www.bloomberg.com Open in urlscan Pro
151.101.1.73 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSour...
Submission: On June 19 via api (June 19th 2024, 2:42:40 am UTC) from US — Scanned from DE

Summary HTTP 109 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 12 domains to perform 109 HTTP transactions. The main IP is 151.101.1.73, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.bloomberg.com. The Cisco Umbrella rank of the primary domain is 25939.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 18th 2024. Valid for: a year.

This is the only time www.bloomberg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	151.101.1.73 151.101.1.73	54113 (FASTLY) (FASTLY)
15	151.101.65.73 151.101.65.73	54113 (FASTLY) (FASTLY)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
14	18.66.102.100 18.66.102.100	16509 (AMAZON-02) (AMAZON-02)
1	35.201.104.135 35.201.104.135	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	54.157.55.199 54.157.55.199	14618 (AMAZON-AES) (AMAZON-AES)
2	184.30.17.133 184.30.17.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.130.40.247 3.130.40.247	16509 (AMAZON-02) (AMAZON-02)
5	69.187.26.120 69.187.26.120	10361 (BLOOMBERG...) (BLOOMBERG-NET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	54.234.99.225 54.234.99.225	14618 (AMAZON-AES) (AMAZON-AES)
1	130.162.160.243 130.162.160.243	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
2	18.245.86.101 18.245.86.101	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	44.194.233.32 44.194.233.32	14618 (AMAZON-AES) (AMAZON-AES)
4	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
3	162.247.243.30 162.247.243.30	54113 (FASTLY) (FASTLY)
2	18.217.220.4 18.217.220.4	16509 (AMAZON-02) (AMAZON-02)
109	22

38 151.101.1.73 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.bwbx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.65.73 (San Francisco, United States)

ASN54113 (FASTLY, US)

assets.bwbx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 18.66.102.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-100.fra56.r.cloudfront.net

sourcepointcmp.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com

vi.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.157.55.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-55-199.compute-1.amazonaws.com

eventrecorder.cm.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.17.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-133.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.130.40.247 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-40-247.us-east-2.compute.amazonaws.com

location.cm.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.187.26.120 (United States)

ASN10361 (BLOOMBERG-NET, US)

login.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.234.99.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-99-225.compute-1.amazonaws.com

coordinator.cm.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.162.160.243 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.86.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-101.fra60.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.194.233.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-233-32.compute-1.amazonaws.com

gatehouse.cm.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.64.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.243.30 (United States)

ASN54113 (FASTLY, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.217.220.4 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-220-4.us-east-2.compute.amazonaws.com

personalization.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	bwbx.io assets.bwbx.io — Cisco Umbrella Rank: 25119	1 MB
40	bloomberg.com www.bloomberg.com — Cisco Umbrella Rank: 25939 sourcepointcmp.bloomberg.com — Cisco Umbrella Rank: 38348 eventrecorder.cm.bloomberg.com — Cisco Umbrella Rank: 29535 location.cm.bloomberg.com — Cisco Umbrella Rank: 69353 login.bloomberg.com — Cisco Umbrella Rank: 37951 coordinator.cm.bloomberg.com — Cisco Umbrella Rank: 41654 gatehouse.cm.bloomberg.com — Cisco Umbrella Rank: 61901 personalization.bloomberg.com — Cisco Umbrella Rank: 46874	265 KB
5	stripe.com js.stripe.com — Cisco Umbrella Rank: 1556	150 KB
3	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 3419	1 KB
3	moatads.com z.moatads.com — Cisco Umbrella Rank: 860 mb.moatads.com — Cisco Umbrella Rank: 1367	94 KB
2	google.com www.google.com — Cisco Umbrella Rank: 5	975 B
2	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 3917	28 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	239 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235	177 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 893	18 KB
1	gstatic.com www.gstatic.com	206 KB
1	ml314.com vi.ml314.com — Cisco Umbrella Rank: 8604	786 B
109	12

	Domain	Requested by
47	assets.bwbx.io	www.bloomberg.com assets.bwbx.io
14	sourcepointcmp.bloomberg.com	www.bloomberg.com sourcepointcmp.bloomberg.com
9	eventrecorder.cm.bloomberg.com	assets.bwbx.io
6	www.bloomberg.com	www.bloomberg.com
5	js.stripe.com	www.bloomberg.com
5	login.bloomberg.com	www.bloomberg.com
3	bam-cell.nr-data.net	www.bloomberg.com
2	personalization.bloomberg.com	www.bloomberg.com
2	gatehouse.cm.bloomberg.com	www.bloomberg.com
2	www.google.com	www.bloomberg.com
2	cdn.amplitude.com	www.bloomberg.com
2	www.googletagmanager.com	www.bloomberg.com
2	z.moatads.com	www.bloomberg.com
2	securepubads.g.doubleclick.net	www.bloomberg.com
1	js-agent.newrelic.com	www.bloomberg.com
1	www.gstatic.com	www.bloomberg.com
1	mb.moatads.com	z.moatads.com
1	coordinator.cm.bloomberg.com	www.bloomberg.com
1	location.cm.bloomberg.com	www.bloomberg.com
1	vi.ml314.com	www.bloomberg.com
109	20

This site contains links to these domains. Also see Links.

Domain
bba.bloomberg.net
service.bloomberg.com
www.facebook.com
www.instagram.com
www.linkedin.com
twitter.com
www.youtube.com
pro.bloomberglaw.com
pro.bloombergtax.com
about.bgov.com
about.bnef.com
www.bloomberglive.com
www.bloombergradio.com
www.bloombergmedia.com
pro.bloombergenvironment.com
bloom.bg
subscribe.businessweek.com
bloomberg.com
nytech.org

Subject Issuer	Validity	Valid
www.bloomberg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-18` - `2025-04-14`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
sourcepointcmp.bloomberg.co.jp R3	`2024-04-30` - `2024-07-29`	3 months	crt.sh
vi.ml314.com WR3	`2024-05-18` - `2024-08-16`	3 months	crt.sh
eventrecorder.cm.bloomberg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-23` - `2025-03-23`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
location.cm.bloomberg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-08-06` - `2024-09-04`	a year	crt.sh
login.bloomberg.com DigiCert SHA2 Extended Validation Server CA	`2023-12-18` - `2025-01-16`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
coordinator.cm.bloomberg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-08` - `2025-02-06`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-05-22` - `2024-08-22`	3 months	crt.sh
cdn.amplitude.com Amazon RSA 2048 M02	`2023-12-14` - `2025-01-12`	a year	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
gatehouse.cm.bloomberg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-03` - `2025-02-01`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
personalization-prod2a.cm.bloomberg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-08` - `2025-03-09`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Frame ID: 4573EF3196DACB57A473DEA08914E818
Requests: 101 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 965E3A50EFC51B85EEFA0186668B6F54
Requests: 1 HTTP requests in this frame

Frame: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Frame ID: F5192A181EF0108A584A802D8278A791
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf7rDgfAAAAAI8VMW8SVVA-1mJZE25oy_WF1AGi&co=aHR0cHM6Ly93d3cuYmxvb21iZXJnLmNvbTo0NDM.&hl=de&v=TqxSU0dsOd2Q9IbI7CpFnJLD&size=invisible&cb=z5apqfdew1nw
Frame ID: A21108587A72B0C1F9E44FFF6AF7C747
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-muas-treatment-e0f251b79dfb606cd0bb43e4e1d3932b.html
Frame ID: DD15E9C2DE6362C1AB5D5ED60A934F2B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-00cd30a57be1d404c7725423c0637a2e.html
Frame ID: F023E8631D8EE7B121B514CFB510CA49
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-f0257740675b30b326617cbbfd2f30df.html
Frame ID: FB9E3DDBAEF632301FCF092421B6268F
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 6A3D933271196C16F8C2F23BBE9A679B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Caesars Paid Millions in Ransom in Hack Weeks Before MGM Las Vegas Attack - Bloomberg

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

109
Requests

100 %
HTTPS

14 %
IPv6

12
Domains

20
Subdomains

22
IPs

3
Countries

2548 kB
Transfer

9317 kB
Size

20
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://bba.bloomberg.net/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Anywhere Remote LoginBloomberg Anywhere Login

Search URL Search Domain Scan URL

URL: https://service.bloomberg.com/portal/sessions/new?utm_source=bloomberg-menu&utm_medium=bcom
Title: Manage Products and Account Information

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Bloomberglp
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bloomberg/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/2494
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/bloomberg
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@bloomberglp
Title: YouTube

Search URL Search Domain Scan URL

URL: https://pro.bloomberglaw.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Law

Search URL Search Domain Scan URL

URL: https://pro.bloombergtax.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Tax

Search URL Search Domain Scan URL

URL: https://about.bgov.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Government

Search URL Search Domain Scan URL

URL: https://about.bnef.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: BloombergNEF

Search URL Search Domain Scan URL

URL: https://www.bloomberglive.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Live Conferences

Search URL Search Domain Scan URL

URL: https://www.bloombergradio.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Radio

Search URL Search Domain Scan URL

URL: https://www.bloombergmedia.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Advertising

Search URL Search Domain Scan URL

URL: https://pro.bloombergenvironment.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Environment

Search URL Search Domain Scan URL

URL: http://bloom.bg/dg-ws-core-bcom-m1
Title: Before it’s here, it’s on the Bloomberg TerminalBloomberg Terminal LEARN MORE

Search URL Search Domain Scan URL

URL: https://subscribe.businessweek.com/pubs/BW/BWK/BWK_50_for_149.jsp?cds_page_id=266946&cds_mag_code=BWK&id=1703792422805&lsid=33621340228031432&vid=1&source=bbwhomepage
Title: Magazine

Search URL Search Domain Scan URL

URL: https://bloomberg.com/context
Title: About Us

Search URL Search Domain Scan URL

URL: https://nytech.org/made
Title: Made in NYC

Search URL Search Domain Scan URL

URL: https://www.bloombergmedia.com/contact
Title: Advertise

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

109 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request caesars-entertainment-paid-millions-in-ransom-in-recent-attack Show response
www.bloomberg.com/news/articles/2023-09-13/ 305 KB
47 KB 909ms
845ms Document
text/html 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty / Express

Resource Hash

75d97d1ec39634f323c72ba9d726a0e940bc7b502125dbca583f3607fe063577

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.bloomberg.com https://.bloomberg.com upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: public, max-age=120
content-encoding: br
content-length: 46535
content-security-policy: frame-ancestors 'self' http://*.bloomberg.com https://*.bloomberg.com upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Wed, 19 Jun 2024 02:42:34 GMT
etag: "15qjj5hxe206p2o"
fastly-restarts: 1
link: <https://assets.bwbx.io>; rel=preconnect; crossorigin, <https://assets.bwbx.io>; rel=preconnect, <https://sourcepointcmp.bloomberg.com>; rel=preconnect; crossorigin, <https://tpc.googlesyndication.com >; rel=preconnect; crossorigin, <https://www.google-analytics.com>; rel=preconnect; crossorigin, <https://www.googletagmanager.com>; rel=preconnect, <https://www.googletagmanager.com>; rel=preconnect; crossorigin
permissions-policy: join-ad-interest-group=(), run-ad-auction=(), browsing-topics=()
referrer-policy: no-referrer-when-downgrade
server: openresty
strict-transport-security: max-age=31557600
vary: Accept-Encoding, Accept-Encoding
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-powered-by: Express
x-served-by: cache-fra-etou8220036-FRA

GET
H2 200 1200x800.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/iO8xB8RJODeg/v1/ 97 KB
97 KB 56ms
31ms Image
image/jpeg 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iO8xB8RJODeg/v1/1200x800.jpg

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

e2180f7403ac35a3f4b17647175e187152f89b209f9c2613c04e4fbaacb9a2da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
age: 1906675
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: 654428d3-6118-4cb7-afa3-33a073e12f5c
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 98968
x-served-by: cache-lga21920-LGA, cache-fra-etou8220036-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-7p8lj
server: Apache
x-timer: S1718764955.576036,VS0,VE1
etag: "0af0ed704a8e3fcb346b9182b01e16cc5"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 24, 0

GET
H2 200 event-recorder-client.min.js Show response
assets.bwbx.io/s3/foundation/event-recorder-client/1.0/ 3 KB
2 KB 96ms
29ms Script
application/javascript 151.101.65.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d3a6cb4ba7d2e169e837325c066262b1127bb8b525bf8146d9d7dbde5bbaa0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: oIEfxgYiej3sqUYfNMp6KYOENf1HvXBv
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: MVQ6CV5SHFSYED4C
age: 906
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1257
x-amz-id-2: Dkh+yCxj4mR+rg/rB9gyUGgkNYSmtvBU75liAuVRQZPtP06E8jTFmToSNV8ckZ00lF1fU35SqYk=
x-served-by: cache-bfi-kbfi7400072-BFI, cache-fra-etou8220101-FRA
last-modified: Fri, 24 May 2024 19:17:44 GMT
server: AmazonS3
x-timer: S1718764955.618403,VS0,VE0
etag: "3b6bde335cf4231518f4b0e4e6faf18c"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=7200
accept-ranges: bytes
x-cache-hits: 183334, 2

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
31 KB 123ms
69ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

3848069aaa01426513ba23dc7ae55032eeae7ed8bf5e41dd5786e5fe33250525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32215
x-xss-protection: 0
server: cafe
etag: 265 / 19893 / m202406130101 / config-hash: 5515444381961717830
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jun 2024 02:42:34 GMT

GET
H2 200 spritz.mjs Show response
assets.bwbx.io/s3/spritz/v1/ 3 KB
2 KB 87ms
21ms Script
application/javascript 151.101.65.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/spritz/v1/spritz.mjs

