3485915
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 36456
x-amz-id-2: uyXJMvC5n12hAmCiaieXJFpDlZvxOvu0T0BmS5JOTzXSahVwJhU0M3TI4/rDWhWa/GV9jiF20v4=
x-served-by: cache-bfi-krnt7300073-BFI, cache-fra-etou8220090-FRA
last-modified: Wed, 19 Apr 2023 20:39:52 GMT
server: AmazonS3
x-timer: S1718729214.622780,VS0,VE0
etag: "eb3bb1b8161ef443e50d2b9dfbcaeaa8"
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 13466, 3082

GET
H2 200 AvenirNextPForBBG-Demi-b9b4abf0ea.woff2
assets.bwbx.io/s3/fontservice/fonts/ 36 KB
36 KB 145ms
144ms Font
font/woff2 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/AvenirNextPForBBG-Demi-b9b4abf0ea.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d24b492cc15692d79a344d3cee1952e99baf5a35e727eee802014e43311af9dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: BbB7lUEQLiB.ND48m429jmcT5Kk2AMvA
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: C74A8GFHVSRSJ9XT
age: 3051999
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 36708
x-amz-id-2: moobtEX9kecw6IbkquRhrCq4kW3iSeBjMG032U+4w7XSUXXjrwbfNZw09mmJotg0Xn10rVT/SSc=
x-served-by: cache-bfi-kbfi7400090-BFI, cache-fra-etou8220090-FRA
last-modified: Wed, 19 Apr 2023 20:39:51 GMT
server: AmazonS3
x-timer: S1718729214.632014,VS0,VE0
etag: "b9b4abf0ea70a701fa5cfba89d02763f"
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 4600, 2963

GET
H2 200 BWHaasGrotesk-65Medium-Web-8f5de0c368.woff2
assets.bwbx.io/s3/fontservice/fonts/ 44 KB
44 KB 87ms
86ms Font
font/woff2 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/BWHaasGrotesk-65Medium-Web-8f5de0c368.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3d32d4c2d5335eb88ea6d28229f0da43e41eb98921baf759330ab5515419079b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vK8RIqqUhDaTLJxZc0UgYEsZkH35wfKn
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: YRJQ54Z60C4YFN45
age: 2425849
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 44900
x-amz-id-2: 2VJHybNrwFkbj6l0S6sxTvgxPvey1tdmRjtM/eJ6IhlXhhhxIPno7HvHVuPYay6lYrREyJIDJ0U=
x-served-by: cache-bfi-kbfi7400035-BFI, cache-fra-etou8220090-FRA
last-modified: Wed, 19 Apr 2023 20:39:52 GMT
server: AmazonS3
x-timer: S1718729214.623250,VS0,VE0
etag: "8f5de0c368941f43014377e91a930437"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 110, 2997

GET
H2 200 BWHaasGrotesk-75Bold-Web-de8c77cce2.woff2
assets.bwbx.io/s3/fontservice/fonts/ 32 KB
32 KB 146ms
145ms Font
font/woff2 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/BWHaasGrotesk-75Bold-Web-de8c77cce2.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d6f4b49a31c43a76d5fb6e08431ec59336962b0454dd61228df343005f46120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: DS2BZAwNnKNlX1NEHcghk1Sf.zrbqSHM
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: YR27WQ8DVETQR5PA
age: 1562996
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32756
x-amz-id-2: aGwSxdyj4htUUQqYu9JwI3ON3rcn+NGRCd68qIcDMtqr7wIGQRy1O8yoSvLCEFBeU1Oa8RN7tpQ=
x-served-by: cache-bfi-kbfi7400036-BFI, cache-fra-etou8220090-FRA
last-modified: Wed, 19 Apr 2023 20:39:52 GMT
server: AmazonS3
x-timer: S1718729214.631986,VS0,VE0
etag: "de8c77cce206155c16c93d0ca69528ca"
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 4459, 3265

GET
H2 200 BWHaasGrotesk-56Italic-Web-669253244d.woff2
assets.bwbx.io/s3/fontservice/fonts/ 33 KB
33 KB 147ms
146ms Font
font/woff2 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/BWHaasGrotesk-56Italic-Web-669253244d.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

36ce7e2a8573961b9d4eb7377f293a1487af673156a2d47c3f212de3f306e380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Z3M3k_b7bqG5Ctl09d8ajG16IF73skBo
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: BWFTHA9801RZNJ1R
age: 2372130
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33488
x-amz-id-2: tAYfi0BTGF7KWroHVrgf4KybfZe4f0i2Alf63aUHDgum513HCKHDZmPd0xEPZVRZF8jF8NZBulY=
x-served-by: cache-bfi-kbfi7400071-BFI, cache-fra-etou8220090-FRA
last-modified: Wed, 19 Apr 2023 20:39:52 GMT
server: AmazonS3
x-timer: S1718729214.632681,VS0,VE0
etag: "669253244d5430629948724163d319a2"
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 17, 2235

GET
H2 200 PublicoText-Roman-Web-bfa063ee27.woff2
assets.bwbx.io/s3/fontservice/fonts/ 51 KB
52 KB 51ms
51ms Font
font/woff2 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/PublicoText-Roman-Web-bfa063ee27.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ac65679285de2392fc8b76767e1db03387d7c5968544f70975f74eaecf1be10d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: be9Dw4r26kcwlkk3edtKT8p1fUdqvJSq
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 63JERNF8PAX2RRRJ
age: 3045767
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 52512
x-amz-id-2: dq58SvY+GTkp3hNv9s6+AKyvWpNvPFUr8cBMrwuWvCMZVc7cUd+FlILAUJIe1w8GH/g8NTVtXdg=
x-served-by: cache-bfi-kbfi7400094-BFI, cache-fra-etou8220090-FRA
last-modified: Wed, 19 Apr 2023 20:39:55 GMT
server: AmazonS3
x-timer: S1718729214.623209,VS0,VE0
etag: "bfa063ee2757aeb3365e8e0680513ae6"
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 3423, 2712

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
74 B 391ms
120ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 18 Jun 2024 16:46:53 GMT
content-length: 4
content-type: application/json

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
73 B 395ms
124ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 18 Jun 2024 16:46:53 GMT
content-length: 4
content-type: application/json

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
73 B 499ms
233ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
content-length: 4
content-type: application/json

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
73 B 497ms
235ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
content-length: 4
content-type: application/json

GET
H2 200 moatheader.js Show response
z.moatads.com/bloombergprebidheader853620778109/ 271 KB
93 KB 154ms
40ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/bloombergprebidheader853620778109/moatheader.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-237-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

e57c50e19eca7e5625b972d574db560e02ef77581956b6d8308f46183a0afe69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Jun 2024 16:46:53 GMT
content-md5: ADkwykFhtHpfBCSpR0QERA==
storage-tier: Standard
content-length: 94893
last-modified: Fri, 31 May 2024 10:31:38 GMT
opc-request-id: iad-1:xizRC95cKRHyoLS1mMlPrygo06FjVZ3zNwHzyCaPj4sGODy2jRq4A1ealwLNfsaG
x-api-id: native
etag: bdc9944b-d5b7-4349-9b99-68248944586f
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 2e5ef709-eac3-4f3b-a8c3-fcedd516cf30
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=63474
access-control-allow-credentials: true
accept-ranges: bytes

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
73 B 495ms
234ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
content-length: 4
content-type: application/json

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
73 B 495ms
235ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
content-length: 4
content-type: application/json

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
73 B 215ms
214ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
content-length: 4
content-type: application/json

GET
H2 200 query Show response
location.cm.bloomberg.com/ 93 B
385 B 420ms
125ms Fetch
application/json 3.13.162.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://location.cm.bloomberg.com/query

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.13.162.139 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-162-139.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

280469c47ded1e5c07f210702c3fefe4a955e5aac8df723b37a19246e544616f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
server: Apache
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bloomberg.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js Show response
sourcepointcmp.bloomberg.com/unified/4.25.0/ 156 KB
23 KB 45ms
45ms Script
text/javascript 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/unified/4.25.0/gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 924e5cdd56019f10cefe4b4a8b8f6ca2295efdde1f670ebf02a1001f063d6e7f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:32:22 GMT
content-encoding: br
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 13:35:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 4472
etag: W/"bdb59e0d65d41ca36dfd737b94eac1d0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: 9485rGgZZLjqe6N0NSZ7iNIza0fHbyqlFPRPKSdYSmnDrkJ_Nd7d_g==

GET
H2 200 usnat-uspapi.424a28a7602f5d18dde1.bundle.js Show response
sourcepointcmp.bloomberg.com/unified/4.25.0/ 210 KB
25 KB 53ms
53ms Script
text/javascript 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/unified/4.25.0/usnat-uspapi.424a28a7602f5d18dde1.bundle.js
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87053da4324f73f1254f505e432b68e7d263b38c6b0d7a94676e177fe3dbd16f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:32:22 GMT
content-encoding: br
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 13:35:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 4472
etag: W/"893213c926e949fe02cffcfe2e87d0bd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: cT2XBXLst6F1G4OYmDdkoWvUNk7AewZmf-cstlA6dS9YSDNzbMU8DA==

