www.bloomberg.com Open in urlscan Pro
151.101.129.73 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Submission: On December 30 via api (December 30th 2024, 7:59:39 pm UTC) from AE — Scanned from CA

Summary HTTP 100 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 12 domains to perform 100 HTTP transactions. The main IP is 151.101.129.73, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.bloomberg.com. The Cisco Umbrella rank of the primary domain is 27885.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on September 25th 2024. Valid for: 7 months.

This is the only time www.bloomberg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	151.101.129.73 151.101.129.73	54113 (FASTLY) (FASTLY)
3	172.217.197.157 172.217.197.157	15169 (GOOGLE) (GOOGLE)
15	151.101.193.73 151.101.193.73	54113 (FASTLY) (FASTLY)
3	104.18.167.224 104.18.167.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	3.167.37.17 3.167.37.17	16509 (AMAZON-02) (AMAZON-02)
1	35.201.104.135 35.201.104.135	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.167.69.118 3.167.69.118	16509 (AMAZON-02) (AMAZON-02)
1	52.45.239.128 52.45.239.128	14618 (AMAZON-AES) (AMAZON-AES)
2	54.83.128.29 54.83.128.29	14618 (AMAZON-AES) (AMAZON-AES)
9	54.204.15.222 54.204.15.222	14618 (AMAZON-AES) (AMAZON-AES)
6	69.191.136.181 69.191.136.181	10361 (BLOOMBERG...) (BLOOMBERG-NET)
2	173.194.207.97 173.194.207.97	15169 (GOOGLE) (GOOGLE)
5	34.128.128.0 34.128.128.0	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
2	52.205.177.82 52.205.177.82	14618 (AMAZON-AES) (AMAZON-AES)
1	173.194.66.103 173.194.66.103	15169 (GOOGLE) (GOOGLE)
1	142.251.174.94 142.251.174.94	15169 (GOOGLE) (GOOGLE)
3	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
100	19

26 151.101.129.73 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.bwbx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.197.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f157.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.193.73 (San Francisco, United States)

ASN54113 (FASTLY, US)

assets.bwbx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.167.224 (None, )

ASN13335 (CLOUDFLARENET, US)

pub.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 3.167.37.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-37-17.iad61.r.cloudfront.net

sourcepointcmp.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com

vi.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.167.69.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-69-118.iad61.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.239.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-239-128.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.83.128.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-128-29.compute-1.amazonaws.com

coordinator.cm.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.204.15.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-15-222.compute-1.amazonaws.com

eventrecorder.cm.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.191.136.181 (United States)

ASN10361 (BLOOMBERG-NET, US)

login.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.207.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.128.128.0 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 0.128.128.34.bc.googleusercontent.com

featureassets.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prodregistryv2.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.205.177.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-177-82.compute-1.amazonaws.com

gatehouse.cm.bloomberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.66.103 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.174.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	bwbx.io assets.bwbx.io — Cisco Umbrella Rank: 26539	2 MB
36	bloomberg.com www.bloomberg.com — Cisco Umbrella Rank: 27885 sourcepointcmp.bloomberg.com — Cisco Umbrella Rank: 39789 coordinator.cm.bloomberg.com — Cisco Umbrella Rank: 43232 eventrecorder.cm.bloomberg.com — Cisco Umbrella Rank: 31495 login.bloomberg.com — Cisco Umbrella Rank: 40967 gatehouse.cm.bloomberg.com — Cisco Umbrella Rank: 66343	261 KB
4	stripe.com js.stripe.com — Cisco Umbrella Rank: 1073	166 KB
3	prodregistryv2.org prodregistryv2.org — Cisco Umbrella Rank: 5437	621 B
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1010 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026	21 KB
3	doubleverify.com pub.doubleverify.com — Cisco Umbrella Rank: 3128	19 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	209 KB
2	featureassets.org featureassets.org — Cisco Umbrella Rank: 6514	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	280 KB
1	gstatic.com www.gstatic.com	216 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
1	ml314.com vi.ml314.com — Cisco Umbrella Rank: 7293	388 B
100	12