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d44e673ab7f35cd2babde98f4e434d45f63b53c6c4c68cc6ae3541d66877d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: dkEHlonD2QCJO.8vGmxQusZAF6_vrIkT
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: FQP1DGXQ758DQ6G5
age: 57921
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1247
x-amz-id-2: /IT8F/nyFSuYAH8D+caRtEDDgPfSxgo1tdx39lS7Ti3MygoxkzwRYhd9oW8kJI5J8DG9B70Lu5U=
x-served-by: cache-bfi-kbfi7400055-BFI, cache-fra-etou8220101-FRA
last-modified: Wed, 08 Mar 2023 15:43:50 GMT
server: AmazonS3
x-timer: S1718764955.618223,VS0,VE0
etag: "a6774be5256f7356266f0f551c498948"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=345600
accept-ranges: bytes
x-cache-hits: 12126, 226

GET
H2 200 sparkle.mjs Show response
assets.bwbx.io/s3/sparkle/v6/ 94 KB
29 KB 89ms
22ms Script
application/javascript 151.101.65.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/sparkle/v6/sparkle.mjs

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ebaf718cdb52c3b775d67c7e89ea3827b63556a1b26cd912d7466508877926d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: .SfBjL_qkjGmnxXeTP4o3HsmKcksBDoT
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 7DNKCRPXKTQMQWTZ
age: 2928
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29727
x-amz-id-2: rf0E7Fb+6DRBSTlTS607/jqYJrLBd8RRLKmDSG7L25a5yvhRehdHRwardTpfeoj4+JMVybRQy4Q=
x-served-by: cache-bfi-krnt7300102-BFI, cache-fra-etou8220101-FRA
last-modified: Fri, 07 Jun 2024 13:49:05 GMT
server: AmazonS3
x-timer: S1718764955.618237,VS0,VE0
etag: "12ebb96ff952b55a691f6c213ec6ad62"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=86400
accept-ranges: bytes
x-cache-hits: 67751, 7

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
sourcepointcmp.bloomberg.com/unified/ 129 KB
37 KB 93ms
25ms Script
text/javascript 18.66.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/unified/wrapperMessagingWithoutDetection.js
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-100.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25dfb0e395e26c92cbb9ed5e54fff3a64ec8e1a3ae653555d4c5ae81ba087213

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:32:27 GMT
content-encoding: br
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 15:29:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 611
x-amz-server-side-encryption: AES256
etag: W/"614d1a5043fbedabab7a77a278247fe8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: yiWZxbaadIPQSiwuBW1Z8igcbnAGDXzjPxf5FuoF97kgDMjoBeABiA==

GET
H2 200 cmp-client.min.js Show response
assets.bwbx.io/s3/foundation/cmp-client/v3/ 8 KB
3 KB 322ms
20ms Script
application/javascript 151.101.65.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/foundation/cmp-client/v3/cmp-client.min.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

78b0756503dbbe94648e9b26d577c582d92c8828995be06f5e8e47bd0491b9ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 0pInZZsO5TzgOKNPuEIEu9j27DQcDDYt
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: QAPZB51FXSGZEV67
age: 2748
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2855
x-amz-id-2: r+BGhbfwMQXSsxTw6nBd5yWxfqyZKTTmtXtOk9+ZUke/t+w5vpfw1e4dlUjKrEC4xRv5wmChg+s=
x-served-by: cache-bfi-kbfi7400071-BFI, cache-fra-etou8220101-FRA
last-modified: Tue, 21 May 2024 16:26:03 GMT
server: AmazonS3
x-timer: S1718764955.906690,VS0,VE0
etag: "e6dd151a711d8bd702002ecabeb51194"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=7200
accept-ranges: bytes
x-cache-hits: 215086, 7

GET
H2 200 abba-client.js Show response
assets.bwbx.io/s3/abba/abba-client/latest/ 226 KB
68 KB 38ms
35ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/abba/abba-client/latest/abba-client.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

81d4573b04d1b03a2e5f4c66f84befc2fd3b5f86f2b06b002ce2a92ad982b7e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 6Hj4uSnesAuA6halvBRV2PJianJ5Mj4K
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: CBD0FR3D2EZ85HRA
age: 91
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 69194
x-amz-id-2: MLqzcBeGw5ovKhdTwjkotGu5q/pOJgUCFtgUFWtCJoDr2XJZmbiuBABISGCki6JBa2yH6CJPJvw=
x-served-by: cache-bfi-krnt7300050-BFI, cache-fra-etou8220036-FRA
last-modified: Mon, 29 Apr 2024 16:16:44 GMT
server: AmazonS3
x-timer: S1718764955.610171,VS0,VE1
etag: "2121c2857b816d37d11c245a9ea18609"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=120,stale-while-revalidate=300
accept-ranges: bytes
x-cache-hits: 637664, 1

GET
H2 200 282392dd7388ded3.css
assets.bwbx.io/s3/lightsaber/_next/static/css/ 27 KB
7 KB 48ms
24ms Stylesheet
text/css 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/css/282392dd7388ded3.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eba0f96944a600c7bf9eb5affa52c9ba467ebcd4b9b8eba8c234dc3f9757ee41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 7piPvU35oqBuTO5tma.wHGeW048K0rEI
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: X762HPMH3CJGG51D
age: 453199
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6296
x-amz-id-2: 9FuKj6X3g+dcbbgws2ZSCbTVCvLHWV3eFp6WzhcFra2MFVTqddD64dE4qXtZRIlUh/RYhGaiXwg=
x-served-by: cache-bfi-kbfi7400090-BFI, cache-fra-etou8220036-FRA
last-modified: Thu, 13 Jun 2024 20:43:56 GMT
server: AmazonS3
x-timer: S1718764955.576130,VS0,VE0
etag: "ac89ff30d899067e9e799abdd77148f3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 8, 1597

GET
H2 200 8aabfb97421f7fd1.css
assets.bwbx.io/s3/lightsaber/_next/static/css/ 99 KB
13 KB 49ms
25ms Stylesheet
text/css 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/css/8aabfb97421f7fd1.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3a35b9186a2119220b3c8f08e105a22745afafd640c2614fe6f7c37d0c4ca895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: NeqC8hYOL5GseDCKfA55ImauZyRRCf3z
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: C1T7Y6X2D0MAN2RP
age: 1078084
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12881
x-amz-id-2: bZxjRbKxDYN9XXMoABbvspAH30P1mNxHv33stFU/3BThKf5T6ookMlMiyHCIOlrVJ2cBPPwACMQ=
x-served-by: cache-bfi-krnt7300089-BFI, cache-fra-etou8220036-FRA
last-modified: Thu, 06 Jun 2024 15:08:21 GMT
server: AmazonS3
x-timer: S1718764955.576054,VS0,VE0
etag: "166f679d495a05bd20d0080de9c19f36"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 1, 3947

GET
H2 200 76a96731efe03c49.css
assets.bwbx.io/s3/lightsaber/_next/static/css/ 216 KB
29 KB 48ms
24ms Stylesheet
text/css 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/css/76a96731efe03c49.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ff157e8c4d6cd382a7eb3f3801ea4ab7e626afd4a0210d35b69fc5aadeef7323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: _T3df15zq3ILtJk8TEASVmF2EBNeGOQp
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: X763TD3SW7H5PE6E
age: 453199
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29145
x-amz-id-2: 4P4nziMauAGizqv0LvSBGWj0THo/+RvN9UuXIDwcSwHvtw0DGwicassNZqclcpa7/xtwo73mv8Q=
x-served-by: cache-bfi-krnt7300114-BFI, cache-fra-etou8220036-FRA
last-modified: Thu, 13 Jun 2024 20:43:56 GMT
server: AmazonS3
x-timer: S1718764955.576104,VS0,VE0
etag: "313eb3fc2bcdf246a2f390374bd98627"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 7, 1822

GET
H2 200 12d4164e218f8725.css
assets.bwbx.io/s3/lightsaber/_next/static/css/ 33 KB
5 KB 48ms
24ms Stylesheet
text/css 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/css/12d4164e218f8725.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

44a51e14b839745d386198b5454b3f517cdcc4ab94c2b8b4d58c65cbb4a9680a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: CU.HPoS..4W92eVyDJCHxP8xqrygE14o
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 0B92PD5H2BZ7A8NM
age: 114964
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5138
x-amz-id-2: FpdEZgUgmEgGGP8D193hP6Uz97lcSEPZiGK5MdpbQjFqAn+86s3zvXYkQFDc7tYJWpppL68Hmlw=
x-served-by: cache-bfi-kbfi7400080-BFI, cache-fra-etou8220036-FRA
last-modified: Mon, 17 Jun 2024 18:40:36 GMT
server: AmazonS3
x-timer: S1718764955.576072,VS0,VE0
etag: "77c65123f3fb625169923ab1ca26d78e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 35, 423

GET
H2 200 webpack-2327e7b70cfeb6a5.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 5 KB
3 KB 37ms
34ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/webpack-2327e7b70cfeb6a5.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b98c6558c343a5f0e1b4cefedf8ffa0b53cb9ce1b0f81601ac9513673f1b4091

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qI0muXFwF9HIvoFRqq_1YtztMmzvxhWI
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 0B95ANMHKJFVB03C
age: 114964
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2468
x-amz-id-2: OilM/LG/S3TORC8U89vW5Xpq7dK913kRuHsql5yPLAQuwJG4+9hkXEtCHCx4l/yMCMPUo9chng0=
x-served-by: cache-bfi-kbfi7400056-BFI, cache-fra-etou8220036-FRA
last-modified: Mon, 17 Jun 2024 18:40:36 GMT
server: AmazonS3
x-timer: S1718764955.610961,VS0,VE0
etag: "02ca00270d0144d683446921303567e5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 36, 395

GET
H2 200 framework-18c7e6fcf99e5daa.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 138 KB
46 KB 37ms
35ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/framework-18c7e6fcf99e5daa.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a4ec567b6fa873f941d9d0899f323cdb894ffd4bee2667efea480d331412480f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: KUkF4be0Fakjkh.1GA7_i_mUogsqGIri
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 5KXEV5FTF5ZSKGQM
age: 4201786
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 46541
x-amz-id-2: 5eynDikPUMGGi/Xbgm+LkMkRb4AtSVp3w3JoFUVjXCO/v+5pbaGgMrUylhBxFvEYgGehTcX8QdI=
x-served-by: cache-bfi-kbfi7400080-BFI, cache-fra-etou8220036-FRA
last-modified: Fri, 08 Dec 2023 17:56:48 GMT
server: AmazonS3
x-timer: S1718764955.610961,VS0,VE0
etag: "69b45b051aaedf2eb73ddcf7f41298ca"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 390, 6278

GET
H2 200 main-f77fdccae5243624.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 111 KB
34 KB 27ms
25ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/main-f77fdccae5243624.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d41c09d06d11fd679e9dde59e294aa1c25df94d1d74e63f0daf8c136901258f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: esK0QlBL4zSwhphUIt73NFQ6wu5o4O.f
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: JETC4MK9DR4AAB3D
age: 6355683
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34722
x-amz-id-2: HenJ+4TZHgx/tVcDu8+z2COVsbV99QavKWE3hUWFP0VwaCQqXXRcHmcdEH17GZI07dT5kM4EVN4=
x-served-by: cache-bfi-krnt7300100-BFI, cache-fra-etou8220036-FRA
last-modified: Fri, 08 Dec 2023 14:37:33 GMT
server: AmazonS3
x-timer: S1718764955.610670,VS0,VE0
etag: "9f98a1f9e28bb5026d50e092365847dd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 25, 6212

GET
H2 200 _app-a2674928afc1b65d.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/pages/ 29 KB
10 KB 27ms
24ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/pages/_app-a2674928afc1b65d.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bdc4d761c33b80b352df11a191c6723f8f30c74dd8c34855a9ab41ad6cfbae71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: yHC5CJgldhWO0LHHmzLohpuRejcR7Urf
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: VF427261D9WMTHY4
age: 3083390
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10081
x-amz-id-2: ADyslvsY6QL/26M/OfpBAtc2bFH0Ak3J9Y009dssOG59tdmbZs6UY3zVAjHS+tfZnAsHAWb3Pas=
x-served-by: cache-bfi-krnt7300066-BFI, cache-fra-etou8220036-FRA
last-modified: Fri, 03 May 2024 14:37:05 GMT
server: AmazonS3
x-timer: S1718764955.610658,VS0,VE0
etag: "3e648eec9a82105fa91c94f6b2b1de48"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 4, 4744

GET
H2 200 331-06d3ff046d0d4b8c.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 44 KB
14 KB 27ms
25ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/331-06d3ff046d0d4b8c.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5e03dbf0b6170c5ab9f1babdf043b6dd76b7c730e8869fbc61b8dbd217285ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qZjaYorsWoEEwlg9zZ_10ob34Rfg3gw8
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: VF4CAXBJRARQN8ET
age: 3763459
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13922
x-amz-id-2: MuNuAVlcVSpIFYzC6eVU+Sq2/KtH3jyoJIlMTLEZ3yLRJ12MmPu0J28AQNWcMhwDRN2qE+fLDLs=
x-served-by: cache-bfi-krnt7300081-BFI, cache-fra-etou8220036-FRA
last-modified: Fri, 03 May 2024 14:37:03 GMT
server: AmazonS3
x-timer: S1718764955.610647,VS0,VE0
etag: "2e2cfe5e148493e5dbc0d8af7d92e1ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 4, 5884