GET
H2 200 meta-data Show response
sourcepointcmp.bloomberg.com/wrapper/v2/ 447 B
974 B 128ms
46ms XHR
application/json 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/wrapper/v2/meta-data?hasCsp=true&accountId=1425&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%2C%22usnat%22%3A%7B%7D%7D&propertyId=31489&scriptVersion=4.25.0&scriptType=unified

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

61f728d26758bbc74ea0336ffbbe9c448f9242d2b523c7dbe4073a71d1543d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:33:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 830
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 447
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: BhiFobiV0_rZfcruqw8nCtiXdCbNNfP_lcs-SANl3K28Mh5Y_JtC-A==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/ 467 KB
146 KB 40ms
40ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

60e0d3bc202871fc6a3126bace9ea0e533987ae39e613e6f44a8e49e96569696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149174
x-xss-protection: 0
server: cafe
etag: 3598326600462146374
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 18 Jun 2025 16:46:15 GMT

OPTIONS
H/1.1 200
OK user-info
login.bloomberg.com/ Frame 0
0 1158ms
124ms Preflight
application/octet-stream 69.187.26.120
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/user-info?withSubscriberData=false&activeSubscriptionsOnly=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.187.26.120 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bloomberg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-csrf-token,correlationid,x-application-caller,x-jwt-token
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.bloomberg.com
content-length: 0
content-type: application/octet-stream
date: Tue, 18 Jun 2024 16:46:54 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 685 KB
146 KB 164ms
62ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MNTH5N

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfad0b85f5ac68efb2fd261a822a66478c9e82ba84de5cb6ccadcb1c2ee84924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148821
x-xss-protection: 0
last-modified: Tue, 18 Jun 2024 16:04:44 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Jun 2024 16:46:54 GMT

GET
H2 200 that.js Show response
www.bloomberg.com/tophat/assets/v2.7.0/ 9 KB
3 KB 48ms
47ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomberg.com/tophat/assets/v2.7.0/that.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

1b28198d91713aa890caba2881a528dce345c12a98eb11f1023712def6ff8634

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: wss: 'unsafe-inline' 'unsafe-eval', upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' http: https: data: blob: wss: 'unsafe-inline' 'unsafe-eval', upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff, nosniff
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
age: 671799
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2454
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200037-IAD, cache-fra-etou8220135-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Apr 2024 19:36:39 GMT
server: openresty
x-timer: S1718729214.899239,VS0,VE0
etag: W/"6626bc47-250f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=31536000, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
permissions-policy: join-ad-interest-group=(), run-ad-auction=(), browsing-topics=()
accept-ranges: bytes
x-cache-hits: 5722, 216

GET
H/1.1 200
OK user-info Show response
login.bloomberg.com/ 196 B
2 KB 368ms
135ms Fetch
application/json 69.187.26.120
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/user-info?withSubscriberData=false&activeSubscriptionsOnly=false

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.187.26.120 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

09c928fdecfbcf5a9d868d3ec6a3432e7dba754c497157577cd43d322e0cedef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 16:46:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
etag: W/"c4-8d22+BuBGZefmUvCxMAo0BHO1Ag"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bloomberg.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 196
expires: -1

GET
H2 200 app.bundle.js Show response
assets.bwbx.io/s3/fence/fortress-client/v1/ 525 KB
129 KB 40ms
39ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fence/fortress-client/v1/app.bundle.js

Requested by

Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/311-d37f8da221a72bc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0831dca48aeba73d427a60ab14161c605bcbf311f0a99fd290fea85426fcb7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8b8bkrXNyqWf.d.C9LVsns9LYC2gz4MP
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: VPXH4XT2QEEFMGZK
age: 2487
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 131835
x-amz-id-2: ZWJnicBS9yeCF40P7tfZAJrHowGFHiIIF57r/ljnn1nnAToGAZYJI8ZyI4pmOsSE5Hp4ZOf3RfU=
x-served-by: cache-bfi-krnt7300092-BFI, cache-fra-etou8220135-FRA
last-modified: Mon, 17 Jun 2024 20:58:33 GMT
server: AmazonS3
x-timer: S1718729214.910620,VS0,VE1
etag: "a140eede9e1b14bc8c4589aa93d521dd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=86400
accept-ranges: bytes
x-cache-hits: 2453, 1

GET
H2 200 frontend.json Show response
assets.bwbx.io/s3/abba/feed/ 817 KB
30 KB 43ms
43ms Fetch
application/json 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/abba/feed/frontend.json

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

37e32ebc838de9b549a79a5795b5492091977b83013a77f47b0c630ad5e57694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: h6r3POxCgeRuwXXpL6HYkGZ9s3sxPa_H
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: KGA02CBF7V3PMR5C
age: 15
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30484
x-amz-id-2: lXfB+tGT17Cx1ZaI9s4Opmop8QihAGsciVjTdTuw/0bH1B24ya19+xay3kOXWTJcnQqgwazLVG0=
x-served-by: cache-bfi-krnt7300026-BFI, cache-fra-etou8220090-FRA
last-modified: Tue, 18 Jun 2024 13:47:39 GMT
server: AmazonS3
x-timer: S1718729214.920249,VS0,VE4
etag: "8d5d55b87f0adf128dbfbdc1126a6365"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=3600
accept-ranges: bytes
x-cache-hits: 20671, 1

GET
H2 200 coordination Show response
coordinator.cm.bloomberg.com/ 431 B
2 KB 447ms
168ms Fetch
application/json 3.208.81.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://coordinator.cm.bloomberg.com/coordination?currentResource=Story%7CS0XNYVDWLU6801&metadata.paywall.device=Desktop%7CWindows_10%7Cchrome&metadata.consent=false&metadata.paywall.referrer=Direct&limit=100

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.208.81.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-81-161.compute-1.amazonaws.com

Software

Resource Hash

a8731dab13cfb994d32421ed6efcc5875e6e886e9fe8d8ffedbff14595e67bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
strict-transport-security: max-age=31536000
etag: W/"1af-Ke/V0M+AaAyAubLCuh1gqJG2Cm4"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bloomberg.com
access-control-allow-credentials: true
content-length: 431

GET
H2 200 messages Show response
sourcepointcmp.bloomberg.com/wrapper/v2/ 53 KB
8 KB 147ms
145ms XHR
application/json 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1425%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%22isKisa%22%3Afalse%2C%22view%22%3A%22web%22%7D%7D%2C%22usnat%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%22isKisa%22%3Afalse%2C%22view%22%3A%22web%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepointcmp.bloomberg.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fmc.bloomberg.com%2Fnews%2Farticles%2F2023-09-13%2Fcaesars-entertainment-paid-millions-in-ransom-in-recent-attack%22%2C%22propertyId%22%3A31489%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%2C%22usnat%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=45485171045485171099d44548575307b85&scriptVersion=4.25.0&scriptType=unified

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

3620bbc3c5262f71978e0847212bcb0f36974c6917ff170af8d258e38feb11d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=1200
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: iLVomqoQewHcSJm3u6pKWDdMTXgQp08MTWMPcb9m_7y44yOKzHxLMA==

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
73 B 159ms
159ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
content-length: 4
content-type: application/json

GET
H2 200 1200x800.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/iO8xB8RJODeg/v1/ 97 KB
0 0ms
0ms Image
image/jpeg 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iO8xB8RJODeg/v1/1200x800.jpg
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: e2180f7403ac35a3f4b17647175e187152f89b209f9c2613c04e4fbaacb9a2da

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:53 GMT
age: 1870934
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: 654428d3-6118-4cb7-afa3-33a073e12f5c
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 98968
x-served-by: cache-lga21920-LGA, cache-fra-etou8220135-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-7p8lj
server: Apache
x-timer: S1718729213.416707,VS0,VE84
etag: "0af0ed704a8e3fcb346b9182b01e16cc5"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 24, 0

GET
H2 200 spotlights Show response
www.bloomberg.com/tophat/api/ 17 B
921 B 90ms
89ms XHR
application/json 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomberg.com/tophat/api/spotlights?site=bcom

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

bb60b10bbd8ee62462aab755a86067f95ce3b2b5c777567e16c06fa32c1f1b92

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: wss: 'unsafe-inline' 'unsafe-eval', upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
tracestate: 25300@nr=0-1-1982697-1044747221-79a5e3be1720db26----1718729214012
traceparent: 00-fcd49389d2dfbdf3566c0117563f28f0-79a5e3be1720db26-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5ODI2OTciLCJhcCI6IjEwNDQ3NDcyMjEiLCJpZCI6Ijc5YTVlM2JlMTcyMGRiMjYiLCJ0ciI6ImZjZDQ5Mzg5ZDJkZmJkZjM1NjZjMDExNzU2M2YyOGYwIiwidGkiOjE3MTg3MjkyMTQwMTIsInRrIjoiMjUzMDAifX0=
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 18 Jun 2024 16:50:28 GMT
content-security-policy: default-src 'self' http: https: data: blob: wss: 'unsafe-inline' 'unsafe-eval', upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff, nosniff
date: Tue, 18 Jun 2024 16:46:54 GMT
strict-transport-security: max-age=31557600
age: 1586
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000046-IAD, cache-fra-etou8220135-FRA
referrer-policy: no-referrer-when-downgrade
server: openresty
x-timer: S1718728479.001939,VS0,VS0,VE0
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800, public, s-maxage=1800
permissions-policy: join-ad-interest-group=(), run-ad-auction=(), browsing-topics=()
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, content-type, accept
x-cache-hits: 5, 1