	Domain	Requested by
38	assets.bwbx.io	www.bloomberg.com assets.bwbx.io
14	sourcepointcmp.bloomberg.com	www.bloomberg.com sourcepointcmp.bloomberg.com
9	eventrecorder.cm.bloomberg.com	assets.bwbx.io
6	login.bloomberg.com	www.bloomberg.com
4	js.stripe.com	www.bloomberg.com
3	prodregistryv2.org	www.bloomberg.com
3	pub.doubleverify.com	www.bloomberg.com
3	securepubads.g.doubleclick.net	www.bloomberg.com
3	www.bloomberg.com	www.bloomberg.com
2	gatehouse.cm.bloomberg.com	www.bloomberg.com
2	featureassets.org	www.bloomberg.com
2	www.googletagmanager.com	www.bloomberg.com
2	coordinator.cm.bloomberg.com	www.bloomberg.com
2	tags.crwdcntrl.net	www.bloomberg.com
1	www.gstatic.com	www.bloomberg.com
1	www.google.com	www.bloomberg.com
1	bcp.crwdcntrl.net	www.bloomberg.com
1	vi.ml314.com	www.bloomberg.com
100	18

This site contains links to these domains. Also see Links.

Domain
bba.bloomberg.net
service.bloomberg.com
www.facebook.com
www.instagram.com
www.linkedin.com
twitter.com
www.youtube.com
pro.bloomberglaw.com
pro.bloombergtax.com
about.bgov.com
about.bnef.com
www.bloomberglive.com
www.bloombergradio.com
www.bloombergmedia.com
pro.bloombergenvironment.com
www.cisa.gov
bloom.bg
bloomberg.com
nytech.org

Subject Issuer	Validity	Valid
www.bloomberg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-04-14`	7 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
pub.doubleverify.com WE1	`2024-11-28` - `2025-02-26`	3 months	crt.sh
sourcepointcmp.bloomberg.co.jp R11	`2024-12-16` - `2025-03-16`	3 months	crt.sh
vi.ml314.com WR3	`2024-11-04` - `2025-02-02`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
coordinator.cm.bloomberg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-20` - `2025-12-20`	a year	crt.sh
eventrecorder.cm.bloomberg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-03-23`	8 months	crt.sh
login.bloomberg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-02` - `2026-01-01`	a year	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
featureassets.org R10	`2024-12-19` - `2025-03-19`	3 months	crt.sh
prodregistryv2.org R10	`2024-12-19` - `2025-03-19`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-12-16` - `2025-04-03`	4 months	crt.sh
gatehouse.cm.bloomberg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-18` - `2026-01-17`	a year	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Frame ID: CF6ADC365715048F5119C3D3FAED2455
Requests: 92 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=12098
Frame ID: E8254C8934F480EB8AE5B390BD9D287A
Requests: 1 HTTP requests in this frame

Frame: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135994&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Frame ID: EB733047953C3C74F4A18F0F96818F34
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf7rDgfAAAAAI8VMW8SVVA-1mJZE25oy_WF1AGi&co=aHR0cHM6Ly93d3cuYmxvb21iZXJnLmNvbTo0NDM.&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=ygyhvsl32g8e
Frame ID: 2516DDBDF36DBEB46D09E786B5D3D4FE
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-5f8fe069f0f25d457a465ae97c75bf56.html
Frame ID: 1C898A7C200EA9B7E34714206EBAF1AB
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-4c9e178fd7d3dedf3a60076092cf3ce5.html
Frame ID: 92535BA1350716E186071BC872396B2C
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-2844110fc082720a991c1b220231ca83.html
Frame ID: 57112132EEEA8CFC8391E437613F80C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How Russia-Linked Ransomware Hackers Bled This Small Company Dry - Bloomberg

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

100
Requests

97 %
HTTPS

0 %
IPv6

12
Domains

18
Subdomains

19
IPs

2
Countries

2979 kB
Transfer

11174 kB
Size

27
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://bba.bloomberg.net/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Anywhere Remote LoginBloomberg Anywhere Login

Search URL Search Domain Scan URL

URL: https://service.bloomberg.com/portal/sessions/new?utm_source=bloomberg-menu&utm_medium=bcom
Title: Manage Products and Account Information

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Bloomberglp
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bloomberg/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/2494
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/bloomberg
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@bloomberglp
Title: YouTube

Search URL Search Domain Scan URL

URL: https://pro.bloomberglaw.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Law

Search URL Search Domain Scan URL

URL: https://pro.bloombergtax.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Tax