GET
H2 200 311-d37f8da221a72bc4.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 375 KB
102 KB 26ms
23ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/311-d37f8da221a72bc4.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b210a600139089349de6543d9b4e2d1db21daa65652e2c4917ddb538f1bfba10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: IpqCmjZ1IFkXy5WFZ12D5RdAFIcgHtPx
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: X76582Q35SZNRM4J
age: 453199
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 104284
x-amz-id-2: wHMXYSF/OgptUhQwKbHjzOYIL4BuFSQ/AUJMihr8/aUsXynWZpk0TZx4GzHJDA+m8ga9vtx3C7U=
x-served-by: cache-bfi-krnt7300118-BFI, cache-fra-etou8220036-FRA
last-modified: Thu, 13 Jun 2024 20:43:53 GMT
server: AmazonS3
x-timer: S1718764955.610633,VS0,VE0
etag: "3c6506cae7e5946bd5d730821b267fcd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 8, 1941

GET
H2 200 119-527e7fa3102c595d.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 309 KB
82 KB 27ms
25ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/119-527e7fa3102c595d.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

be36dbccb8a97b8f592b3408616661b337330c56a8784cfffb64ca61b4394b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8hqERMymRE3mX1wg8XgNNQcy9ZAd2GXp
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: X76DRAF2SF7WDBCZ
age: 453198
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 83067
x-amz-id-2: UEoEuOI8LOu3AHjsk7wTlLFca7KSSOV2Aqty0R5KItETTaND6QDVzm+BiBeyLUBLEv97ULn8VIo=
x-served-by: cache-bfi-kbfi7400038-BFI, cache-fra-etou8220036-FRA
last-modified: Thu, 13 Jun 2024 20:43:53 GMT
server: AmazonS3
x-timer: S1718764955.610625,VS0,VE0
etag: "444b69feef5899fcd195b819284a6a67"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 7, 1919

GET
H2 200 822-ae83be6bf494bcad.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 15 KB
5 KB 26ms
23ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/822-ae83be6bf494bcad.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

197b8d0900267caff70fea35aa5b038bbd4a48d25e4524f3803ff442ff678d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: d7i_m_FBny2tDLZ.t_apC0fdSFjhk6qZ
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: C1T863EPGR3JRBVM
age: 1078084
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4915
x-amz-id-2: AHvpkC+s9xXBwUOgDCfRyBDwcVFVt6eH2SEfJdEQ7p5tqVF9+wskxR+WOtUZ0j9A8m5DcgpuZh4=
x-served-by: cache-bfi-kbfi7400109-BFI, cache-fra-etou8220036-FRA
last-modified: Thu, 06 Jun 2024 15:08:19 GMT
server: AmazonS3
x-timer: S1718764955.610605,VS0,VE0
etag: "40740c00e3d203285127cca66a3bd58d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1, 3709

GET
H2 200 976-2d817916438d4b40.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 72 KB
23 KB 52ms
50ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/976-2d817916438d4b40.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4c7717ef4b9883742561e16d59fb4e0ec0ac6357d3582caa68087bed4ed083c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 4AnLRpSO8TGAGadc.7V8RzjPONe6WTXO
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: X76CEC4JWATMBBJP
age: 453199
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23110
x-amz-id-2: aQIU/bUVXYaMFGpUuNevp1VO6weZ42BSYU+qapBZWiwFZwoT0zkSbILxsLxToODhNVrhXuuCihg=
x-served-by: cache-bfi-kbfi7400031-BFI, cache-fra-etou8220036-FRA
last-modified: Thu, 13 Jun 2024 20:43:54 GMT
server: AmazonS3
x-timer: S1718764955.631529,VS0,VE0
etag: "e8cdee7e55596c5fd957cba49074371b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 7, 1811

GET
H2 200 %5B...slug%5D-ad89d3467f0198d9.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/pages/content/%5Blang%5D/news/%5Btype%5D/ 299 B
485 B 57ms
55ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/pages/content/%5Blang%5D/news/%5Btype%5D/%5B...slug%5D-ad89d3467f0198d9.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ebcd963400689482d49d5bd100fe9690c581b6a4fbfc54273de5daf8e3c77529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vbog5ifAtZOmFxCuxB_P0mpmJtKSUqmu
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: X7617ZBPRECMR89G
age: 453199
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 184
x-amz-id-2: lDNbFH6p6vmR/ZNH1sdA0FjOxHqOeuDN2olNFbr6BeGf1LZaxNlgqzxCpu5Jm9U0IXinterahco=
x-served-by: cache-bfi-kbfi7400061-BFI, cache-fra-etou8220036-FRA
last-modified: Thu, 13 Jun 2024 20:43:55 GMT
server: AmazonS3
x-timer: S1718764955.631522,VS0,VE0
etag: "ccab70d793f5c7ec3555f26a86536c62"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 7, 1390

GET
H2 200 _buildManifest.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/bWb_YtIvoiShOGJwf8qAl/ 1 KB
881 B 55ms
52ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/bWb_YtIvoiShOGJwf8qAl/_buildManifest.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

88b3dd2e6b3fe7ace8921decd9c16ea439dd96fd1a03a62ec65e761e7b150d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Ly1N5Jd6Q7WzCdvxgEAG7t9MO2WI3UVJ
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 0B997QKPWCCQV82V
age: 114964
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 521
x-amz-id-2: X1UqA9fYiiuCnI+EgNbLFijVYxH2VP2YpeplX70fCrD7bjwsN2T4Xd/yNb4WyHrpZYdqerIPobM=
x-served-by: cache-bfi-kbfi7400114-BFI, cache-fra-etou8220036-FRA
last-modified: Mon, 17 Jun 2024 18:40:33 GMT
server: AmazonS3
x-timer: S1718764955.631509,VS0,VE0
etag: "83b4f315f89d1e5e1e10b941745e4cf6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 35, 384

GET
H2 200 _ssgManifest.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/bWb_YtIvoiShOGJwf8qAl/ 88 B
458 B 54ms
52ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/bWb_YtIvoiShOGJwf8qAl/_ssgManifest.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a66383b381b46cccc8f600e19dedea91beedf07e06bb49f011fa7f7073ead591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: lWdOyceXLQo6FeK5IizO1QjgNctmvc.U
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 0B97H07QMD7SCQE3
age: 114964
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 60
x-amz-id-2: Ri3scGAoCsBkHwwp5loe06m842ezKrj+ZRao8iYEtJRoA+GbtJ3L14j00dvikQALXjFX2no7NMY=
x-served-by: cache-bfi-kbfi7400055-BFI, cache-fra-etou8220036-FRA
last-modified: Mon, 17 Jun 2024 18:40:33 GMT
server: AmazonS3
x-timer: S1718764955.631498,VS0,VE0
etag: "bee22ea531beed3eeff60fb48f41c658"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 38, 376

GET
H2 200 get Show response
vi.ml314.com/ 1000 B
786 B 94ms
41ms Script
application/javascript 35.201.104.135
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vi.ml314.com/get?eid=50066&tk=aO1CCthMyYq5eNlVwlKQXL9igGlRPy95K4LLnm84p2bE3d&fp=

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

135.104.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

cf043a02369c217b0f87069f2c7cb0b3d64c5c78fb2c821ceb46b263f51ea758

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
via: 1.1 google
date: Wed, 19 Jun 2024 02:42:34 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 app.bundle.js Show response
assets.bwbx.io/s3/fence/fast-path/v1/ 5 KB
3 KB 29ms
22ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fence/fast-path/v1/app.bundle.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

49069a52f33fffc891b7605e081aa0c14a6d8cc16a11c53c1cb1c964298ecdf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: U4XDmijJePcvFVwTKFYnntKh.eEz2RpQ
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: K3NRC2EKBZ98N8G5
age: 64992
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2125
x-amz-id-2: c0H3oHoJ7uTKJFFKB4e0NYMIrBCarLKLDXracqLP7fqydZFhqnyHJBnNaUpvKIYqHktg2CyHj80=
x-served-by: cache-bfi-kbfi7400060-BFI, cache-fra-etou8220036-FRA
last-modified: Thu, 13 Jun 2024 20:45:39 GMT
server: AmazonS3
x-timer: S1718764955.610171,VS0,VE0
etag: "699e4812180a0f16faca1e3f4f2cb1ad"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 2, 276

GET
DATA 200
OK truncated
/ 113 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0604e1347945a5561c8176d5eb7ad5db2d70a3494ccd72267b572e99c6f07a3a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 542 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8baed2039b7f621eac8fcebb89c159202493841f6aad9b48e128c61ee5e81e9a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 210 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9d1873e9dc49de0d9bc05cabcd59e303be9a7fcf38ff6ee4a9dd4970b0e5f34

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 828 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1c8cc14ccbd26faaf0c308b648f16aa7fa98de56b162362c8501130e0cfeb1e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 487401ead4bbfa1f3ebb914de73d9608fbc72a5dc6b3ab34de0f18117f80ac61

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 546 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 040cfadf88b5253a5a364a175a2d5326741f99674edd28294eb28f7f5bbabc2f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 620 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b36320bb6f64d37820c6b5eb4f604cf8693615f17ab433c711139009ef19dee1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 379 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b026da50fc169ef54c2afc989bc6c38a513aefed22fa11d195b1bf5f1f0e0344

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 BWHaasGrotesk-55Roman-Web-5cf5733cd9.woff2
assets.bwbx.io/s3/fontservice/fonts/ 31 KB
31 KB 22ms
19ms Font
font/woff2 151.101.65.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/BWHaasGrotesk-55Roman-Web-5cf5733cd9.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f00b7c9097ac1c7661f126d5fcc494efec22745d53a1d5294027db2a7c382ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: gmgEdLUmA86gblnoepLNIwtUiryDQdHN
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: CT1411FEYSKRVJZR
age: 4817799
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31420
x-amz-id-2: q3s2m8ATxsqD4fkbmoHZ0fdAqn2av6WNXHFyrD8h13+uoZaxp1ISj+fPiF8jf92dh/HWNPz7I2M=
x-served-by: cache-bfi-kbfi7400059-BFI, cache-fra-etou8220101-FRA
last-modified: Wed, 19 Apr 2023 20:39:52 GMT
server: AmazonS3
x-timer: S1718764955.658384,VS0,VE0
etag: "5cf5733cd9241d8e129282b8e5b8c193"
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1318, 6861

GET
H2 200 AvenirNextPForBBG-Regular-eb3bb1b816.woff2
assets.bwbx.io/s3/fontservice/fonts/ 36 KB
36 KB 22ms
19ms Font
font/woff2 151.101.65.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/AvenirNextPForBBG-Regular-eb3bb1b816.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13f07e4a2a1699b8dfc0b0ee14014fba6e822a778155a62ac588225ff8fe068a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8Tl5VGis9gmIi5st9QSz.k6zSIAoUZR0
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: MGCHNSTDTXBVH4M8
age: 3521657
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 36456
x-amz-id-2: uyXJMvC5n12hAmCiaieXJFpDlZvxOvu0T0BmS5JOTzXSahVwJhU0M3TI4/rDWhWa/GV9jiF20v4=
x-served-by: cache-bfi-krnt7300073-BFI, cache-fra-etou8220101-FRA
last-modified: Wed, 19 Apr 2023 20:39:52 GMT
server: AmazonS3
x-timer: S1718764955.658334,VS0,VE0
etag: "eb3bb1b8161ef443e50d2b9dfbcaeaa8"
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 13466, 6303

GET
H2 200 AvenirNextPForBBG-Demi-b9b4abf0ea.woff2
assets.bwbx.io/s3/fontservice/fonts/ 36 KB
36 KB 49ms
47ms Font
font/woff2 151.101.65.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/AvenirNextPForBBG-Demi-b9b4abf0ea.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d24b492cc15692d79a344d3cee1952e99baf5a35e727eee802014e43311af9dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: BbB7lUEQLiB.ND48m429jmcT5Kk2AMvA
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: C74A8GFHVSRSJ9XT
age: 3087741
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 36708
x-amz-id-2: moobtEX9kecw6IbkquRhrCq4kW3iSeBjMG032U+4w7XSUXXjrwbfNZw09mmJotg0Xn10rVT/SSc=
x-served-by: cache-bfi-kbfi7400090-BFI, cache-fra-etou8220101-FRA
last-modified: Wed, 19 Apr 2023 20:39:51 GMT
server: AmazonS3
x-timer: S1718764955.658757,VS0,VE0
etag: "b9b4abf0ea70a701fa5cfba89d02763f"
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 4600, 6041

GET
H2 200 BWHaasGrotesk-65Medium-Web-8f5de0c368.woff2
assets.bwbx.io/s3/fontservice/fonts/ 44 KB
44 KB 27ms
24ms Font
font/woff2 151.101.65.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/BWHaasGrotesk-65Medium-Web-8f5de0c368.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3d32d4c2d5335eb88ea6d28229f0da43e41eb98921baf759330ab5515419079b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vK8RIqqUhDaTLJxZc0UgYEsZkH35wfKn
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: YRJQ54Z60C4YFN45
age: 2461591
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 44900
x-amz-id-2: 2VJHybNrwFkbj6l0S6sxTvgxPvey1tdmRjtM/eJ6IhlXhhhxIPno7HvHVuPYay6lYrREyJIDJ0U=
x-served-by: cache-bfi-kbfi7400035-BFI, cache-fra-etou8220101-FRA
last-modified: Wed, 19 Apr 2023 20:39:52 GMT
server: AmazonS3
x-timer: S1718764955.658577,VS0,VE0
etag: "8f5de0c368941f43014377e91a930437"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 110, 6153