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 421 B
600 B 265ms
95ms Script
text/html 132.226.214.62
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-cAC8rBsiY9XHOforE1rDGF5wJkZRZh497Q4ryFr4Ar8HTKbn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-d6V3bHpQgmTbHQ%3D%3D&sc=1&os=1-DA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=930&qd=930&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bloomberg.com%2Fnews%2Farticles%2F2023-09-13%2Fcaesars-entertainment-paid-millions-in-ransom-in-recent-attack%3FleadSource%3Duverify%2520wall&pcode=bloombergprebidheader853620778109&rx=130441327974&callback=MoatNadoAllJsonpRequest_85098392
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/bloombergprebidheader853620778109/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 132.226.214.62 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 037c07146751eda1dd33f83d6151a151527e29c29a3c843e60f8adca98261c75

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
server: istio-envoy
etag: "4c27fa7461a628e0d16d23b12b56f42ff7cfa61e"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 29
timing-allow-origin: *
content-length: 421

GET
H2 200 iframe.html
z.moatads.com/hd09824092/ Frame D60B 0
0 146ms
71ms Document
text/html 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/hd09824092/iframe.html

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-237-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=941
content-encoding: gzip
content-length: 803
content-md5: Spy8LlvBZDE9rOQqWL7xQQ==
content-type: text/html
date: Tue, 18 Jun 2024 16:46:54 GMT
etag: 0d341092-8e0f-4735-ae34-f388ff501eed
last-modified: Thu, 21 Mar 2024 17:22:14 GMT
opc-meta-btime: 2021-01-26T22:41:39Z
opc-meta-mtime: 1611700899
opc-request-id: iad-1:iYaHZIcKsZiQsRRW1QohMTyfudXax_SNk12jPcrbtHzhbwSM-ygOOdh1u7H4De-w
storage-tier: Standard
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
version-id: 5af5eb63-417c-4960-9068-358f7e3e1642
x-api-id: native
x-content-type-options: nosniff

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
73 B 122ms
122ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
content-length: 4
content-type: application/json

GET
H2 200 styles.css
assets.bwbx.io/s3/fence/fortress-client/v1/ 49 KB
9 KB 40ms
40ms Stylesheet
text/css 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fence/fortress-client/v1/styles.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

72d1bea881874ed72d5e2b64e7b0ebd2d04da4a9f349aa2dd86468d65188e051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: geicULjklN9fYa.sGwRVZjFl.W87C.OH
content-encoding: br
date: Tue, 18 Jun 2024 16:46:54 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 00CZ09ZC2566KPX0
age: 2302
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8286
x-amz-id-2: +AhncViERoaIzFvUZ26R+0qtqktnWmyQDTO1PGJF7MsxkOKvu82Oz5Kxcdrs5am1hZP8LNLOoWI=
x-served-by: cache-bfi-kbfi7400066-BFI, cache-fra-etou8220135-FRA
last-modified: Thu, 13 Jun 2024 15:42:46 GMT
server: AmazonS3
x-timer: S1718729214.167098,VS0,VE0
etag: "f1a3bcad642cfb0942e2336879b87f79"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=86400
accept-ranges: bytes
x-cache-hits: 41422, 16

GET
H2 200 v3 Show response
js.stripe.com/ 613 KB
150 KB 145ms
39ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a9db1708eeafe67ede4dcce34d04fff61925d40ccc393a3084de6b2fa885981b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 18 Jun 2024 16:46:54 GMT
via: 1.1 varnish
age: 5
x-cache: HIT
content-length: 153099
x-request-id: af59fa84-e9fc-4e67-a953-d8c5b2087a32
x-served-by: cache-fra-etou8220039-FRA
last-modified: Mon, 17 Jun 2024 20:41:25 GMT
server: Fastly
etag: "f41aaa63cb6f9d7a11f89371427b4049"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

OPTIONS
H2 200 pv-data
sourcepointcmp.bloomberg.com/wrapper/v2/ Frame 0
0 44ms
43ms Preflight
text/html 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=45485171045485171099d44548575307b85&scriptVersion=4.25.0&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bloomberg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://www.bloomberg.com
allow: POST
cache-control: no-cache, no-store
content-length: 4
content-type: text/html; charset=utf-8
date: Tue, 18 Jun 2024 16:46:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-id: Ay4tJHX5K1z5urFEFx0JiJHQxslJHJ28z2Nbm-c8mJqfrJyg0Rj8_g==
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
x-powered-by: Express

POST
H2 200 pv-data Show response
sourcepointcmp.bloomberg.com/wrapper/v2/ 217 B
758 B 49ms
48ms XHR
application/json 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=45485171045485171099d44548575307b85&scriptVersion=4.25.0&scriptType=unified

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

58d4bfe33b901f1722e0b46461ad1aad64af9577ac9e175a9370dbae7d2934a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bloomberg.com
x-cache: Miss from cloudfront
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length: 217
x-amz-cf-id: 6ORbjXnkS3c3RXWhVtRYJlLiC33oNtRd-sxslTJZ1bQsQ4xQnBKD7Q==

GET
H2 200 index.html Show response
sourcepointcmp.bloomberg.com/ Frame 83FC 5 KB
2 KB 41ms
40ms Document
text/html 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cbd765571c490d453f11215fc749becfc988a52826858240157fa6844ce6dc1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 3142
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html
date: Tue, 18 Jun 2024 15:54:33 GMT
etag: W/"f107a76c03cbe0bfc9103bbe9ea917b5"
last-modified: Tue, 18 Jun 2024 15:50:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-id: oY05JfPqqC_MyGy5Ub0U0WvwKizPjYSc3b77UrOcYv2aOQdQipjOiA==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
93 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GQ1PBLXZCT&l=dataLayer&cx=c

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bbaab4b12143ab86e946789f64bbb83c627dc3d3758cbee6db502df6be3e7a4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94786
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 16:46:54 GMT

GET
H2 200 analytics-browser-gtm-wrapper-3.7.10.js.br Show response
cdn.amplitude.com/libs/ 24 KB
9 KB 208ms
54ms Script
application/javascript 13.32.110.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/analytics-browser-gtm-wrapper-3.7.10.js.br
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-51.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 197f2d7ed89aa268c510a1835c6b1b027bbbf5039924613d9862569b2f0f39c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:48:13 GMT
content-encoding: br
via: 1.1 2acbf12c17a7f7f2ed99463cb4024586.cloudfront.net (CloudFront)
x-amz-version-id: bBbRCXqerCyAFvl7r4F.EO4xpPtmcJhI
x-amz-cf-pop: VIE50-C2
age: 4265922
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8938
last-modified: Mon, 29 Apr 2024 19:32:33 GMT
server: AmazonS3
etag: "bf490880fc78afe0fc3da809513d45e6"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: JiDhRuQ4Y-uKv8CFWDceRYw4jbJu-T7CR1OTLlaY-TfKOmP9pRoBKQ==

GET
H2 200 Notice.3d382.css
sourcepointcmp.bloomberg.com/ Frame 83FC 34 KB
6 KB 48ms
45ms Stylesheet
text/css 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/Notice.3d382.css
Requested by: Host: sourcepointcmp.bloomberg.com
URL: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae603a72151d83d3cf11b4001a76fb78b58121612237d5e2cab03d8add6d87a2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:14:51 GMT
content-encoding: gzip
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jun 2024 16:11:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1925
x-amz-server-side-encryption: AES256
etag: W/"ed13b180d25e3820d890e71fce3095b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
x-amz-cf-id: EpC8HJHWfYt__EpKTuuc8CKy9CBkdiBkSKWoiEVer6rUAVMHr92vDw==

GET
H2 200 polyfills.b0798.js Show response
sourcepointcmp.bloomberg.com/ Frame 83FC 5 KB
2 KB 48ms
46ms Script
text/javascript 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/polyfills.b0798.js
Requested by: Host: sourcepointcmp.bloomberg.com
URL: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:01:51 GMT
content-encoding: gzip
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jun 2024 16:11:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 2704
x-amz-server-side-encryption: AES256
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: wen4d3dPFJYOTi1inbC_aMHceW8HrGC61HlnKzwseSgv7hJ0N0rEbQ==

GET
H2 200 Notice.2443b.js Show response
sourcepointcmp.bloomberg.com/ Frame 83FC 292 KB
76 KB 50ms
48ms Script
text/javascript 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/Notice.2443b.js
Requested by: Host: sourcepointcmp.bloomberg.com
URL: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2265d58f63dd42eb34146a5e08a0b7ed101661f7c27a4952d3a351795ec1c82c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:07:36 GMT
content-encoding: gzip
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jun 2024 16:11:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 2359
x-amz-server-side-encryption: AES256
etag: W/"09d9b759838c90f0b49df45dd1c9c936"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: ZymaQs_ELFbcQ33PUyb6mnjLi0hqr0CZtNacgI8LBECOQTGvgld0GQ==