Search URL Search Domain Scan URL

URL: https://about.bgov.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Government

Search URL Search Domain Scan URL

URL: https://about.bnef.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: BloombergNEF

Search URL Search Domain Scan URL

URL: https://www.bloomberglive.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Live Conferences

Search URL Search Domain Scan URL

URL: https://www.bloombergradio.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Radio

Search URL Search Domain Scan URL

URL: https://www.bloombergmedia.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Advertising

Search URL Search Domain Scan URL

URL: https://pro.bloombergenvironment.com/?utm_source=bloomberg-menu&utm_medium=bcom
Title: Bloomberg Environment

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-109a
Title: Akira

Search URL Search Domain Scan URL

URL: http://bloom.bg/dg-ws-core-bcom-m1
Title: Before it’s here, it’s on the Bloomberg TerminalBloomberg Terminal LEARN MORE

Search URL Search Domain Scan URL

URL: https://bloomberg.com/context
Title: About Us

Search URL Search Domain Scan URL

URL: https://nytech.org/made
Title: Made in NYC

Search URL Search Domain Scan URL

URL: https://www.bloombergmedia.com/contact
Title: Advertise

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

100 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request how-russia-linked-ransomware-hackers-bled-this-small-company-dry Show response
www.bloomberg.com/news/features/2024-12-06/ 304 KB
50 KB 842ms
287ms Document
text/html 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty / Express

Resource Hash

abb0359d290d9980fc053f64d4c9eb5432e7d92ba6c38a11782e40b02451f24a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.bloomberg.com https://.bloomberg.com upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: public, max-age=120
content-encoding: br
content-length: 50411
content-security-policy: frame-ancestors 'self' http://*.bloomberg.com https://*.bloomberg.com upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Mon, 30 Dec 2024 19:59:20 GMT
etag: "ya2s41kqkw6o5v"
fastly-restarts: 1
link: <https://assets.bwbx.io>; rel=preconnect; crossorigin, <https://assets.bwbx.io>; rel=preconnect, <https://sourcepointcmp.bloomberg.com>; rel=preconnect; crossorigin, <https://tpc.googlesyndication.com >; rel=preconnect; crossorigin, <https://www.google-analytics.com>; rel=preconnect; crossorigin, <https://www.googletagmanager.com>; rel=preconnect, <https://www.googletagmanager.com>; rel=preconnect; crossorigin
permissions-policy: join-ad-interest-group=(), run-ad-auction=(), browsing-topics=()
referrer-policy: no-referrer-when-downgrade
server: openresty
strict-transport-security: max-age=31557600
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-bb-vary-key: https,CA,(null)
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-powered-by: Express
x-served-by: cache-yyz4538-YYZ

GET
H2 200 2000x1290.webp
assets.bwbx.io/images/users/iqjWHBFdfxIU/i8w5yIkN5dDc/v0/ 405 KB
406 KB 258ms
168ms Image
image/webp 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/i8w5yIkN5dDc/v0/2000x1290.webp

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

df4d204d0b400a760709168f6e4ab119e454e4fa17966458b996b1ce0c237bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

etag: "0bef6a2d81bff3f230782b490c2e3a97a"
age: 1761803
access-control-allow-methods: GET
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
date: Mon, 30 Dec 2024 19:59:21 GMT
content-type: image/webp
x-served-by: cache-lga21939-LGA, cache-yyz4538-YYZ
x-cache-hits: 159, 0
strict-transport-security: max-age=31557600
cache-control: public,max-age=31536000
x-timer: S1735588761.233494,VS0,VE3
x-wss-client-request-id: cbeaba35-b5bc-4a15-b9c3-53c21e643389
accept-ranges: bytes
access-control-allow-origin: *
x-wss-server: asset-service-java-eksproduction.prod-6d5c4bfb6d-9mxmz
content-length: 414952

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 105 KB
33 KB 266ms
62ms Script
text/javascript 172.217.197.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f157.1e100.net

Software

cafe /

Resource Hash

dd23c0a33f0e033d8bf9e2f91103179ddebaa04da905b4e02545c51b13099ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: 639 / 20087 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 19:59:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 30 Dec 2024 19:59:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33753
x-xss-protection: 0
server: cafe