GET
H2 200 BWHaasGrotesk-75Bold-Web-de8c77cce2.woff2
assets.bwbx.io/s3/fontservice/fonts/ 32 KB
32 KB 45ms
43ms Font
font/woff2 151.101.65.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/BWHaasGrotesk-75Bold-Web-de8c77cce2.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d6f4b49a31c43a76d5fb6e08431ec59336962b0454dd61228df343005f46120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: DS2BZAwNnKNlX1NEHcghk1Sf.zrbqSHM
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: YR27WQ8DVETQR5PA
age: 4195503
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32756
x-amz-id-2: aGwSxdyj4htUUQqYu9JwI3ON3rcn+NGRCd68qIcDMtqr7wIGQRy1O8yoSvLCEFBeU1Oa8RN7tpQ=
x-served-by: cache-bfi-kbfi7400036-BFI, cache-fra-etou8220101-FRA
last-modified: Wed, 19 Apr 2023 20:39:52 GMT
server: AmazonS3
x-timer: S1718764955.658568,VS0,VE0
etag: "de8c77cce206155c16c93d0ca69528ca"
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 4459, 6830

GET
H2 200 BWHaasGrotesk-56Italic-Web-669253244d.woff2
assets.bwbx.io/s3/fontservice/fonts/ 33 KB
33 KB 61ms
58ms Font
font/woff2 151.101.65.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/BWHaasGrotesk-56Italic-Web-669253244d.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

36ce7e2a8573961b9d4eb7377f293a1487af673156a2d47c3f212de3f306e380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Z3M3k_b7bqG5Ctl09d8ajG16IF73skBo
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: BWFTHA9801RZNJ1R
age: 2407870
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33488
x-amz-id-2: tAYfi0BTGF7KWroHVrgf4KybfZe4f0i2Alf63aUHDgum513HCKHDZmPd0xEPZVRZF8jF8NZBulY=
x-served-by: cache-bfi-kbfi7400071-BFI, cache-fra-etou8220101-FRA
last-modified: Wed, 19 Apr 2023 20:39:52 GMT
server: AmazonS3
x-timer: S1718764955.660211,VS0,VE0
etag: "669253244d5430629948724163d319a2"
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 17, 4590

GET
H2 200 PublicoText-Roman-Web-bfa063ee27.woff2
assets.bwbx.io/s3/fontservice/fonts/ 51 KB
52 KB 52ms
50ms Font
font/woff2 151.101.65.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/PublicoText-Roman-Web-bfa063ee27.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ac65679285de2392fc8b76767e1db03387d7c5968544f70975f74eaecf1be10d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: be9Dw4r26kcwlkk3edtKT8p1fUdqvJSq
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 63JERNF8PAX2RRRJ
age: 3081508
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 52512
x-amz-id-2: dq58SvY+GTkp3hNv9s6+AKyvWpNvPFUr8cBMrwuWvCMZVc7cUd+FlILAUJIe1w8GH/g8NTVtXdg=
x-served-by: cache-bfi-kbfi7400094-BFI, cache-fra-etou8220101-FRA
last-modified: Wed, 19 Apr 2023 20:39:55 GMT
server: AmazonS3
x-timer: S1718764955.660193,VS0,VE0
etag: "bfa063ee2757aeb3365e8e0680513ae6"
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 3423, 5623

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
73 B 377ms
115ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jun 2024 02:42:34 GMT
content-length: 4
content-type: application/json

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 378ms
117ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jun 2024 02:42:34 GMT
content-length: 4
content-type: application/json

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 462ms
232ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
content-length: 4
content-type: application/json

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 453ms
228ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
content-length: 4
content-type: application/json

GET
H2 200 moatheader.js Show response
z.moatads.com/bloombergprebidheader853620778109/ 271 KB
93 KB 110ms
22ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/bloombergprebidheader853620778109/moatheader.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

e57c50e19eca7e5625b972d574db560e02ef77581956b6d8308f46183a0afe69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Jun 2024 02:42:34 GMT
content-md5: ADkwykFhtHpfBCSpR0QERA==
storage-tier: Standard
content-length: 94893
last-modified: Fri, 31 May 2024 10:31:38 GMT
opc-request-id: iad-1:H-SGHE5zyKV1Kh5yrvwUKDcj5VzqGDzBqWdTlVqFZOCH-2935kdz8GzMUmTs4ntK
x-api-id: native
etag: bdc9944b-d5b7-4349-9b99-68248944586f
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 2e5ef709-eac3-4f3b-a8c3-fcedd516cf30
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=27778
access-control-allow-credentials: true
accept-ranges: bytes

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 452ms
227ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
content-length: 4
content-type: application/json

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 451ms
227ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
content-length: 4
content-type: application/json

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 207ms
207ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
content-length: 4
content-type: application/json

GET
H2 200 query Show response
location.cm.bloomberg.com/ 119 B
398 B 394ms
119ms Fetch
application/json 3.130.40.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://location.cm.bloomberg.com/query

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.130.40.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-40-247.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a2655aa6e0bdf8309e45836e882c473586a5022171a042e0e446f2d1d1c4f9b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
server: Apache
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bloomberg.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js Show response
sourcepointcmp.bloomberg.com/unified/4.25.0/ 156 KB
23 KB 26ms
26ms Script
text/javascript 18.66.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/unified/4.25.0/gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-100.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 924e5cdd56019f10cefe4b4a8b8f6ca2295efdde1f670ebf02a1001f063d6e7f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:32:22 GMT
content-encoding: br
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 13:35:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 40213
etag: W/"bdb59e0d65d41ca36dfd737b94eac1d0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: x_bwQUo_PGKvvMZUinibqGA3vWHHGqGpLST-jm4x9Yh4W4ExLguYuA==

GET
H2 200 usnat-uspapi.424a28a7602f5d18dde1.bundle.js Show response
sourcepointcmp.bloomberg.com/unified/4.25.0/ 210 KB
25 KB 32ms
31ms Script
text/javascript 18.66.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/unified/4.25.0/usnat-uspapi.424a28a7602f5d18dde1.bundle.js
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-100.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87053da4324f73f1254f505e432b68e7d263b38c6b0d7a94676e177fe3dbd16f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:32:22 GMT
content-encoding: br
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 13:35:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 40213
etag: W/"893213c926e949fe02cffcfe2e87d0bd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: jHuDgDjVEc9o6mPY3-R3GkLzV9w_XVQQFndTKPRKaVHz-tIwhvEMWw==

GET
H2 200 meta-data Show response
sourcepointcmp.bloomberg.com/wrapper/v2/ 447 B
983 B 72ms
24ms XHR
application/json 18.66.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/wrapper/v2/meta-data?hasCsp=true&accountId=1425&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%2C%22usnat%22%3A%7B%7D%7D&propertyId=31489&scriptVersion=4.25.0&scriptType=unified

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-100.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

61f728d26758bbc74ea0336ffbbe9c448f9242d2b523c7dbe4073a71d1543d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 01:50:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3146
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 447
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: aZKtwC849Xij0GjWNsKa6mjfDlrOT-NTlGYJ_LWsNb0sb74HIbh6hQ==

OPTIONS
H/1.1 200
OK user-info
login.bloomberg.com/ Frame 0
0 508ms
113ms Preflight
application/octet-stream 69.187.26.120
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/user-info?withSubscriberData=false&activeSubscriptionsOnly=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.187.26.120 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bloomberg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-csrf-token,correlationid,x-application-caller,x-jwt-token
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.bloomberg.com
content-length: 0
content-type: application/octet-stream
date: Wed, 19 Jun 2024 02:42:35 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 685 KB
146 KB 138ms
84ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MNTH5N

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

150eb0539ca56135143fcc43d3986c00b1c31ddf2565aeadd613127ea757e1ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148969
x-xss-protection: 0
last-modified: Wed, 19 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Jun 2024 02:42:34 GMT

GET
H2 200 that.js Show response
www.bloomberg.com/tophat/assets/v2.7.0/ 9 KB
3 KB 22ms
22ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomberg.com/tophat/assets/v2.7.0/that.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

1b28198d91713aa890caba2881a528dce345c12a98eb11f1023712def6ff8634

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: wss: 'unsafe-inline' 'unsafe-eval', upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' http: https: data: blob: wss: 'unsafe-inline' 'unsafe-eval', upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff, nosniff
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
age: 526830
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2454
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200037-IAD, cache-fra-etou8220036-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Apr 2024 19:36:39 GMT
server: openresty
x-timer: S1718764955.835085,VS0,VE0
etag: W/"6626bc47-250f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=31536000, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
permissions-policy: join-ad-interest-group=(), run-ad-auction=(), browsing-topics=()
accept-ranges: bytes
x-cache-hits: 2591, 281

GET
H/1.1 200
OK user-info Show response
login.bloomberg.com/ 196 B
2 KB 339ms
127ms Fetch
application/json 69.187.26.120
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/user-info?withSubscriberData=false&activeSubscriptionsOnly=false

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.187.26.120 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

09502849ea7d3889361479a4025f458c0c9f2404eb6ecba31d64713d31711197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 02:42:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
etag: W/"c4-YZRSxDIFxSQrlpOnh/qqHK6AzGo"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bloomberg.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 196
expires: -1

GET
H2 200 app.bundle.js Show response
assets.bwbx.io/s3/fence/fortress-client/v1/ 525 KB
129 KB 23ms
22ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fence/fortress-client/v1/app.bundle.js

Requested by

Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/311-d37f8da221a72bc4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0831dca48aeba73d427a60ab14161c605bcbf311f0a99fd290fea85426fcb7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8b8bkrXNyqWf.d.C9LVsns9LYC2gz4MP
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: VPXH4XT2QEEFMGZK
age: 2227
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 131835
x-amz-id-2: ZWJnicBS9yeCF40P7tfZAJrHowGFHiIIF57r/ljnn1nnAToGAZYJI8ZyI4pmOsSE5Hp4ZOf3RfU=
x-served-by: cache-bfi-krnt7300092-BFI, cache-fra-etou8220036-FRA
last-modified: Mon, 17 Jun 2024 20:58:33 GMT
server: AmazonS3
x-timer: S1718764955.841320,VS0,VE1
etag: "a140eede9e1b14bc8c4589aa93d521dd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=86400
accept-ranges: bytes
x-cache-hits: 24399, 1

GET
H2 200 frontend.json Show response
assets.bwbx.io/s3/abba/feed/ 817 KB
30 KB 24ms
23ms Fetch
application/json 151.101.65.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/abba/feed/frontend.json

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

37e32ebc838de9b549a79a5795b5492091977b83013a77f47b0c630ad5e57694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: h6r3POxCgeRuwXXpL6HYkGZ9s3sxPa_H
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: KGA02CBF7V3PMR5C
age: 51
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30484
x-amz-id-2: lXfB+tGT17Cx1ZaI9s4Opmop8QihAGsciVjTdTuw/0bH1B24ya19+xay3kOXWTJcnQqgwazLVG0=
x-served-by: cache-bfi-krnt7300026-BFI, cache-fra-etou8220101-FRA
last-modified: Tue, 18 Jun 2024 13:47:39 GMT
server: AmazonS3
x-timer: S1718764955.880467,VS0,VE1
etag: "8d5d55b87f0adf128dbfbdc1126a6365"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=3600
accept-ranges: bytes
x-cache-hits: 103794, 1

GET
H2 200 coordination Show response
coordinator.cm.bloomberg.com/ 474 B
2 KB 417ms
152ms Fetch
application/json 54.234.99.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://coordinator.cm.bloomberg.com/coordination?currentResource=Story%7CS0XNYVDWLU6801&metadata.paywall.device=Desktop%7CWindows_10%7Cchrome&metadata.consent=false&metadata.paywall.referrer=Direct&limit=100

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.234.99.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-99-225.compute-1.amazonaws.com

Software

Resource Hash

626987114707b272f5532553fcb6037bd707a1ff5f4c61dc6286f94e7dcb0943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
strict-transport-security: max-age=31536000
etag: W/"1da-qDIF3b7QlAMhmehFRx5Sx7kPv5M"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bloomberg.com
access-control-allow-credentials: true
content-length: 474

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/ 467 KB
146 KB 22ms
22ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

60e0d3bc202871fc6a3126bace9ea0e533987ae39e613e6f44a8e49e96569696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15841
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149174
x-xss-protection: 0
server: cafe
etag: 3598326600462146374
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 18 Jun 2025 22:18:33 GMT

GET
H2 200 messages Show response
sourcepointcmp.bloomberg.com/wrapper/v2/ 53 KB
8 KB 135ms
134ms XHR
application/json 18.66.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1425%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%22isKisa%22%3Afalse%2C%22view%22%3A%22web%22%7D%7D%2C%22usnat%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%22isKisa%22%3Afalse%2C%22view%22%3A%22web%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepointcmp.bloomberg.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fmc.bloomberg.com%2Fnews%2Farticles%2F2023-09-13%2Fcaesars-entertainment-paid-millions-in-ransom-in-recent-attack%22%2C%22propertyId%22%3A31489%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%2C%22usnat%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=45485171045485171099d44548575307b85&scriptVersion=4.25.0&scriptType=unified

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-100.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

56be50b12b50df8a26e23bebc480e61b82aec96d7b0bcbd60b526e97f4327904

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=1200
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: AorLZKCmgF04VQiMRlEBZvbHqT4y3CZLKkYFawG-i7qD7jC5FrYuIQ==

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 211ms
211ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
content-length: 4
content-type: application/json

GET
H2 200 spotlights Show response
www.bloomberg.com/tophat/api/ 17 B
869 B 70ms
70ms XHR
application/json 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomberg.com/tophat/api/spotlights?site=bcom