POST
H2 200 set_consent_cookies Show response
sourcepointcmp.bloomberg.com/mms/ 0
396 B 48ms
47ms XHR
text/plain 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/mms/set_consent_cookies?consentUUID=1fc94f76-6c42-4d45-8b86-3030dfc7ac8f&consentUUID_maxAge=31536000&hasCsp=true

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
strict-transport-security: max-age=15552000; includeSubdomains
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: *
x-cache: Miss from cloudfront
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: 7Sh-LLdNjnrGSFLHxPO58Ag5gfais5IfJJtY-ZFpjuKfd90buU6zTg==

GET
H2 200 frontend.json Show response
assets.bwbx.io/s3/abba/feed/ 817 KB
0 1ms
1ms Fetch
application/json 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bwbx.io/s3/abba/feed/frontend.json
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37e32ebc838de9b549a79a5795b5492091977b83013a77f47b0c630ad5e57694

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: h6r3POxCgeRuwXXpL6HYkGZ9s3sxPa_H
content-encoding: br
date: Tue, 18 Jun 2024 16:46:53 GMT
x-amz-request-id: KGA02CBF7V3PMR5C
age: 15
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30484
x-amz-id-2: lXfB+tGT17Cx1ZaI9s4Opmop8QihAGsciVjTdTuw/0bH1B24ya19+xay3kOXWTJcnQqgwazLVG0=
x-served-by: cache-bfi-krnt7300026-BFI, cache-fra-etou8220090-FRA
last-modified: Tue, 18 Jun 2024 13:47:39 GMT
server: AmazonS3
x-timer: S1718729214.920249,VS0,VE4
etag: "8d5d55b87f0adf128dbfbdc1126a6365"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=3600
accept-ranges: bytes
x-cache-hits: 20671, 1

GET
H2 200 data.json Show response
assets.bwbx.io/s3/mediaservices/superelastic/ 103 KB
28 KB 41ms
41ms Fetch
binary/octet-stream 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/mediaservices/superelastic/data.json

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

452798f8b275b229c951910d4e874c3ae8103005f3e1ce2aa3e218fec36d4681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Ysd.VMIKjSiYionLzVRUwzdTUQV__G.I
content-encoding: br
date: Tue, 18 Jun 2024 16:46:54 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: DP48X8CQ0T72JES3
age: 332
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27916
x-amz-id-2: L/S0CcJLfk+71EfelYVq3lkd0g5VD1kqD4RcmQvAuSMwtpj8T+1q3ywELn5u2T8AvHpKQGjy9Ko=
x-served-by: cache-bfi-kbfi7400096-BFI, cache-fra-etou8220090-FRA
last-modified: Mon, 24 Oct 2022 14:07:26 GMT
server: AmazonS3
x-timer: S1718729214.460594,VS0,VE2
etag: "7c75126ed533d9f1301a278fa0badb85"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 500601, 1

GET
H/1.1 200
OK 2c92a0086614a669016615eb9d965f86 Show response
login.bloomberg.com/plutus-api/v1/rate-plan/ 2 KB
2 KB 232ms
232ms Fetch
application/json 69.187.26.120
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/plutus-api/v1/rate-plan/2c92a0086614a669016615eb9d965f86

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.187.26.120 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

3cf6cd0ec9c3a249e098686cd7a39fc2642dd90b0cc4e0c2f8c466cb0d032af7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

correlationId: 4f019785-ffee-4a4a-a406-4abedd4cf29a
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:55 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
transfer-encoding: chunked
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx
cross-origin-opener-policy: same-origin
etag: W/"998-nfZF56xvSBcq921wuus8efZ/Qq8"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bloomberg.com
origin-agent-cluster: ?1
x-download-options: noopen
access-control-allow-credentials: true

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
972 B 140ms
50ms Script
text/javascript 216.58.212.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lf7rDgfAAAAAI8VMW8SVVA-1mJZE25oy_WF1AGi

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f4.1e100.net

Software

GSE /

Resource Hash

ff867442aaaa6925e1c48b05f15de1e3f410de40cedd4b5465c17f4f9886d21c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 18 Jun 2024 16:46:54 GMT

OPTIONS
H/1.1 200
OK 2c92a0086614a669016615eb9d965f86
login.bloomberg.com/plutus-api/v1/rate-plan/ Frame 0
0 592ms
126ms Preflight
application/octet-stream 69.187.26.120
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/plutus-api/v1/rate-plan/2c92a0086614a669016615eb9d965f86

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.187.26.120 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,correlationid
Access-Control-Request-Method: GET
Origin: https://www.bloomberg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-csrf-token,correlationid,x-application-caller,x-jwt-token
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.bloomberg.com
content-length: 0
content-type: application/octet-stream
date: Tue, 18 Jun 2024 16:46:54 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 200 categories Show response
sourcepointcmp.bloomberg.com/consent/tcfv2/vendor-list/ Frame 83FC 2 KB
1 KB 40ms
39ms Fetch
application/json 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/consent/tcfv2/vendor-list/categories?siteId=31489

Requested by

Host: sourcepointcmp.bloomberg.com
URL: https://sourcepointcmp.bloomberg.com/Notice.2443b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

Resource Hash

1c40ce2e32755061e88a3b6bbaf692c9341720b9de3cc82733be9a7bb1903913

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:58:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2891
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=0, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: OwEGIju8HP8iPmwKeK46OnHs4NqpTBuZThMomy0aerxxvXwizCK2lA==

GET
H2 200 analytics-browser-gtm-2.7.0-min.js.gz Show response
cdn.amplitude.com/libs/ 66 KB
19 KB 140ms
47ms Script
application/javascript 13.32.110.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/analytics-browser-gtm-2.7.0-min.js.gz
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-51.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1be23e3cd620f476fe51056b3e21d5e9ef329d8720e558986a1b28103cc9e7d0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:03:53 GMT
content-encoding: gzip
via: 1.1 a5feee427fe9cff4e87dc473d3d3e300.cloudfront.net (CloudFront)
x-amz-version-id: _fT_EXZFkO1q3pUxJuS.Mt.qi1Y7.Cyi
x-amz-cf-pop: VIE50-C2
age: 4153382
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18368
last-modified: Mon, 29 Apr 2024 16:54:06 GMT
server: AmazonS3
etag: "b3ff986c2183cbd3fb1a4028ad571ee0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: oyBDQIaFNmyCZlQkoaCqjaIB16EQUIvZKCI-t97q-2_E26Yn2DTgmw==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/ 518 KB
207 KB 132ms
43ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__de.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

612ad04469fba362238294e47106a2e6061ef90c111851c0cdcae2e3ee27a6bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210814
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 04:02:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jun 2025 15:20:36 GMT

GET
H2 200 categories Show response
sourcepointcmp.bloomberg.com/consent/tcfv2/vendor-list/ Frame 83FC 2 KB
1 KB 41ms
40ms Fetch
application/json 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/consent/tcfv2/vendor-list/categories?siteId=31489&consentLanguage=en

Requested by

Host: sourcepointcmp.bloomberg.com
URL: https://sourcepointcmp.bloomberg.com/Notice.2443b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

Resource Hash

1c40ce2e32755061e88a3b6bbaf692c9341720b9de3cc82733be9a7bb1903913

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:58:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2891
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=0, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: 80oNfFLB4ZbiGf8XTOMyaZCh51Fgnjxon0UYwmF9FRN4unzXh7bbwQ==

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame A452 0
0 139ms
61ms Document
text/html 216.58.212.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf7rDgfAAAAAI8VMW8SVVA-1mJZE25oy_WF1AGi&co=aHR0cHM6Ly93d3cuYmxvb21iZXJnLmNvbTo0NDM.&hl=de&v=KXX4ARWFlYTftefkdODAYWZh&size=invisible&cb=bdug8cs66c4t

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bAY6fVwL62THRKuNaXZhgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bAY6fVwL62THRKuNaXZhgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jun 2024 16:46:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 controller-with-muas-control-aecae99ce12d7ac8543548845f815115.html
js.stripe.com/v3/ Frame 6CD9 0
0 129ms
52ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-muas-control-aecae99ce12d7ac8543548845f815115.html

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 186
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 18 Jun 2024 16:46:55 GMT
etag: "aecae99ce12d7ac8543548845f815115"
last-modified: Mon, 17 Jun 2024 20:05:30 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 9d070231-4f38-4114-a3de-7b23606e088b
x-served-by: cache-fra-etou8220097-FRA

GET
H2 200 payment-request-inner-google-pay-317263348376de9d8fcd6514a85aa8ec.html
js.stripe.com/v3/ Frame 7E8A 0
0 105ms
39ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-317263348376de9d8fcd6514a85aa8ec.html

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bloomberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 74261
cache-control: max-age=31536000
content-encoding: br
content-length: 183
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 18 Jun 2024 16:46:55 GMT
etag: "317263348376de9d8fcd6514a85aa8ec"
last-modified: Mon, 17 Jun 2024 20:05:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 488
x-content-type-options: nosniff
x-request-id: 4ff96ef4-fba0-4a9b-ab1f-69c5dbf4b20a
x-served-by: cache-fra-etou8220097-FRA

GET
H2 200 payment-request-inner-browser-0403562c894b3592ea096027940ce68e.html
js.stripe.com/v3/ Frame 424B 0
0 101ms
41ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-0403562c894b3592ea096027940ce68e.html

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 10
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 160
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 18 Jun 2024 16:46:55 GMT
etag: "0403562c894b3592ea096027940ce68e"
last-modified: Mon, 17 Jun 2024 20:05:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 41157a7d-006a-4bfa-986f-1cebc796e832
x-served-by: cache-fra-etou8220097-FRA

GET
H/1.1 200
OK user-info Show response
login.bloomberg.com/ 196 B
1 KB 136ms
135ms Fetch
application/json 69.187.26.120
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/user-info?withSubscriberData=false&activeSubscriptionsOnly=false

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.187.26.120 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

09c928fdecfbcf5a9d868d3ec6a3432e7dba754c497157577cd43d322e0cedef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-csrf-token: PLMMXgL1-Lyh15evBfWw0p2Xp8NMcaoMcKP8
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 16:46:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
etag: W/"c4-8d22+BuBGZefmUvCxMAo0BHO1Ag"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bloomberg.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 196
expires: -1

GET
H2 200 data.json Show response
assets.bwbx.io/s3/mediaservices/superelastic/ 103 KB
0 0ms
0ms Fetch
binary/octet-stream 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bwbx.io/s3/mediaservices/superelastic/data.json
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 452798f8b275b229c951910d4e874c3ae8103005f3e1ce2aa3e218fec36d4681

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Ysd.VMIKjSiYionLzVRUwzdTUQV__G.I
content-encoding: br
date: Tue, 18 Jun 2024 16:46:54 GMT
x-amz-request-id: DP48X8CQ0T72JES3
age: 332
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27916
x-amz-id-2: L/S0CcJLfk+71EfelYVq3lkd0g5VD1kqD4RcmQvAuSMwtpj8T+1q3ywELn5u2T8AvHpKQGjy9Ko=
x-served-by: cache-bfi-kbfi7400096-BFI, cache-fra-etou8220090-FRA
last-modified: Mon, 24 Oct 2022 14:07:26 GMT
server: AmazonS3
x-timer: S1718729214.460594,VS0,VE2
etag: "7c75126ed533d9f1301a278fa0badb85"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 500601, 1

POST
H2 200 eligibility Show response
gatehouse.cm.bloomberg.com/gatehousesvc/v2/sessions/f8db4628-785c-43df-a786-8b1acd237a1a/ 275 B
517 B 126ms
125ms Fetch
application/json 44.194.233.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gatehouse.cm.bloomberg.com/gatehousesvc/v2/sessions/f8db4628-785c-43df-a786-8b1acd237a1a/eligibility

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.194.233.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-233-32.compute-1.amazonaws.com

Software

Resource Hash

719f5f4dab1faeb811e49c399d869818c8786f72190d1e615d30bd734a57d532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.bloomberg.com
date: Tue, 18 Jun 2024 16:46:56 GMT
strict-transport-security: max-age=31536000
x-deployment-name: cmap-aws-production
content-length: 275
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

OPTIONS
H2 200 eligibility
gatehouse.cm.bloomberg.com/gatehousesvc/v2/sessions/f8db4628-785c-43df-a786-8b1acd237a1a/ Frame 0
0 486ms
119ms Preflight 44.194.233.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gatehouse.cm.bloomberg.com/gatehousesvc/v2/sessions/f8db4628-785c-43df-a786-8b1acd237a1a/eligibility

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.194.233.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-233-32.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bloomberg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.bloomberg.com
access-control-max-age: 1800
content-length: 0
date: Tue, 18 Jun 2024 16:46:55 GMT
strict-transport-security: max-age=31536000
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-deployment-name: cmap-aws-production

GET
H2 200 132786e87dea36db.css
assets.bwbx.io/s3/lightsaber/_next/static/css/ 16 KB
2 KB 39ms
38ms Stylesheet
text/css 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/css/132786e87dea36db.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e9000377d32f8d7b229e686b964c2035a0bad5c565660e338d4632876ff3e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: B3bHihZDSH_TersrDFOaSpyJOsjw3Y48
content-encoding: br
date: Tue, 18 Jun 2024 16:46:56 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 39CBHHKAYBAX060M
age: 1904404
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1618
x-amz-id-2: g7X4ko2lHZQSNonFaCvesN5AZLC52NpWMQjZItWAkI9TiWpdxR6gsxFgWObrRKGWOKoppJ+qKag=
x-served-by: cache-bfi-kbfi7400032-BFI, cache-fra-etou8220135-FRA
last-modified: Wed, 08 May 2024 16:04:39 GMT
server: AmazonS3
x-timer: S1718729216.095959,VS0,VE0
etag: "fca347a4e02df59d2c30fd7997f0903f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 2, 1999

GET
H2 200 687.b6982c669148e719.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 7 KB
3 KB 39ms
39ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/687.b6982c669148e719.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fbed3ae58bfafae5e147ec513e114b1a63dd78a68d1a20451338acdb2709ea89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: x3BtMY.rrlWAQCWvMlpbw5c5BRnNQ.Xi
content-encoding: br
date: Tue, 18 Jun 2024 16:46:56 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: NTEPZ7NGW4FW4GF4
age: 2865667
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2382
x-amz-id-2: yIFDmYrqW/kWcw4kNIgh0wwzHS3aY45ef6B7+ZeKeWlwpDpqCIUMY9Lpbis3h/zA99Ue9vRZ6Cw=
x-served-by: cache-bfi-krnt7300058-BFI, cache-fra-etou8220135-FRA
last-modified: Tue, 09 Apr 2024 21:26:05 GMT
server: AmazonS3
x-timer: S1718729216.096552,VS0,VE0
etag: "c6eb7d8a58ed2c6db2651aa5b26927cf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 2, 3727

GET
H2 200 rr Show response
personalization.bloomberg.com/user/recommendations/ 2 KB
1 KB 713ms
373ms Fetch
application/json 18.221.139.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://personalization.bloomberg.com/user/recommendations/rr?country=DE&region=Europe&fieldN=cp&timezoneOffset=-7200000&application=lightsaber&algorithm=rr&currentResource=Story%7CS0XNYVDWLU6801&decayCoefficient=10&limit=5&maxAge=432000&rescorers=popular&resourceTypes=Story&thumbnailRequired=true

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.221.139.147 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-139-147.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e82522915252592a8cfe58b853d0a9d08cad9cce7da3144e2117a6b59dcdf262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: Apache
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bloomberg.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 rr Show response
personalization.bloomberg.com/user/recommendations/ 2 KB
1 KB 909ms
569ms Fetch
application/json 18.221.139.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.221.139.147 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-139-147.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

c182a0a59f1b15de266404d72cd391bf36dbf737be8f64bb90f4288330e53163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: Apache
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bloomberg.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ 47 KB
18 KB 201ms
54ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1215.min.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: eZRxhm_cFwKHWhVLQBjoapGbr7QE3Y_b
content-encoding: br
via: 1.1 varnish
date: Tue, 18 Jun 2024 16:46:56 GMT
strict-transport-security: max-age=300
x-amz-request-id: ERCEGTQ47D1VQ1JJ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18245
x-amz-id-2: RtFn7cYzh5GPgPa93G1XnZgqndovpfvGzaWTKuXKsU5APLZmKHF1qfOw9hwbFtEZ/gth+uB4hkY=
x-served-by: cache-mxp6959-MXP
last-modified: Wed, 18 Oct 2023 21:31:15 GMT
server: AmazonS3
etag: "7e1862f7a390ed9fc02c299216395547"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 1319

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 01B0 0
0 39ms
39ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3588344
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 18 Jun 2024 16:46:56 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 203036
x-content-type-options: nosniff
x-request-id: 9a13fb66-891b-448d-b1bb-e5eaaef9b233
x-served-by: cache-fra-etou8220097-FRA

GET
H2 200 app.bundle.js Show response
assets.bwbx.io/s3/fence/plug-client/v0/ 117 KB
31 KB 40ms
40ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fence/plug-client/v0/app.bundle.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e33e443789597dc5b0f29b5c49ae43f8243d19fe4d80084e47080703d09e8974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: cvneRVq.exBd5_fv.yfly8KcPFID.2Qk
content-encoding: br
date: Tue, 18 Jun 2024 16:46:56 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: HGSPDMWH72VH5G0E
age: 360
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31234
x-amz-id-2: aKlBgMn8fcqK+JDnjN3AUna3/BPWcDOX+Qgg+7zLd1+TNx5hozkzi6UmL1j3Ps9zXnJ9oZzH/Og=
x-served-by: cache-bfi-krnt7300118-BFI, cache-fra-etou8220135-FRA
last-modified: Tue, 04 Jun 2024 13:48:24 GMT
server: AmazonS3
x-timer: S1718729216.195735,VS0,VE1
etag: "3a42540cebe955baa5c3a1278f6875d2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 180841, 1