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

bb60b10bbd8ee62462aab755a86067f95ce3b2b5c777567e16c06fa32c1f1b92

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: wss: 'unsafe-inline' 'unsafe-eval', upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
tracestate: 25300@nr=0-1-1982697-1044747221-ca4a7cb730636429----1718764954909
traceparent: 00-0dac73fca1b6e2411a26bfdca5600050-ca4a7cb730636429-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5ODI2OTciLCJhcCI6IjEwNDQ3NDcyMjEiLCJpZCI6ImNhNGE3Y2I3MzA2MzY0MjkiLCJ0ciI6IjBkYWM3M2ZjYTFiNmUyNDExYTI2YmZkY2E1NjAwMDUwIiwidGkiOjE3MTg3NjQ5NTQ5MDksInRrIjoiMjUzMDAifX0=
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 19 Jun 2024 02:54:04 GMT
content-security-policy: default-src 'self' http: https: data: blob: wss: 'unsafe-inline' 'unsafe-eval', upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff, nosniff
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
age: 1110
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220036-FRA
content-length: 21
referrer-policy: no-referrer-when-downgrade
server: openresty
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800, public, s-maxage=1800
permissions-policy: join-ad-interest-group=(), run-ad-auction=(), browsing-topics=()
vary: Accept-Encoding, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, content-type, accept
x-cache-hits: 1

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 338 B
517 B 247ms
87ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7Ra.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-SRY9GJ%2BZ4OVI6%2B5X%2BNSW1ckg%2FF4GLhl3AVpTH3Rq9Z4ILVN3UpY2LAh4B7fp%2BKXCrUw%3D&rs=1-lNpXKgt%2BRPoJWg%3D%3D&sc=1&os=1-uA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=630&qd=630&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bloomberg.com%2Fnews%2Farticles%2F2023-09-13%2Fcaesars-entertainment-paid-millions-in-ransom-in-recent-attack%3FleadSource%3Duverify%2520wall&pcode=bloombergprebidheader853620778109&rx=158515052935&callback=MoatNadoAllJsonpRequest_65912632
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/bloombergprebidheader853620778109/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 4a48207b998792cc82424079d11a984ed0ba5ec78ab0614f539b16c626a9574c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
server: istio-envoy
etag: "05bfc138a0c3e6ebc8e24aa435ef49fb8e4731b7"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 27
timing-allow-origin: *
content-length: 338

GET
H2 200 iframe.html
z.moatads.com/hd09824092/ Frame 965E 0
0 64ms
23ms Document
text/html 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/hd09824092/iframe.html

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=2851
content-encoding: gzip
content-length: 803
content-md5: Spy8LlvBZDE9rOQqWL7xQQ==
content-type: text/html
date: Wed, 19 Jun 2024 02:42:34 GMT
etag: 0d341092-8e0f-4735-ae34-f388ff501eed
last-modified: Thu, 21 Mar 2024 17:22:14 GMT
opc-meta-btime: 2021-01-26T22:41:39Z
opc-meta-mtime: 1611700899
opc-request-id: iad-1:iYaHZIcKsZiQsRRW1QohMTyfudXax_SNk12jPcrbtHzhbwSM-ygOOdh1u7H4De-w
storage-tier: Standard
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
version-id: 5af5eb63-417c-4960-9068-358f7e3e1642
x-api-id: native
x-content-type-options: nosniff

GET
H2 200 styles.css
assets.bwbx.io/s3/fence/fortress-client/v1/ 49 KB
9 KB 25ms
25ms Stylesheet
text/css 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fence/fortress-client/v1/styles.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

72d1bea881874ed72d5e2b64e7b0ebd2d04da4a9f349aa2dd86468d65188e051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: geicULjklN9fYa.sGwRVZjFl.W87C.OH
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 00CZ09ZC2566KPX0
age: 2041
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8286
x-amz-id-2: +AhncViERoaIzFvUZ26R+0qtqktnWmyQDTO1PGJF7MsxkOKvu82Oz5Kxcdrs5am1hZP8LNLOoWI=
x-served-by: cache-bfi-kbfi7400066-BFI, cache-fra-etou8220036-FRA
last-modified: Thu, 13 Jun 2024 15:42:46 GMT
server: AmazonS3
x-timer: S1718764955.988998,VS0,VE0
etag: "f1a3bcad642cfb0942e2336879b87f79"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=86400
accept-ranges: bytes
x-cache-hits: 41422, 3

GET
H2 200 v3 Show response
js.stripe.com/ 613 KB
150 KB 133ms
21ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7129f31301880a888b36f5dea00384894176fe40a7f70cd2ffac5d55b5f889bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Jun 2024 02:42:35 GMT
via: 1.1 varnish
age: 44
x-cache: HIT
content-length: 152987
x-request-id: 75e8bbec-0dfe-414a-88f8-19c874ca4ecd
x-served-by: cache-fra-etou8220033-FRA
last-modified: Tue, 18 Jun 2024 20:44:34 GMT
server: Fastly
etag: "7090e1f0d83493fc6ce9dc187bdb8a9c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

OPTIONS
H2 200 pv-data
sourcepointcmp.bloomberg.com/wrapper/v2/ Frame 0
0 27ms
27ms Preflight
text/html 18.66.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=45485171045485171099d44548575307b85&scriptVersion=4.25.0&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-100.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bloomberg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://www.bloomberg.com
allow: POST
cache-control: no-cache, no-store
content-length: 4
content-type: text/html; charset=utf-8
date: Wed, 19 Jun 2024 02:42:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-id: IGiDLxoapsDq5usDmNkkepksdE1kwd3JULcp86q2KMKiyY58xXX82w==
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
x-powered-by: Express

POST
H2 200 pv-data Show response
sourcepointcmp.bloomberg.com/wrapper/v2/ 217 B
756 B 31ms
30ms XHR
application/json 18.66.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=45485171045485171099d44548575307b85&scriptVersion=4.25.0&scriptType=unified

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-100.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

f07f2256eb98e733f6d9eb5c7aa1b584efc48a7f0fce179060ec635552c5e0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bloomberg.com
x-cache: Miss from cloudfront
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length: 217
x-amz-cf-id: JBwCi0dNll5HIlryYX2G-WbTr5spudNU6FEKGMtohMnpIlKCAHg82A==

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 116ms
116ms Ping
application/json 54.157.55.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.55.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-55-199.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
content-length: 4
content-type: application/json

GET
H2 200 index.html Show response
sourcepointcmp.bloomberg.com/ Frame F519 5 KB
2 KB 31ms
31ms Document
text/html 18.66.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-100.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cbd765571c490d453f11215fc749becfc988a52826858240157fa6844ce6dc1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 2872
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html
date: Wed, 19 Jun 2024 01:54:44 GMT
etag: W/"f107a76c03cbe0bfc9103bbe9ea917b5"
last-modified: Tue, 18 Jun 2024 15:50:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-id: wbxkX_clTiZ5ozrmsKDUIWbUtQME1FcthNL7JFldXcxyTI9CgG-OgQ==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
93 KB 32ms
29ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GQ1PBLXZCT&l=dataLayer&cx=c

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58b80056d0fca071fe7b7a7f56e958d9132e31be85643d88b35d87fbf4852790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94778
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jun 2024 02:42:35 GMT

GET
H2 200 analytics-browser-gtm-wrapper-3.7.10.js.br Show response
cdn.amplitude.com/libs/ 24 KB
9 KB 79ms
22ms Script
application/javascript 18.245.86.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/analytics-browser-gtm-wrapper-3.7.10.js.br
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 197f2d7ed89aa268c510a1835c6b1b027bbbf5039924613d9862569b2f0f39c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:48:13 GMT
content-encoding: br
via: 1.1 a84e87b6b82308dbc0e331c3e28c23c6.cloudfront.net (CloudFront)
x-amz-version-id: bBbRCXqerCyAFvl7r4F.EO4xpPtmcJhI
x-amz-cf-pop: FRA60-P6
age: 4301663
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8938
last-modified: Mon, 29 Apr 2024 19:32:33 GMT
server: AmazonS3
etag: "bf490880fc78afe0fc3da809513d45e6"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 2xi-dPmrLLjzvSg6WmWvxbGLv3DEkfZvtzbytRIQht2nXCGGfOnK0w==

POST
H2 200 set_consent_cookies Show response
sourcepointcmp.bloomberg.com/mms/ 0
393 B 27ms
27ms XHR
text/plain 18.66.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/mms/set_consent_cookies?consentUUID=bbd2488b-21f4-4ecf-bde1-ad441350063f&consentUUID_maxAge=31536000&hasCsp=true

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-100.fra56.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
strict-transport-security: max-age=15552000; includeSubdomains
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: *
x-cache: Miss from cloudfront
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: ntIvXa9k8Pw2-CTUA2PuWZ4TM43ZjAVtDknGeR-MCibQf09PkFk0RQ==

GET
H2 200 Notice.3d382.css
sourcepointcmp.bloomberg.com/ Frame F519 34 KB
6 KB 24ms
23ms Stylesheet
text/css 18.66.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/Notice.3d382.css
Requested by: Host: sourcepointcmp.bloomberg.com
URL: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-100.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae603a72151d83d3cf11b4001a76fb78b58121612237d5e2cab03d8add6d87a2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:14:53 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jun 2024 16:11:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1663
x-amz-server-side-encryption: AES256
etag: W/"ed13b180d25e3820d890e71fce3095b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
x-amz-cf-id: Zu4TURtfn23UoDqOuI7ecv0CXcR17kKzdJlYnkcKllzo2bJ9o1pFiQ==

GET
H2 200 polyfills.b0798.js Show response
sourcepointcmp.bloomberg.com/ Frame F519 5 KB
2 KB 25ms
24ms Script
text/javascript 18.66.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/polyfills.b0798.js
Requested by: Host: sourcepointcmp.bloomberg.com
URL: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-100.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:01:57 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jun 2024 16:11:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 2439
x-amz-server-side-encryption: AES256
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: OTlRsNrUNe54azSyWK2MY5IZxIXQ7_WPaUyz7mLeuQUJ2h4sybuvkQ==

GET
H2 200 Notice.2443b.js Show response
sourcepointcmp.bloomberg.com/ Frame F519 292 KB
76 KB 28ms
27ms Script
text/javascript 18.66.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/Notice.2443b.js
Requested by: Host: sourcepointcmp.bloomberg.com
URL: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-100.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2265d58f63dd42eb34146a5e08a0b7ed101661f7c27a4952d3a351795ec1c82c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:07:40 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jun 2024 16:11:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 2096
x-amz-server-side-encryption: AES256
etag: W/"09d9b759838c90f0b49df45dd1c9c936"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: l-WNMPC7vtSFd5yiqUjtcn1iFY6K1B86ePlneiBECMhfEL9t9J82fQ==

GET
H2 200 categories Show response
sourcepointcmp.bloomberg.com/consent/tcfv2/vendor-list/ Frame F519 2 KB
1 KB 25ms
25ms Fetch
application/json 18.66.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/consent/tcfv2/vendor-list/categories?siteId=31489

Requested by

Host: sourcepointcmp.bloomberg.com
URL: https://sourcepointcmp.bloomberg.com/Notice.2443b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-100.fra56.r.cloudfront.net

Software

Resource Hash

1c40ce2e32755061e88a3b6bbaf692c9341720b9de3cc82733be9a7bb1903913

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:31:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 654
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=0, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: fC8kUZ0R5rfqxvWXCTkrN3zWogsIHv_q2PDDwnX8-NDDx2DN5TScfg==

GET
H2 200 analytics-browser-gtm-2.7.0-min.js.gz Show response
cdn.amplitude.com/libs/ 66 KB
19 KB 76ms
25ms Script
application/javascript 18.245.86.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/analytics-browser-gtm-2.7.0-min.js.gz
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1be23e3cd620f476fe51056b3e21d5e9ef329d8720e558986a1b28103cc9e7d0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 15:03:53 GMT
content-encoding: gzip
via: 1.1 d72cc6b7011ac53cd6e4d65e0d9f5ac4.cloudfront.net (CloudFront)
x-amz-version-id: _fT_EXZFkO1q3pUxJuS.Mt.qi1Y7.Cyi
x-amz-cf-pop: FRA60-P6
age: 4189123
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18368
last-modified: Mon, 29 Apr 2024 16:54:06 GMT
server: AmazonS3
etag: "b3ff986c2183cbd3fb1a4028ad571ee0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: dTo7vOrhyVhyTlWZg0FXuRidxjGdAWI78sDtBNU_egO10WytbJjyOw==

GET
H2 200 categories Show response
sourcepointcmp.bloomberg.com/consent/tcfv2/vendor-list/ Frame F519 2 KB
1 KB 26ms
26ms Fetch
application/json 18.66.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/consent/tcfv2/vendor-list/categories?siteId=31489&consentLanguage=en

Requested by

Host: sourcepointcmp.bloomberg.com
URL: https://sourcepointcmp.bloomberg.com/Notice.2443b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-100.fra56.r.cloudfront.net

Software

Resource Hash

1c40ce2e32755061e88a3b6bbaf692c9341720b9de3cc82733be9a7bb1903913

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135992&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:31:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 654
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=0, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: e0kRBAMGmdaooRh5JU-MM_EKIqXEyMlCGC4eUs2cH3IpxI0Mw92nSg==

GET
H2 200 frontend.json Show response
assets.bwbx.io/s3/abba/feed/ 817 KB
0 0ms
0ms Fetch
application/json 151.101.65.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bwbx.io/s3/abba/feed/frontend.json
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.73 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37e32ebc838de9b549a79a5795b5492091977b83013a77f47b0c630ad5e57694