GET
H/1.1 200 7852c3d8d4 Show response
bam-cell.nr-data.net/1/ 79 B
579 B 781ms
486ms Script
text/javascript 162.247.243.30
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/7852c3d8d4?a=1044747221&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=3858&ck=1&ref=https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack&be=925&fe=3642&dc=1258&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1718729212487,%22n%22:0,%22f%22:0,%22dn%22:28,%22dne%22:28,%22c%22:28,%22s%22:67,%22ce%22:130,%22rq%22:135,%22rp%22:875,%22rpe%22:916,%22dl%22:879,%22di%22:1120,%22ds%22:1257,%22de%22:1258,%22dc%22:3641,%22l%22:3642,%22le%22:3644%7D,%22navigation%22:%7B%7D%7D&fp=1157&fcp=1157&jsonp=NREUM.setToken
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f2205c30ab0d0a86cd0d715cf483bafd550c0ea9d4ddb24e2c182f1d7f024144

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:57 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: *
Content-Length: 79
x-served-by: cache-fra-etou8220140-FRA

GET
H2 200 articleRecircStories Show response
www.bloomberg.com/article/api/ 4 KB
2 KB 191ms
190ms Fetch
application/json 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomberg.com/article/api/articleRecircStories?ids=SF9CHQT0AFB400,SF8TMST0G1KW00,SF0G6KT1UM0W00,SF6KJXT0AFB400,SF2RO8T0AFB400

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty / Express

Resource Hash

e8fd8f84d077490f2e9d2c6f2f8b1a823f5eae7056e4dcb817d3ce242bc4634e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.bloomberg.com https://.bloomberg.com, upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
tracestate: 25300@nr=0-1-1982697-1044747221-8a9ef8f5897a0c56----1718729216841
traceparent: 00-558a4b578c36f303bcd2d38e2805d3f0-8a9ef8f5897a0c56-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5ODI2OTciLCJhcCI6IjEwNDQ3NDcyMjEiLCJpZCI6IjhhOWVmOGY1ODk3YTBjNTYiLCJ0ciI6IjU1OGE0YjU3OGMzNmYzMDNiY2QyZDM4ZTI4MDVkM2YwIiwidGkiOjE3MTg3MjkyMTY4NDEsInRrIjoiMjUzMDAifX0=
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' http://*.bloomberg.com https://*.bloomberg.com, upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Tue, 18 Jun 2024 16:46:56 GMT
strict-transport-security: max-age=31557600
age: 22
x-powered-by: Express
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1215
x-served-by: cache-iad-kiad7000054-IAD, cache-fra-etou8220135-FRA
referrer-policy: no-referrer-when-downgrade
server: openresty
x-timer: S1718728251.755920,VS0,VS0,VE63
etag: "wdu6xojrk82v4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=120
permissions-policy: join-ad-interest-group=(), run-ad-auction=(), browsing-topics=()
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 300x225.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/i.3Z07ZBHil4/v2/ 14 KB
14 KB 42ms
39ms Image
image/jpeg 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/i.3Z07ZBHil4/v2/300x225.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

993c8e382dd075452a9afa42a3649bd54b8163bf9d9b0cf42a9733f198faf90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:57 GMT
strict-transport-security: max-age=31557600
age: 27702
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: c1883df1-e613-4367-bd1b-18f8afc74969
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14172
x-served-by: cache-lga21977-LGA, cache-fra-etou8220135-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-7p8lj
server: Apache
x-timer: S1718729217.083188,VS0,VE0
etag: "090a0d611f9026df6c1b9c05a523598bf"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 4, 14

GET
H2 200 300x225.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/iS1HDJgCkFXg/v1/ 16 KB
16 KB 42ms
40ms Image
image/jpeg 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iS1HDJgCkFXg/v1/300x225.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

395e8bcb15b1e5e9f1fa921020a5b888c42a266412df833d4f30f67b3ac449ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:57 GMT
strict-transport-security: max-age=31557600
age: 63781
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: 1419978a-0d99-4a0f-aa7b-3b1bdf2de13b
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16543
x-served-by: cache-lga21944-LGA, cache-fra-etou8220135-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-4w7nl
server: Apache
x-timer: S1718729217.083157,VS0,VE0
etag: "08cc681eba1fe4bd98c8d3b0e086eb138"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 30, 9

GET
H2 200 300x225.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/iL3eKU0khz10/v0/ 12 KB
13 KB 42ms
41ms Image
image/jpeg 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iL3eKU0khz10/v0/300x225.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

7482c746e69af2008f2596576d0e19982e6e55c64c7fa9c8fe2fbdd37ff7d39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:57 GMT
strict-transport-security: max-age=31557600
age: 39511
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: 2bd17d77-876e-44aa-81d5-472a5f87ad19
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12710
x-served-by: cache-lga21933-LGA, cache-fra-etou8220135-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-4w7nl
server: Apache
x-timer: S1718729217.083503,VS0,VE0
etag: "01bbb8ffca93b57041640b8a46b7569c4"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 38

GET
H2 200 300x225.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/iGdGRuQOig8c/v0/ 10 KB
10 KB 42ms
41ms Image
image/jpeg 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iGdGRuQOig8c/v0/300x225.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

08987d6618183a71c77ed03221a1055c690718e6a1aec1727876583893149d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:57 GMT
strict-transport-security: max-age=31557600
age: 104575
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: 9565185d-34c5-48e9-b4cd-77e8a8f999da
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10328
x-served-by: cache-lga13629-LGA, cache-fra-etou8220135-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-4w7nl
server: Apache
x-timer: S1718729217.083467,VS0,VE0
etag: "09ef66a1542ac722d10b7204e7ac5eee9"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 5, 42

GET
H2 200 articleRecircStories Show response
www.bloomberg.com/article/api/ 3 KB
2 KB 96ms
95ms Fetch
application/json 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomberg.com/article/api/articleRecircStories?ids=SF8T03T1UM0W00,SF9CG8T1UM0W00,SF2V5QDWRGG000,SF9T42DWLU6800,SF9CG8DWX2PS00

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty / Express

Resource Hash

c211fe31cc4d260d8f8e138842aa12624ba5c98a22e8bbd16013365d3e6518a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.bloomberg.com https://.bloomberg.com, upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
tracestate: 25300@nr=0-1-1982697-1044747221-55f53a07c4002a38----1718729217068
traceparent: 00-e08f2abbecbbd642fb554afc8b16baa0-55f53a07c4002a38-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5ODI2OTciLCJhcCI6IjEwNDQ3NDcyMjEiLCJpZCI6IjU1ZjUzYTA3YzQwMDJhMzgiLCJ0ciI6ImUwOGYyYWJiZWNiYmQ2NDJmYjU1NGFmYzhiMTZiYWEwIiwidGkiOjE3MTg3MjkyMTcwNjgsInRrIjoiMjUzMDAifX0=
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' http://*.bloomberg.com https://*.bloomberg.com, upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Tue, 18 Jun 2024 16:46:57 GMT
strict-transport-security: max-age=31557600
age: 44
x-powered-by: Express
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1214
x-served-by: cache-iad-kcgs7200115-IAD, cache-fra-etou8220135-FRA
referrer-policy: no-referrer-when-downgrade
server: openresty
x-timer: S1718718026.972555,VS0,VS0,VE28
etag: "qleyw9vb9o2pn"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=120
permissions-policy: join-ad-interest-group=(), run-ad-auction=(), browsing-topics=()
accept-ranges: bytes
x-cache-hits: 0, 1

POST
H/1.1 204 7852c3d8d4 Show response
bam-cell.nr-data.net/ins/1/ 0
275 B 156ms
156ms XHR
text/plain 162.247.243.30
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/ins/1/7852c3d8d4?a=1044747221&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=4662&ck=1&ref=https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.bloomberg.com
date: Tue, 18 Jun 2024 16:46:57 GMT
access-control-allow-credentials: true
Connection: keep-alive
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
x-served-by: cache-fra-etou8220140-FRA

GET
H2 200 favicon-black.png
www.bloomberg.com/ 15 KB
15 KB 40ms
40ms Other
image/png 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomberg.com/favicon-black.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

fd1ace0f3033ff036069e86ffec8806531ed3465ccb7d16d27dea0f6d368cbbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:57 GMT
strict-transport-security: max-age=31557600
age: 17
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15406
x-served-by: cache-iad-kjyo7100165-IAD, cache-fra-etou8220135-FRA
last-modified: Tue, 18 Jun 2024 16:21:35 GMT
server: openresty
x-timer: S1718729217.170668,VS0,VE1
etag: "6671b40f-3c2e"
vary: Accept-Encoding, Accept-Encoding
content-type: image/png
cache-control: public, max-age=5, public, max-age=3600
accept-ranges: bytes
x-cache-hits: 78, 1

GET
H2 200 600x450.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/i_4QPwA_05jk/v0/ 58 KB
58 KB 40ms
39ms Image
image/jpeg 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/i_4QPwA_05jk/v0/600x450.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

185b2aada88103fd139b1356202922696383f4b710e3cbb89b1f1671c0ce0c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:57 GMT
strict-transport-security: max-age=31557600
age: 70977
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: 72fbd774-7631-4cb6-b462-6816c3cbd75b
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 58906
x-served-by: cache-lga21957-LGA, cache-fra-etou8220135-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-4w7nl
server: Apache
x-timer: S1718729217.196660,VS0,VE0
etag: "0ce37315c1fa8aabff12bf4a0fb01e1d1"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 10, 48

GET
H2 200 600x450.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/ideozBpSG2hM/v0/ 66 KB
66 KB 42ms
42ms Image
image/jpeg 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/ideozBpSG2hM/v0/600x450.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

8d8ac7489704ddcd7bfeecf8cd4532a79158bee43c9efb353f93b7276e8c725c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:57 GMT
strict-transport-security: max-age=31557600
age: 45750
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: 43f1f356-a055-4088-9241-7c70a08eb678
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 67298
x-served-by: cache-lga21944-LGA, cache-fra-etou8220135-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-4w7nl
server: Apache
x-timer: S1718729217.196908,VS0,VE0
etag: "0c7fe6d0da5fa05e44a04278035c5cc34"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 14, 34

GET
H2 200 600x450.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/idZCZWtOjST8/v1/ 53 KB
53 KB 41ms
41ms Image
image/jpeg 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/idZCZWtOjST8/v1/600x450.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

d793513cd609e310b8bcbb6b7a8dbc895e2c279865824dc011c192b84975fd6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:57 GMT
strict-transport-security: max-age=31557600
age: 348117
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: 79f59373-a0f2-4bc3-9621-7e665c6a8b8d
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54289
x-served-by: cache-lga21969-LGA, cache-fra-etou8220135-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-7p8lj
server: Apache
x-timer: S1718729217.196887,VS0,VE0
etag: "0ce82fef05b3022bf616a13083568ae6d"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 22, 45

GET
H2 200 600x450.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/iR37tdvP50fM/v1/ 61 KB
61 KB 50ms
49ms Image
image/jpeg 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iR37tdvP50fM/v1/600x450.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

56c56d5534b9f163fdc964464e4e530d58d3adc6b92b5c96af4a3c2c2d169b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:46:57 GMT
strict-transport-security: max-age=31557600
age: 24127
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: f04bb735-6557-4040-ad14-4a4a5eefc1f8
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 62140
x-served-by: cache-lga21970-LGA, cache-fra-etou8220135-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-7p8lj
server: Apache
x-timer: S1718729217.197255,VS0,VE0
etag: "0359d8f4c25da9c771cbbf73a9681a9fc"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 15

POST
H/1.1 200 7852c3d8d4 Show response
bam-cell.nr-data.net/events/1/ 24 B
344 B 150ms
150ms XHR
image/gif 162.247.243.30
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/7852c3d8d4?a=1044747221&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=4902&ck=1&ref=https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 18 Jun 2024 16:46:57 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.bloomberg.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-etou8220140-FRA

GET
H2 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ 176 B
298 B 39ms
39ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 18 Jun 2024 16:47:01 GMT
via: 1.1 varnish
age: 4111398
x-cache: HIT
content-length: 127
x-request-id: d2d04e86-741b-4fca-a512-0df863ff672a
x-served-by: cache-fra-etou8220039-FRA
last-modified: Thu, 21 Dec 2023 18:13:43 GMT
server: Fastly
etag: "96f5b26d366f47393b3ff36fe7471474"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 83734

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bloomberg.com/	1969-12-31 23:59:59	Name: exp_pref Value: EUR
.www.bloomberg.com/	1969-12-31 23:59:59	Name: country_code Value: DE
.bloomberg.com/	1969-12-31 23:59:59	Name: seen_uk Value: 1
.bloomberg.com/	1970-01-20 23:35:05	Name: _sp_krux Value: false
.www.bloomberg.com/	1970-01-21 06:11:05	Name: geo_info Value: {%22country%22:%22DE%22%2C%22region%22:%22Europe%22%2C%22fieldN%22:%22cp%22}\|1719334014262
.bloomberg.com/	1970-01-21 06:11:05	Name: consentUUID Value: 1fc94f76-6c42-4d45-8b86-3030dfc7ac8f
.bloomberg.com/	1970-01-21 06:11:05	Name: agent_id Value: e8d7d040-1393-47e0-9c79-2a5bf7cf5d85
.bloomberg.com/	1970-01-21 06:11:05	Name: session_id Value: fcedb684-e404-492d-a0f9-d4ad5e71492a
.bloomberg.com/	1970-01-21 06:11:05	Name: _session_id_backup Value: fcedb684-e404-492d-a0f9-d4ad5e71492a
.bloomberg.com/	1970-01-21 06:11:05	Name: session_key Value: 7371d098e2c78366e4064672326a97ec7f6d205a
.bloomberg.com/	1970-01-21 06:11:05	Name: gatehouse_id Value: f8db4628-785c-43df-a786-8b1acd237a1a
.bloomberg.com/	1970-01-21 06:11:05	Name: geo_info Value: %7B%22countryCode%22%3A%22DE%22%2C%22country%22%3A%22DE%22%2C%22field_n%22%3A%22cp%22%2C%22trackingRegion%22%3A%22Europe%22%2C%22cacheExpiredTime%22%3A1719334014293%2C%22region%22%3A%22Europe%22%2C%22fieldN%22%3A%22cp%22%7D%7C1719334014293
.bloomberg.com/	1969-12-31 23:59:59	Name: _reg-csrf Value: s%3AxBCklIyjYhh5V65o1eiFTJwa.NucmMHEHP8lII8sQ%2FEgyyAQ%2FsgBctk5RsnfGTVGS1zc
.bloomberg.com/	1970-01-20 21:25:32	Name: _user-data Value: %7B%22status%22%3A%22anonymous%22%7D
.bloomberg.com/	1970-01-20 21:25:32	Name: _last-refresh Value: 2024-6-18%2016%3A46
.bloomberg.com/	1969-12-31 23:59:59	Name: _reg-csrf-token Value: hgikHAse-MPWjxsZdqmTK18CzOTruRLeYJXg
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 270063140cf86277
m.stripe.com/	1970-01-21 07:01:29	Name: m Value: 0a51fec2-a345-4b21-b0fd-28b9f6b9badd936913
.www.bloomberg.com/	1970-01-21 06:11:05	Name: __stripe_mid Value: abc606d8-9ddd-4a0f-ac9f-775a4ac0267f51cd9e
.www.bloomberg.com/	1970-01-20 21:25:31	Name: __stripe_sid Value: 215114b7-550e-420c-adbc-b5b7c622f7e67a9df4