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: h6r3POxCgeRuwXXpL6HYkGZ9s3sxPa_H
content-encoding: br
date: Wed, 19 Jun 2024 02:42:34 GMT
x-amz-request-id: KGA02CBF7V3PMR5C
age: 51
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30484
x-amz-id-2: lXfB+tGT17Cx1ZaI9s4Opmop8QihAGsciVjTdTuw/0bH1B24ya19+xay3kOXWTJcnQqgwazLVG0=
x-served-by: cache-bfi-krnt7300026-BFI, cache-fra-etou8220101-FRA
last-modified: Tue, 18 Jun 2024 13:47:39 GMT
server: AmazonS3
x-timer: S1718764955.880467,VS0,VE1
etag: "8d5d55b87f0adf128dbfbdc1126a6365"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=3600
accept-ranges: bytes
x-cache-hits: 103794, 1

GET
H2 200 data.json Show response
assets.bwbx.io/s3/mediaservices/superelastic/ 103 KB
28 KB 22ms
22ms Fetch
binary/octet-stream 151.101.65.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/mediaservices/superelastic/data.json

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

452798f8b275b229c951910d4e874c3ae8103005f3e1ce2aa3e218fec36d4681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Ysd.VMIKjSiYionLzVRUwzdTUQV__G.I
content-encoding: br
date: Wed, 19 Jun 2024 02:42:35 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: DP48X8CQ0T72JES3
age: 592
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27916
x-amz-id-2: L/S0CcJLfk+71EfelYVq3lkd0g5VD1kqD4RcmQvAuSMwtpj8T+1q3ywELn5u2T8AvHpKQGjy9Ko=
x-served-by: cache-bfi-kbfi7400096-BFI, cache-fra-etou8220101-FRA
last-modified: Mon, 24 Oct 2022 14:07:26 GMT
server: AmazonS3
x-timer: S1718764955.341462,VS0,VE1
etag: "7c75126ed533d9f1301a278fa0badb85"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 500601, 1

OPTIONS
H/1.1 200
OK 2c92a0086614a669016615eb9d965f86
login.bloomberg.com/plutus-api/v1/rate-plan/ Frame 0
0 105ms
105ms Preflight
application/octet-stream 69.187.26.120
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/plutus-api/v1/rate-plan/2c92a0086614a669016615eb9d965f86

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.187.26.120 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,correlationid
Access-Control-Request-Method: GET
Origin: https://www.bloomberg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-csrf-token,correlationid,x-application-caller,x-jwt-token
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.bloomberg.com
content-length: 0
content-type: application/octet-stream
date: Wed, 19 Jun 2024 02:42:35 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H/1.1 200
OK 2c92a0086614a669016615eb9d965f86 Show response
login.bloomberg.com/plutus-api/v1/rate-plan/ 2 KB
2 KB 235ms
235ms Fetch
application/json 69.187.26.120
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/plutus-api/v1/rate-plan/2c92a0086614a669016615eb9d965f86

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.187.26.120 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

3cf6cd0ec9c3a249e098686cd7a39fc2642dd90b0cc4e0c2f8c466cb0d032af7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

correlationId: e528d3ed-6d54-4396-a14c-f1a7942cb076
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
transfer-encoding: chunked
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx
cross-origin-opener-policy: same-origin
etag: W/"998-nfZF56xvSBcq921wuus8efZ/Qq8"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bloomberg.com
origin-agent-cluster: ?1
x-download-options: noopen
access-control-allow-credentials: true

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
975 B 73ms
30ms Script
text/javascript 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lf7rDgfAAAAAI8VMW8SVVA-1mJZE25oy_WF1AGi

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

1ddc7123b176b46125db0055d359c919b8fec7ab0be09a12f8e4edbe1e5a4cbd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 19 Jun 2024 02:42:35 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/ 518 KB
206 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__de.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d865eecf3e86c11ab224434aecb84384c87cd8e52f5f0d5fb2f9b5291eab8578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Origin: https://www.bloomberg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 13:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210217
x-xss-protection: 0
last-modified: Mon, 10 Jun 2024 16:44:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jun 2025 13:37:47 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame A211 0
0 83ms
43ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf7rDgfAAAAAI8VMW8SVVA-1mJZE25oy_WF1AGi&co=aHR0cHM6Ly93d3cuYmxvb21iZXJnLmNvbTo0NDM.&hl=de&v=TqxSU0dsOd2Q9IbI7CpFnJLD&size=invisible&cb=z5apqfdew1nw

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LiZd7kwxxF_yiPRP_FQL1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-LiZd7kwxxF_yiPRP_FQL1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jun 2024 02:42:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK user-info Show response
login.bloomberg.com/ 196 B
1 KB 110ms
110ms Fetch
application/json 69.187.26.120
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/user-info?withSubscriberData=false&activeSubscriptionsOnly=false

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.187.26.120 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

09502849ea7d3889361479a4025f458c0c9f2404eb6ecba31d64713d31711197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-csrf-token: wRYFlcmf-TCLdMIT-TyHi5wYDiHtl0pxEpJI
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 02:42:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
etag: W/"c4-YZRSxDIFxSQrlpOnh/qqHK6AzGo"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bloomberg.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 196
expires: -1

GET
H2 200 data.json Show response
assets.bwbx.io/s3/mediaservices/superelastic/ 103 KB
0 0ms
0ms Fetch
binary/octet-stream 151.101.65.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bwbx.io/s3/mediaservices/superelastic/data.json
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.73 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 452798f8b275b229c951910d4e874c3ae8103005f3e1ce2aa3e218fec36d4681

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Ysd.VMIKjSiYionLzVRUwzdTUQV__G.I
content-encoding: br
date: Wed, 19 Jun 2024 02:42:35 GMT
x-amz-request-id: DP48X8CQ0T72JES3
age: 592
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27916
x-amz-id-2: L/S0CcJLfk+71EfelYVq3lkd0g5VD1kqD4RcmQvAuSMwtpj8T+1q3ywELn5u2T8AvHpKQGjy9Ko=
x-served-by: cache-bfi-kbfi7400096-BFI, cache-fra-etou8220101-FRA
last-modified: Mon, 24 Oct 2022 14:07:26 GMT
server: AmazonS3
x-timer: S1718764955.341462,VS0,VE1
etag: "7c75126ed533d9f1301a278fa0badb85"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 500601, 1

POST
H2 200 eligibility Show response
gatehouse.cm.bloomberg.com/gatehousesvc/v2/sessions/d611f03d-7afd-427e-bba0-342aa8eab8e4/ 275 B
516 B 125ms
124ms Fetch
application/json 44.194.233.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gatehouse.cm.bloomberg.com/gatehousesvc/v2/sessions/d611f03d-7afd-427e-bba0-342aa8eab8e4/eligibility

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.194.233.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-233-32.compute-1.amazonaws.com

Software

Resource Hash

719f5f4dab1faeb811e49c399d869818c8786f72190d1e615d30bd734a57d532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.bloomberg.com
date: Wed, 19 Jun 2024 02:42:36 GMT
strict-transport-security: max-age=31536000
x-deployment-name: cmap-aws-production
content-length: 275
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

OPTIONS
H2 200 eligibility
gatehouse.cm.bloomberg.com/gatehousesvc/v2/sessions/d611f03d-7afd-427e-bba0-342aa8eab8e4/ Frame 0
0 408ms
137ms Preflight 44.194.233.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gatehouse.cm.bloomberg.com/gatehousesvc/v2/sessions/d611f03d-7afd-427e-bba0-342aa8eab8e4/eligibility

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.194.233.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-233-32.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bloomberg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.bloomberg.com
access-control-max-age: 1800
content-length: 0
date: Wed, 19 Jun 2024 02:42:36 GMT
strict-transport-security: max-age=31536000
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-deployment-name: cmap-aws-production

GET
H2 200 controller-with-muas-treatment-e0f251b79dfb606cd0bb43e4e1d3932b.html
js.stripe.com/v3/ Frame DD15 0
0 67ms
23ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-muas-treatment-e0f251b79dfb606cd0bb43e4e1d3932b.html

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 192
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 19 Jun 2024 02:42:35 GMT
etag: "e0f251b79dfb606cd0bb43e4e1d3932b"
last-modified: Tue, 18 Jun 2024 20:07:12 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 1bdac6d4-f88f-4207-acc5-616e34ccab0e
x-served-by: cache-fra-etou8220035-FRA

GET
H2 200 payment-request-inner-google-pay-00cd30a57be1d404c7725423c0637a2e.html
js.stripe.com/v3/ Frame F023 0
0 55ms
22ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-00cd30a57be1d404c7725423c0637a2e.html

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bloomberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 23504
cache-control: max-age=31536000
content-encoding: br
content-length: 183
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 19 Jun 2024 02:42:35 GMT
etag: "00cd30a57be1d404c7725423c0637a2e"
last-modified: Tue, 18 Jun 2024 20:07:27 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 33
x-content-type-options: nosniff
x-request-id: f2e9219c-1f9d-4102-b321-04402a989691
x-served-by: cache-fra-etou8220035-FRA

GET
H2 200 payment-request-inner-browser-f0257740675b30b326617cbbfd2f30df.html
js.stripe.com/v3/ Frame FB9E 0
0 55ms
24ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-f0257740675b30b326617cbbfd2f30df.html

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 160
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 19 Jun 2024 02:42:35 GMT
etag: "f0257740675b30b326617cbbfd2f30df"
last-modified: Tue, 18 Jun 2024 20:07:27 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: c1cb685d-ad83-4749-a7fb-40e70a025dc0
x-served-by: cache-fra-etou8220035-FRA

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ 47 KB
18 KB 87ms
20ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1215.min.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: eZRxhm_cFwKHWhVLQBjoapGbr7QE3Y_b
content-encoding: br
via: 1.1 varnish
date: Wed, 19 Jun 2024 02:42:36 GMT
strict-transport-security: max-age=300
x-amz-request-id: 4WAHRQEADCAERJ30
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18245
x-amz-id-2: fqNLoT3W43QuRsNuW+wRZrZBzQZgrMgyi7UPNR17wExqswXS/i1CgR3u5FRCDKkCnaT104IuObw=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Wed, 18 Oct 2023 21:31:15 GMT
server: AmazonS3
etag: "7e1862f7a390ed9fc02c299216395547"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 94740

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 6A3D 0
0 22ms
22ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1044254
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 19 Jun 2024 02:42:36 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 391
x-content-type-options: nosniff
x-request-id: 8407e1ea-cb57-4d20-8af7-7eabbe96d85a
x-served-by: cache-fra-etou8220035-FRA

GET
H2 200 app.bundle.js Show response
assets.bwbx.io/s3/fence/plug-client/v0/ 117 KB
31 KB 23ms
22ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fence/plug-client/v0/app.bundle.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e33e443789597dc5b0f29b5c49ae43f8243d19fe4d80084e47080703d09e8974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: cvneRVq.exBd5_fv.yfly8KcPFID.2Qk
content-encoding: br
date: Wed, 19 Jun 2024 02:42:36 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: HGSPDMWH72VH5G0E
age: 92
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31234
x-amz-id-2: aKlBgMn8fcqK+JDnjN3AUna3/BPWcDOX+Qgg+7zLd1+TNx5hozkzi6UmL1j3Ps9zXnJ9oZzH/Og=
x-served-by: cache-bfi-krnt7300118-BFI, cache-fra-etou8220036-FRA
last-modified: Tue, 04 Jun 2024 13:48:24 GMT
server: AmazonS3
x-timer: S1718764956.179777,VS0,VE1
etag: "3a42540cebe955baa5c3a1278f6875d2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 180841, 1

GET
H2 200 132786e87dea36db.css
assets.bwbx.io/s3/lightsaber/_next/static/css/ 16 KB
2 KB 29ms
21ms Stylesheet
text/css 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/css/132786e87dea36db.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e9000377d32f8d7b229e686b964c2035a0bad5c565660e338d4632876ff3e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: B3bHihZDSH_TersrDFOaSpyJOsjw3Y48
content-encoding: br
date: Wed, 19 Jun 2024 02:42:36 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 39CBHHKAYBAX060M
age: 1940145
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1618
x-amz-id-2: g7X4ko2lHZQSNonFaCvesN5AZLC52NpWMQjZItWAkI9TiWpdxR6gsxFgWObrRKGWOKoppJ+qKag=
x-served-by: cache-bfi-kbfi7400032-BFI, cache-fra-etou8220036-FRA
last-modified: Wed, 08 May 2024 16:04:39 GMT
server: AmazonS3
x-timer: S1718764956.264281,VS0,VE0
etag: "fca347a4e02df59d2c30fd7997f0903f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 2, 3632

GET
H2 200 687.b6982c669148e719.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 7 KB
3 KB 31ms
23ms Script
application/javascript 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/687.b6982c669148e719.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fbed3ae58bfafae5e147ec513e114b1a63dd78a68d1a20451338acdb2709ea89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: x3BtMY.rrlWAQCWvMlpbw5c5BRnNQ.Xi
content-encoding: br
date: Wed, 19 Jun 2024 02:42:36 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: NTEPZ7NGW4FW4GF4
age: 2901407
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2382
x-amz-id-2: yIFDmYrqW/kWcw4kNIgh0wwzHS3aY45ef6B7+ZeKeWlwpDpqCIUMY9Lpbis3h/zA99Ue9vRZ6Cw=
x-served-by: cache-bfi-krnt7300058-BFI, cache-fra-etou8220036-FRA
last-modified: Tue, 09 Apr 2024 21:26:05 GMT
server: AmazonS3
x-timer: S1718764956.264367,VS0,VE0
etag: "c6eb7d8a58ed2c6db2651aa5b26927cf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,immutable,public
accept-ranges: bytes
x-cache-hits: 2, 3731

GET
H/1.1 200 7852c3d8d4 Show response
bam-cell.nr-data.net/1/ 79 B
579 B 207ms
131ms Script
text/javascript 162.247.243.30
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/7852c3d8d4?a=1044747221&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=2637&ck=1&ref=https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack&be=945&fe=2538&dc=1139&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1718764953620,%22n%22:0,%22f%22:0,%22dn%22:18,%22dne%22:18,%22c%22:18,%22s%22:39,%22ce%22:64,%22rq%22:64,%22rp%22:909,%22rpe%22:933,%22dl%22:913,%22di%22:1072,%22ds%22:1139,%22de%22:1139,%22dc%22:2537,%22l%22:2538,%22le%22:2539%7D,%22navigation%22:%7B%7D%7D&fp=1065&fcp=1065&jsonp=NREUM.setToken
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f2205c30ab0d0a86cd0d715cf483bafd550c0ea9d4ddb24e2c182f1d7f024144

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:36 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: *
Content-Length: 79
x-served-by: cache-fra-eddf8230097-FRA

GET
H2 200 rr Show response
personalization.bloomberg.com/user/recommendations/ 2 KB
1 KB 848ms
564ms Fetch
application/json 18.217.220.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://personalization.bloomberg.com/user/recommendations/rr?country=DE&region=Europe&fieldD=keyweb.de&fieldN=cp&timezoneOffset=-7200000&application=lightsaber&algorithm=rr&currentResource=Story%7CS0XNYVDWLU6801&decayCoefficient=10&limit=5&maxAge=432000&rescorers=popular&resourceTypes=Story&thumbnailRequired=true

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.217.220.4 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-220-4.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

140297a17764bc966bdb8c5f03a1153d26f3212a52177ad7b0f07a850d18b099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: Apache
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bloomberg.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 rr Show response
personalization.bloomberg.com/user/recommendations/ 2 KB
1 KB 848ms
565ms Fetch
application/json 18.217.220.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.217.220.4 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-220-4.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ee0edfa9b0240789a4c205421df27d2815fd8a57a2a64ef0624cbd0b7555c01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: Apache
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bloomberg.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

POST
H/1.1 204 7852c3d8d4 Show response
bam-cell.nr-data.net/ins/1/ 0
275 B 135ms
134ms XHR
text/plain 162.247.243.30
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/ins/1/7852c3d8d4?a=1044747221&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=2861&ck=1&ref=https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.bloomberg.com
date: Wed, 19 Jun 2024 02:42:36 GMT
access-control-allow-credentials: true
Connection: keep-alive
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
x-served-by: cache-fra-eddf8230031-FRA

GET
H2 200 favicon-black.png
www.bloomberg.com/ 15 KB
15 KB 23ms
23ms Other
image/png 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomberg.com/favicon-black.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

fd1ace0f3033ff036069e86ffec8806531ed3465ccb7d16d27dea0f6d368cbbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:36 GMT
strict-transport-security: max-age=31557600
age: 6
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15406
x-served-by: cache-iad-kjyo7100165-IAD, cache-fra-etou8220036-FRA
last-modified: Tue, 18 Jun 2024 16:21:35 GMT
server: openresty
x-timer: S1718764956.491767,VS0,VE1
etag: "6671b40f-3c2e"
vary: Accept-Encoding, Accept-Encoding
content-type: image/png
cache-control: public, max-age=5, public, max-age=3600
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 articleRecircStories Show response
www.bloomberg.com/article/api/ 4 KB
2 KB 82ms
81ms Fetch
application/json 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomberg.com/article/api/articleRecircStories?ids=SA129WDWX2PS00,SF9CHQT0AFB400,SF8TMST0G1KW00,SEXCAET0G1KW00,SF9XXUDWLU6800

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty / Express

Resource Hash

d4149a2900e4a0eb76f8424ff0ec3013e6cfb22837fe8657c449cc75015352a3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.bloomberg.com https://.bloomberg.com, upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
tracestate: 25300@nr=0-1-1982697-1044747221-8e8576d24d2c33e1----1718764957140
traceparent: 00-f7ce8c89c90364bd592b5fc7ac1381c0-8e8576d24d2c33e1-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5ODI2OTciLCJhcCI6IjEwNDQ3NDcyMjEiLCJpZCI6IjhlODU3NmQyNGQyYzMzZTEiLCJ0ciI6ImY3Y2U4Yzg5YzkwMzY0YmQ1OTJiNWZjN2FjMTM4MWMwIiwidGkiOjE3MTg3NjQ5NTcxNDAsInRrIjoiMjUzMDAifX0=
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' http://*.bloomberg.com https://*.bloomberg.com, upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Jun 2024 02:42:37 GMT
strict-transport-security: max-age=31557600
age: 28
x-powered-by: Express
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1208
x-served-by: cache-iad-kjyo7100153-IAD, cache-fra-etou8220036-FRA
referrer-policy: no-referrer-when-downgrade
server: openresty
x-timer: S1718748812.347911,VS0,VS0,VE29
etag: "15ob4eilh962u6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=120
permissions-policy: join-ad-interest-group=(), run-ad-auction=(), browsing-topics=()
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 articleRecircStories Show response
www.bloomberg.com/article/api/ 3 KB
1 KB 83ms
82ms Fetch
application/json 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomberg.com/article/api/articleRecircStories?ids=SF8T03T1UM0W00,SF9T42DWLU6800,SF9CG8T1UM0W00,SF2V5QDWRGG000,SF9I02DWX2PS00

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty / Express

Resource Hash

53f100926f1a3ac97183bf1676c86fe9881388d21d9afd6b87ec8d274811215e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.bloomberg.com https://.bloomberg.com, upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
tracestate: 25300@nr=0-1-1982697-1044747221-46313dbebaf95978----1718764957141
traceparent: 00-049613213a060eb49fd5c8120eedf3c0-46313dbebaf95978-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5ODI2OTciLCJhcCI6IjEwNDQ3NDcyMjEiLCJpZCI6IjQ2MzEzZGJlYmFmOTU5NzgiLCJ0ciI6IjA0OTYxMzIxM2EwNjBlYjQ5ZmQ1YzgxMjBlZWRmM2MwIiwidGkiOjE3MTg3NjQ5NTcxNDEsInRrIjoiMjUzMDAifX0=
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' http://*.bloomberg.com https://*.bloomberg.com, upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Jun 2024 02:42:37 GMT
strict-transport-security: max-age=31557600
age: 28
x-powered-by: Express
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-restarts: 1
content-length: 1168
x-served-by: cache-fra-etou8220036-FRA
referrer-policy: no-referrer-when-downgrade
server: openresty
etag: "1033n3y6s7x2nz"
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=120
permissions-policy: join-ad-interest-group=(), run-ad-auction=(), browsing-topics=()
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 300x225.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/iH10oaA8iwrg/v1/ 17 KB
17 KB 62ms
61ms Image
image/jpeg 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iH10oaA8iwrg/v1/300x225.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

bb7d12a7f353bf44e832040614e42ae52d69609f66e2a3c843a65c5774ffe700

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:37 GMT
strict-transport-security: max-age=31557600
age: 33449
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: 8e0a7746-61d6-4a61-a159-148264a28e12
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17514
x-served-by: cache-lga21940-LGA, cache-fra-etou8220036-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-4w7nl
server: Apache
x-timer: S1718764957.278174,VS0,VE0
etag: "0ea5e66b232de60158dd510a1305e3025"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 3, 15

GET
H2 200 300x225.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/i.3Z07ZBHil4/v2/ 14 KB
14 KB 70ms
69ms Image
image/jpeg 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/i.3Z07ZBHil4/v2/300x225.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

993c8e382dd075452a9afa42a3649bd54b8163bf9d9b0cf42a9733f198faf90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:37 GMT
strict-transport-security: max-age=31557600
age: 63442
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: c1883df1-e613-4367-bd1b-18f8afc74969
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14172
x-served-by: cache-lga21977-LGA, cache-fra-etou8220036-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-7p8lj
server: Apache
x-timer: S1718764957.278376,VS0,VE1
etag: "090a0d611f9026df6c1b9c05a523598bf"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 4, 0

GET
H2 200 300x225.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/iS1HDJgCkFXg/v1/ 16 KB
16 KB 62ms
62ms Image
image/jpeg 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iS1HDJgCkFXg/v1/300x225.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

395e8bcb15b1e5e9f1fa921020a5b888c42a266412df833d4f30f67b3ac449ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:37 GMT
strict-transport-security: max-age=31557600
age: 99522
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: 1419978a-0d99-4a0f-aa7b-3b1bdf2de13b
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16543
x-served-by: cache-lga21944-LGA, cache-fra-etou8220036-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-4w7nl
server: Apache
x-timer: S1718764957.278366,VS0,VE0
etag: "08cc681eba1fe4bd98c8d3b0e086eb138"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 30, 21

GET
H2 200 300x225.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/iCqNctC7jASU/v0/ 10 KB
10 KB 62ms
62ms Image
image/jpeg 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iCqNctC7jASU/v0/300x225.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

1341fe6ca37112e037a7145d01350e6c17a6420a548d846198cd6584e87c933b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:37 GMT
strict-transport-security: max-age=31557600
age: 21346
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: 8481732c-2151-430a-aab0-c9a89f644dcd
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9820
x-served-by: cache-lga21956-LGA, cache-fra-etou8220036-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-4w7nl
server: Apache
x-timer: S1718764957.278352,VS0,VE0
etag: "043ae3bc9febf9ed5728bbdaa26a5a253"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 19, 4

GET
H2 200 600x450.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/i_4QPwA_05jk/v0/ 58 KB
58 KB 48ms
48ms Image
image/jpeg 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/i_4QPwA_05jk/v0/600x450.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

185b2aada88103fd139b1356202922696383f4b710e3cbb89b1f1671c0ce0c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:37 GMT
strict-transport-security: max-age=31557600
age: 106717
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: 72fbd774-7631-4cb6-b462-6816c3cbd75b
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 58906
x-served-by: cache-lga21957-LGA, cache-fra-etou8220036-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-4w7nl
server: Apache
x-timer: S1718764957.278681,VS0,VE0
etag: "0ce37315c1fa8aabff12bf4a0fb01e1d1"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 10, 63

GET
H2 200 600x450.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/iR37tdvP50fM/v1/ 61 KB
61 KB 48ms
48ms Image
image/jpeg 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iR37tdvP50fM/v1/600x450.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

56c56d5534b9f163fdc964464e4e530d58d3adc6b92b5c96af4a3c2c2d169b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:37 GMT
strict-transport-security: max-age=31557600
age: 59866
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: f04bb735-6557-4040-ad14-4a4a5eefc1f8
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 62140
x-served-by: cache-lga21970-LGA, cache-fra-etou8220036-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-7p8lj
server: Apache
x-timer: S1718764957.278667,VS0,VE0
etag: "0359d8f4c25da9c771cbbf73a9681a9fc"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 25

GET
H2 200 600x450.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/ideozBpSG2hM/v0/ 66 KB
66 KB 54ms
54ms Image
image/jpeg 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/ideozBpSG2hM/v0/600x450.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

8d8ac7489704ddcd7bfeecf8cd4532a79158bee43c9efb353f93b7276e8c725c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:37 GMT
strict-transport-security: max-age=31557600
age: 81490
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: 43f1f356-a055-4088-9241-7c70a08eb678
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 67298
x-served-by: cache-lga21944-LGA, cache-fra-etou8220036-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-4w7nl
server: Apache
x-timer: S1718764957.278693,VS0,VE1
etag: "0c7fe6d0da5fa05e44a04278035c5cc34"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 14, 1

GET
H2 200 600x450.jpg
assets.bwbx.io/images/users/iqjWHBFdfxIU/idZCZWtOjST8/v1/ 53 KB
53 KB 52ms
52ms Image
image/jpeg 151.101.1.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/idZCZWtOjST8/v1/600x450.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

d793513cd609e310b8bcbb6b7a8dbc895e2c279865824dc011c192b84975fd6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:42:37 GMT
strict-transport-security: max-age=31557600
age: 383857
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
x-wss-client-request-id: 79f59373-a0f2-4bc3-9621-7e665c6a8b8d
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54289
x-served-by: cache-lga21969-LGA, cache-fra-etou8220036-FRA
x-wss-server: asset-service-java-eksproduction.prod-fbfd8d9c4-7p8lj
server: Apache
x-timer: S1718764957.278918,VS0,VE0
etag: "0ce82fef05b3022bf616a13083568ae6d"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 22, 12

POST
H/1.1 200 7852c3d8d4 Show response
bam-cell.nr-data.net/events/1/ 24 B
344 B 135ms
135ms XHR
image/gif 162.247.243.30
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/7852c3d8d4?a=1044747221&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=4554&ck=1&ref=https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 19 Jun 2024 02:42:38 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.bloomberg.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230097-FRA