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'join-ad-interest-group'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'run-ad-auction'.
other	warning	URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other	warning	URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' http://.bloomberg.com https://.bloomberg.com upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.bwbx.io
bam-cell.nr-data.net
cdn.amplitude.com
coordinator.cm.bloomberg.com
eventrecorder.cm.bloomberg.com
gatehouse.cm.bloomberg.com
js-agent.newrelic.com
js.stripe.com
location.cm.bloomberg.com
login.bloomberg.com
mb.moatads.com
personalization.bloomberg.com
securepubads.g.doubleclick.net
sourcepointcmp.bloomberg.com
vi.ml314.com
www.bloomberg.com
www.google.com
www.googletagmanager.com
www.gstatic.com
z.moatads.com
13.32.110.51
132.226.214.62
151.101.0.176
151.101.129.73
151.101.64.176
162.247.243.30
172.217.16.194
18.221.139.147
18.66.102.11
216.58.212.164
23.35.237.151
2602:816:5001::39
2a00:1450:4001:80f::2008
2a00:1450:4001:82a::2003
3.13.162.139
3.208.81.161
35.201.104.135
44.194.233.32
54.157.55.199
69.187.26.120
037c07146751eda1dd33f83d6151a151527e29c29a3c843e60f8adca98261c75
040cfadf88b5253a5a364a175a2d5326741f99674edd28294eb28f7f5bbabc2f
0604e1347945a5561c8176d5eb7ad5db2d70a3494ccd72267b572e99c6f07a3a
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
0831dca48aeba73d427a60ab14161c605bcbf311f0a99fd290fea85426fcb7fe
08987d6618183a71c77ed03221a1055c690718e6a1aec1727876583893149d9f
09c928fdecfbcf5a9d868d3ec6a3432e7dba754c497157577cd43d322e0cedef
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e9000377d32f8d7b229e686b964c2035a0bad5c565660e338d4632876ff3e96
13f07e4a2a1699b8dfc0b0ee14014fba6e822a778155a62ac588225ff8fe068a
185b2aada88103fd139b1356202922696383f4b710e3cbb89b1f1671c0ce0c79
197b8d0900267caff70fea35aa5b038bbd4a48d25e4524f3803ff442ff678d83
197f2d7ed89aa268c510a1835c6b1b027bbbf5039924613d9862569b2f0f39c3
1b28198d91713aa890caba2881a528dce345c12a98eb11f1023712def6ff8634
1be23e3cd620f476fe51056b3e21d5e9ef329d8720e558986a1b28103cc9e7d0
1c40ce2e32755061e88a3b6bbaf692c9341720b9de3cc82733be9a7bb1903913
2265d58f63dd42eb34146a5e08a0b7ed101661f7c27a4952d3a351795ec1c82c
25dfb0e395e26c92cbb9ed5e54fff3a64ec8e1a3ae653555d4c5ae81ba087213
280469c47ded1e5c07f210702c3fefe4a955e5aac8df723b37a19246e544616f
35f9345280beb429b02ade29a3c776bf3ff537e4aad5e53cceeef6407b3bcaf2
3620bbc3c5262f71978e0847212bcb0f36974c6917ff170af8d258e38feb11d3
36ce7e2a8573961b9d4eb7377f293a1487af673156a2d47c3f212de3f306e380
37e32ebc838de9b549a79a5795b5492091977b83013a77f47b0c630ad5e57694
395e8bcb15b1e5e9f1fa921020a5b888c42a266412df833d4f30f67b3ac449ef
3a35b9186a2119220b3c8f08e105a22745afafd640c2614fe6f7c37d0c4ca895
3cbd765571c490d453f11215fc749becfc988a52826858240157fa6844ce6dc1
3cf6cd0ec9c3a249e098686cd7a39fc2642dd90b0cc4e0c2f8c466cb0d032af7
3d32d4c2d5335eb88ea6d28229f0da43e41eb98921baf759330ab5515419079b
44a51e14b839745d386198b5454b3f517cdcc4ab94c2b8b4d58c65cbb4a9680a
452798f8b275b229c951910d4e874c3ae8103005f3e1ce2aa3e218fec36d4681
487401ead4bbfa1f3ebb914de73d9608fbc72a5dc6b3ab34de0f18117f80ac61
49069a52f33fffc891b7605e081aa0c14a6d8cc16a11c53c1cb1c964298ecdf0
4c7717ef4b9883742561e16d59fb4e0ec0ac6357d3582caa68087bed4ed083c6
4d44e673ab7f35cd2babde98f4e434d45f63b53c6c4c68cc6ae3541d66877d00
4d6f4b49a31c43a76d5fb6e08431ec59336962b0454dd61228df343005f46120
4f00b7c9097ac1c7661f126d5fcc494efec22745d53a1d5294027db2a7c382ab
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
56c56d5534b9f163fdc964464e4e530d58d3adc6b92b5c96af4a3c2c2d169b92
58d4bfe33b901f1722e0b46461ad1aad64af9577ac9e175a9370dbae7d2934a6
5e03dbf0b6170c5ab9f1babdf043b6dd76b7c730e8869fbc61b8dbd217285ada
60e0d3bc202871fc6a3126bace9ea0e533987ae39e613e6f44a8e49e96569696
612ad04469fba362238294e47106a2e6061ef90c111851c0cdcae2e3ee27a6bb
61f728d26758bbc74ea0336ffbbe9c448f9242d2b523c7dbe4073a71d1543d2b
719f5f4dab1faeb811e49c399d869818c8786f72190d1e615d30bd734a57d532
72d1bea881874ed72d5e2b64e7b0ebd2d04da4a9f349aa2dd86468d65188e051
7482c746e69af2008f2596576d0e19982e6e55c64c7fa9c8fe2fbdd37ff7d39d
78b0756503dbbe94648e9b26d577c582d92c8828995be06f5e8e47bd0491b9ab
81d4573b04d1b03a2e5f4c66f84befc2fd3b5f86f2b06b002ce2a92ad982b7e8
84a28b0425e346b2bbe1393e3f6d9ec0868a99d631d2f3457fadc220989177a9
87053da4324f73f1254f505e432b68e7d263b38c6b0d7a94676e177fe3dbd16f
88b3dd2e6b3fe7ace8921decd9c16ea439dd96fd1a03a62ec65e761e7b150d40
8baed2039b7f621eac8fcebb89c159202493841f6aad9b48e128c61ee5e81e9a
8d8ac7489704ddcd7bfeecf8cd4532a79158bee43c9efb353f93b7276e8c725c
924e5cdd56019f10cefe4b4a8b8f6ca2295efdde1f670ebf02a1001f063d6e7f
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
993c8e382dd075452a9afa42a3649bd54b8163bf9d9b0cf42a9733f198faf90e
a4ec567b6fa873f941d9d0899f323cdb894ffd4bee2667efea480d331412480f
a66383b381b46cccc8f600e19dedea91beedf07e06bb49f011fa7f7073ead591
a8731dab13cfb994d32421ed6efcc5875e6e886e9fe8d8ffedbff14595e67bd7
a9d1873e9dc49de0d9bc05cabcd59e303be9a7fcf38ff6ee4a9dd4970b0e5f34
a9db1708eeafe67ede4dcce34d04fff61925d40ccc393a3084de6b2fa885981b
ac65679285de2392fc8b76767e1db03387d7c5968544f70975f74eaecf1be10d
ae603a72151d83d3cf11b4001a76fb78b58121612237d5e2cab03d8add6d87a2
b026da50fc169ef54c2afc989bc6c38a513aefed22fa11d195b1bf5f1f0e0344
b210a600139089349de6543d9b4e2d1db21daa65652e2c4917ddb538f1bfba10
b36320bb6f64d37820c6b5eb4f604cf8693615f17ab433c711139009ef19dee1
b98c6558c343a5f0e1b4cefedf8ffa0b53cb9ce1b0f81601ac9513673f1b4091
bb60b10bbd8ee62462aab755a86067f95ce3b2b5c777567e16c06fa32c1f1b92
bbaab4b12143ab86e946789f64bbb83c627dc3d3758cbee6db502df6be3e7a4d
bdc4d761c33b80b352df11a191c6723f8f30c74dd8c34855a9ab41ad6cfbae71
be36dbccb8a97b8f592b3408616661b337330c56a8784cfffb64ca61b4394b67
c182a0a59f1b15de266404d72cd391bf36dbf737be8f64bb90f4288330e53163
c1c8cc14ccbd26faaf0c308b648f16aa7fa98de56b162362c8501130e0cfeb1e
c211fe31cc4d260d8f8e138842aa12624ba5c98a22e8bbd16013365d3e6518a5
c66564ec6c3787bd7b9548ed52ac22d23f758d4f0f56c21c7918c0f63512b2ed
cfad0b85f5ac68efb2fd261a822a66478c9e82ba84de5cb6ccadcb1c2ee84924
d24b492cc15692d79a344d3cee1952e99baf5a35e727eee802014e43311af9dc
d3a6cb4ba7d2e169e837325c066262b1127bb8b525bf8146d9d7dbde5bbaa0e6
d41c09d06d11fd679e9dde59e294aa1c25df94d1d74e63f0daf8c136901258f2
d793513cd609e310b8bcbb6b7a8dbc895e2c279865824dc011c192b84975fd6a
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
e2180f7403ac35a3f4b17647175e187152f89b209f9c2613c04e4fbaacb9a2da
e33e443789597dc5b0f29b5c49ae43f8243d19fe4d80084e47080703d09e8974
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57c50e19eca7e5625b972d574db560e02ef77581956b6d8308f46183a0afe69
e82522915252592a8cfe58b853d0a9d08cad9cce7da3144e2117a6b59dcdf262
e8fd8f84d077490f2e9d2c6f2f8b1a823f5eae7056e4dcb817d3ce242bc4634e
eba0f96944a600c7bf9eb5affa52c9ba467ebcd4b9b8eba8c234dc3f9757ee41
ebaf718cdb52c3b775d67c7e89ea3827b63556a1b26cd912d7466508877926d5
ebcd963400689482d49d5bd100fe9690c581b6a4fbfc54273de5daf8e3c77529
f2205c30ab0d0a86cd0d715cf483bafd550c0ea9d4ddb24e2c182f1d7f024144
fbed3ae58bfafae5e147ec513e114b1a63dd78a68d1a20451338acdb2709ea89
fd1ace0f3033ff036069e86ffec8806531ed3465ccb7d16d27dea0f6d368cbbb
ff157e8c4d6cd382a7eb3f3801ea4ab7e626afd4a0210d35b69fc5aadeef7323
ff867442aaaa6925e1c48b05f15de1e3f410de40cedd4b5465c17f4f9886d21c

www.bloomberg.com Open in urlscan Pro 151.101.129.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

111 Requests

100 %HTTPS

15 %IPv6

12 Domains

20 Subdomains

21 IPs

3 Countries

2545 kBTransfer

9408 kBSize

20 Cookies

20 Outgoing links

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bloomberg.com Open in urlscan Pro
151.101.129.73 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

100 %
HTTPS

15 %
IPv6

12
Domains

20
Subdomains

21
IPs

3
Countries

2545 kB
Transfer

9408 kB
Size

20
Cookies

111 HTTP transactions
8 data transactions