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bloomberg.com/	1969-12-31 23:59:59	Name: exp_pref Value: EUR
.www.bloomberg.com/	1969-12-31 23:59:59	Name: country_code Value: DE
.bloomberg.com/	1969-12-31 23:59:59	Name: seen_uk Value: 1
.bloomberg.com/	1970-01-20 23:35:40	Name: _sp_krux Value: false
.bloomberg.com/	1970-01-21 06:11:40	Name: consentUUID Value: bbd2488b-21f4-4ecf-bde1-ad441350063f
.www.bloomberg.com/	1970-01-21 06:11:40	Name: geo_info Value: {%22country%22:%22DE%22%2C%22region%22:%22Europe%22%2C%22fieldD%22:%22keyweb.de%22%2C%22fieldN%22:%22cp%22}\|1719369755149
.bloomberg.com/	1970-01-21 06:11:40	Name: agent_id Value: 85f0ab8f-89cf-4ffd-b932-5a91db2f1f50
.bloomberg.com/	1970-01-21 06:11:40	Name: session_id Value: c148ad6d-c32d-42ca-bede-440f397e351e
.bloomberg.com/	1970-01-21 06:11:40	Name: _session_id_backup Value: c148ad6d-c32d-42ca-bede-440f397e351e
.bloomberg.com/	1970-01-21 06:11:40	Name: session_key Value: 6d1bef558bda76846c148af83debb925e80f532b
.bloomberg.com/	1970-01-21 06:11:40	Name: gatehouse_id Value: d611f03d-7afd-427e-bba0-342aa8eab8e4
.bloomberg.com/	1970-01-21 06:11:40	Name: geo_info Value: %7B%22countryCode%22%3A%22DE%22%2C%22country%22%3A%22DE%22%2C%22field_d%22%3A%22keyweb.de%22%2C%22field_n%22%3A%22cp%22%2C%22trackingRegion%22%3A%22Europe%22%2C%22cacheExpiredTime%22%3A1719369755235%2C%22region%22%3A%22Europe%22%2C%22fieldN%22%3A%22cp%22%2C%22fieldD%22%3A%22keyweb.de%22%7D%7C1719369755235
.bloomberg.com/	1969-12-31 23:59:59	Name: _reg-csrf Value: s%3AITqG_dkmpDmUo5AdJNKN-GIQ.Jqew4BbgtxIluZiWwiPYg%2FlRvUveLDRHSju6nxnka9o
.bloomberg.com/	1970-01-20 21:26:08	Name: _user-data Value: %7B%22status%22%3A%22anonymous%22%7D
.bloomberg.com/	1970-01-20 21:26:08	Name: _last-refresh Value: 2024-6-19%202%3A42
.bloomberg.com/	1969-12-31 23:59:59	Name: _reg-csrf-token Value: 64HhrmHO-E-R6TZeHSFbSibBeYSHxhlt5_-8
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 5b4ee78b45bdb177
m.stripe.com/	1970-01-21 07:02:04	Name: m Value: 2a76a588-3d5c-4ca8-8089-44732496d6b157f7fb
.www.bloomberg.com/	1970-01-21 06:11:40	Name: __stripe_mid Value: 46289909-f512-41f4-b17c-43bbb4fdfd2070130c
.www.bloomberg.com/	1970-01-20 21:26:06	Name: __stripe_sid Value: ae0375ad-7ce8-421d-b193-0f91e2f018bed19fd1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'join-ad-interest-group'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'run-ad-auction'.
other	warning	URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other	warning	URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?leadSource=uverify%20wall Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' http://.bloomberg.com https://.bloomberg.com upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.bwbx.io
bam-cell.nr-data.net
cdn.amplitude.com
coordinator.cm.bloomberg.com
eventrecorder.cm.bloomberg.com
gatehouse.cm.bloomberg.com
js-agent.newrelic.com
js.stripe.com
location.cm.bloomberg.com
login.bloomberg.com
mb.moatads.com
personalization.bloomberg.com
securepubads.g.doubleclick.net
sourcepointcmp.bloomberg.com
vi.ml314.com
www.bloomberg.com
www.google.com
www.googletagmanager.com
www.gstatic.com
z.moatads.com
130.162.160.243
142.250.184.196
151.101.0.176
151.101.1.73
151.101.64.176
151.101.65.73
162.247.243.30
172.217.18.2
18.217.220.4
18.245.86.101
18.66.102.100
184.30.17.133
2602:816:5001::39
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2008
3.130.40.247
35.201.104.135
44.194.233.32
54.157.55.199
54.234.99.225
69.187.26.120
040cfadf88b5253a5a364a175a2d5326741f99674edd28294eb28f7f5bbabc2f
0604e1347945a5561c8176d5eb7ad5db2d70a3494ccd72267b572e99c6f07a3a
0831dca48aeba73d427a60ab14161c605bcbf311f0a99fd290fea85426fcb7fe
09502849ea7d3889361479a4025f458c0c9f2404eb6ecba31d64713d31711197
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e9000377d32f8d7b229e686b964c2035a0bad5c565660e338d4632876ff3e96
1341fe6ca37112e037a7145d01350e6c17a6420a548d846198cd6584e87c933b
13f07e4a2a1699b8dfc0b0ee14014fba6e822a778155a62ac588225ff8fe068a
140297a17764bc966bdb8c5f03a1153d26f3212a52177ad7b0f07a850d18b099
150eb0539ca56135143fcc43d3986c00b1c31ddf2565aeadd613127ea757e1ef
185b2aada88103fd139b1356202922696383f4b710e3cbb89b1f1671c0ce0c79
197b8d0900267caff70fea35aa5b038bbd4a48d25e4524f3803ff442ff678d83
197f2d7ed89aa268c510a1835c6b1b027bbbf5039924613d9862569b2f0f39c3
1b28198d91713aa890caba2881a528dce345c12a98eb11f1023712def6ff8634
1be23e3cd620f476fe51056b3e21d5e9ef329d8720e558986a1b28103cc9e7d0
1c40ce2e32755061e88a3b6bbaf692c9341720b9de3cc82733be9a7bb1903913
1ddc7123b176b46125db0055d359c919b8fec7ab0be09a12f8e4edbe1e5a4cbd
2265d58f63dd42eb34146a5e08a0b7ed101661f7c27a4952d3a351795ec1c82c
25dfb0e395e26c92cbb9ed5e54fff3a64ec8e1a3ae653555d4c5ae81ba087213
36ce7e2a8573961b9d4eb7377f293a1487af673156a2d47c3f212de3f306e380
37e32ebc838de9b549a79a5795b5492091977b83013a77f47b0c630ad5e57694
3848069aaa01426513ba23dc7ae55032eeae7ed8bf5e41dd5786e5fe33250525
395e8bcb15b1e5e9f1fa921020a5b888c42a266412df833d4f30f67b3ac449ef
3a35b9186a2119220b3c8f08e105a22745afafd640c2614fe6f7c37d0c4ca895
3cbd765571c490d453f11215fc749becfc988a52826858240157fa6844ce6dc1
3cf6cd0ec9c3a249e098686cd7a39fc2642dd90b0cc4e0c2f8c466cb0d032af7
3d32d4c2d5335eb88ea6d28229f0da43e41eb98921baf759330ab5515419079b
44a51e14b839745d386198b5454b3f517cdcc4ab94c2b8b4d58c65cbb4a9680a
452798f8b275b229c951910d4e874c3ae8103005f3e1ce2aa3e218fec36d4681
487401ead4bbfa1f3ebb914de73d9608fbc72a5dc6b3ab34de0f18117f80ac61
49069a52f33fffc891b7605e081aa0c14a6d8cc16a11c53c1cb1c964298ecdf0
4a48207b998792cc82424079d11a984ed0ba5ec78ab0614f539b16c626a9574c
4c7717ef4b9883742561e16d59fb4e0ec0ac6357d3582caa68087bed4ed083c6
4d44e673ab7f35cd2babde98f4e434d45f63b53c6c4c68cc6ae3541d66877d00
4d6f4b49a31c43a76d5fb6e08431ec59336962b0454dd61228df343005f46120
4f00b7c9097ac1c7661f126d5fcc494efec22745d53a1d5294027db2a7c382ab
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
53f100926f1a3ac97183bf1676c86fe9881388d21d9afd6b87ec8d274811215e
56be50b12b50df8a26e23bebc480e61b82aec96d7b0bcbd60b526e97f4327904
56c56d5534b9f163fdc964464e4e530d58d3adc6b92b5c96af4a3c2c2d169b92
58b80056d0fca071fe7b7a7f56e958d9132e31be85643d88b35d87fbf4852790
5e03dbf0b6170c5ab9f1babdf043b6dd76b7c730e8869fbc61b8dbd217285ada
60e0d3bc202871fc6a3126bace9ea0e533987ae39e613e6f44a8e49e96569696
61f728d26758bbc74ea0336ffbbe9c448f9242d2b523c7dbe4073a71d1543d2b
626987114707b272f5532553fcb6037bd707a1ff5f4c61dc6286f94e7dcb0943
7129f31301880a888b36f5dea00384894176fe40a7f70cd2ffac5d55b5f889bc
719f5f4dab1faeb811e49c399d869818c8786f72190d1e615d30bd734a57d532
72d1bea881874ed72d5e2b64e7b0ebd2d04da4a9f349aa2dd86468d65188e051
75d97d1ec39634f323c72ba9d726a0e940bc7b502125dbca583f3607fe063577
78b0756503dbbe94648e9b26d577c582d92c8828995be06f5e8e47bd0491b9ab
81d4573b04d1b03a2e5f4c66f84befc2fd3b5f86f2b06b002ce2a92ad982b7e8
87053da4324f73f1254f505e432b68e7d263b38c6b0d7a94676e177fe3dbd16f
88b3dd2e6b3fe7ace8921decd9c16ea439dd96fd1a03a62ec65e761e7b150d40
8baed2039b7f621eac8fcebb89c159202493841f6aad9b48e128c61ee5e81e9a
8d8ac7489704ddcd7bfeecf8cd4532a79158bee43c9efb353f93b7276e8c725c
924e5cdd56019f10cefe4b4a8b8f6ca2295efdde1f670ebf02a1001f063d6e7f
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
993c8e382dd075452a9afa42a3649bd54b8163bf9d9b0cf42a9733f198faf90e
a2655aa6e0bdf8309e45836e882c473586a5022171a042e0e446f2d1d1c4f9b1
a4ec567b6fa873f941d9d0899f323cdb894ffd4bee2667efea480d331412480f
a66383b381b46cccc8f600e19dedea91beedf07e06bb49f011fa7f7073ead591
a9d1873e9dc49de0d9bc05cabcd59e303be9a7fcf38ff6ee4a9dd4970b0e5f34
ac65679285de2392fc8b76767e1db03387d7c5968544f70975f74eaecf1be10d
ae603a72151d83d3cf11b4001a76fb78b58121612237d5e2cab03d8add6d87a2
b026da50fc169ef54c2afc989bc6c38a513aefed22fa11d195b1bf5f1f0e0344
b210a600139089349de6543d9b4e2d1db21daa65652e2c4917ddb538f1bfba10
b36320bb6f64d37820c6b5eb4f604cf8693615f17ab433c711139009ef19dee1
b98c6558c343a5f0e1b4cefedf8ffa0b53cb9ce1b0f81601ac9513673f1b4091
bb60b10bbd8ee62462aab755a86067f95ce3b2b5c777567e16c06fa32c1f1b92
bb7d12a7f353bf44e832040614e42ae52d69609f66e2a3c843a65c5774ffe700
bdc4d761c33b80b352df11a191c6723f8f30c74dd8c34855a9ab41ad6cfbae71
be36dbccb8a97b8f592b3408616661b337330c56a8784cfffb64ca61b4394b67
c1c8cc14ccbd26faaf0c308b648f16aa7fa98de56b162362c8501130e0cfeb1e
cf043a02369c217b0f87069f2c7cb0b3d64c5c78fb2c821ceb46b263f51ea758
d24b492cc15692d79a344d3cee1952e99baf5a35e727eee802014e43311af9dc
d3a6cb4ba7d2e169e837325c066262b1127bb8b525bf8146d9d7dbde5bbaa0e6
d4149a2900e4a0eb76f8424ff0ec3013e6cfb22837fe8657c449cc75015352a3
d41c09d06d11fd679e9dde59e294aa1c25df94d1d74e63f0daf8c136901258f2
d793513cd609e310b8bcbb6b7a8dbc895e2c279865824dc011c192b84975fd6a
d865eecf3e86c11ab224434aecb84384c87cd8e52f5f0d5fb2f9b5291eab8578
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
e2180f7403ac35a3f4b17647175e187152f89b209f9c2613c04e4fbaacb9a2da
e33e443789597dc5b0f29b5c49ae43f8243d19fe4d80084e47080703d09e8974
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57c50e19eca7e5625b972d574db560e02ef77581956b6d8308f46183a0afe69
eba0f96944a600c7bf9eb5affa52c9ba467ebcd4b9b8eba8c234dc3f9757ee41
ebaf718cdb52c3b775d67c7e89ea3827b63556a1b26cd912d7466508877926d5
ebcd963400689482d49d5bd100fe9690c581b6a4fbfc54273de5daf8e3c77529
ee0edfa9b0240789a4c205421df27d2815fd8a57a2a64ef0624cbd0b7555c01b
f07f2256eb98e733f6d9eb5c7aa1b584efc48a7f0fce179060ec635552c5e0d2
f2205c30ab0d0a86cd0d715cf483bafd550c0ea9d4ddb24e2c182f1d7f024144
fbed3ae58bfafae5e147ec513e114b1a63dd78a68d1a20451338acdb2709ea89
fd1ace0f3033ff036069e86ffec8806531ed3465ccb7d16d27dea0f6d368cbbb
ff157e8c4d6cd382a7eb3f3801ea4ab7e626afd4a0210d35b69fc5aadeef7323

www.bloomberg.com Open in urlscan Pro 151.101.1.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

100 %HTTPS

14 %IPv6

12 Domains

20 Subdomains

22 IPs

3 Countries

2548 kBTransfer

9317 kBSize

20 Cookies

20 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bloomberg.com Open in urlscan Pro
151.101.1.73 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

100 %
HTTPS

14 %
IPv6

12
Domains

20
Subdomains

22
IPs

3
Countries

2548 kB
Transfer

9317 kB
Size

20
Cookies

109 HTTP transactions
8 data transactions