GET
H2 200 spritz.mjs Show response
assets.bwbx.io/s3/spritz/v1/ 3 KB
2 KB 234ms
26ms Script
application/javascript 151.101.193.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/spritz/v1/spritz.mjs

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d44e673ab7f35cd2babde98f4e434d45f63b53c6c4c68cc6ae3541d66877d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bloomberg.com
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "a6774be5256f7356266f0f551c498948"
x-amz-version-id: dkEHlonD2QCJO.8vGmxQusZAF6_vrIkT
age: 35192
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Wed, 08 Mar 2023 15:43:50 GMT
content-type: application/javascript
x-served-by: cache-bfi-kbfi7400055-BFI, cache-yyz4573-YYZ
x-cache-hits: 2861, 132
x-amz-id-2: /IT8F/nyFSuYAH8D+caRtEDDgPfSxgo1tdx39lS7Ti3MygoxkzwRYhd9oW8kJI5J8DG9B70Lu5U=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=86400, stale-while-revalidate=345600
x-timer: S1735588761.350533,VS0,VE0
x-amz-request-id: FQP1DGXQ758DQ6G5
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1247
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 sparkle.mjs Show response
assets.bwbx.io/s3/sparkle/v6/ 135 KB
39 KB 234ms
27ms Script
application/javascript 151.101.193.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/sparkle/v6/sparkle.mjs

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

289baa47042b4450a56882988c6eb6fdf2e2ae335dc0e2c810fd02f969d6ecc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bloomberg.com
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "1e85f8ae1fc59861107b3eab954488ec"
x-amz-version-id: 7cLwPveoveQqMQoyvoEzvQECc_B1tQmn
age: 249
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Thu, 19 Dec 2024 18:31:57 GMT
x-served-by: cache-bfi-krnt7300102-BFI, cache-yyz4573-YYZ
x-cache-hits: 65272, 4
content-type: application/javascript
x-amz-id-2: 1sWMYwi9/BwsM/g+zmg+1E1TI3pWJKn8Re1a35eMVliWHo7uJcRHQ1a/7w7uvMaEcRsqf03ViMQ=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=3600, stale-while-revalidate=86400
x-timer: S1735588761.350522,VS0,VE0
x-amz-request-id: 55M3XXMV29YQDJCZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39823
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pub.js Show response
pub.doubleverify.com/dvtag/24434720/DV1422145/ 57 KB
18 KB 204ms
50ms Script
text/javascript 104.18.167.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/24434720/DV1422145/pub.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.167.224 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43de41f61ccbd20af6f03c7ef6ff92259c4c2c52106dd8a8e6d377139c761a11

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
cache-control: public, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
access-control-expose-headers: Server-Timing, Cf-Ray
access-control-allow-credentials: true
cf-ray: 8fa49c1e79bf398a-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Dec 2024 19:59:21 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
sourcepointcmp.bloomberg.com/unified/ 130 KB
38 KB 567ms
116ms Script
text/javascript 3.167.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/unified/wrapperMessagingWithoutDetection.js
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.37.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-37-17.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ecd3d39ec535810f3c25f129bf9acfa1d2038adf02766b461009c348caf2f2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

vary: accept-encoding
cache-control: max-age=3600
content-encoding: br
etag: W/"e0b4a90400153ecf1ba547eeb74f1546"
age: 2087
via: 1.1 cbd54a3b44bc9e01c474bf6778503afa.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: TYmzyi8TU0103m5R6l7NMWG7k-fc3KxD1_Uew_JOvc5a_ENlP8OUlg==
date: Mon, 30 Dec 2024 19:24:35 GMT
content-type: text/javascript
last-modified: Wed, 11 Dec 2024 14:52:04 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P4
x-amz-server-side-encryption: AES256

GET
H2 200 cmp-client.min.js Show response
assets.bwbx.io/s3/foundation/cmp-client/v3/ 11 KB
4 KB 107ms
30ms Script
application/javascript 151.101.193.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/foundation/cmp-client/v3/cmp-client.min.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ca8e937588d9eabb3fd74b4d0baf2ce83dc0eeb78ef14caf7bdd8082ceead124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bloomberg.com
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "7fcd67e49f21fc7cce23ceedb4c6c7d5"
x-amz-version-id: OF19BIj3vyudznbNSuZN8Q84XnVo29NH
age: 1079
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Fri, 20 Dec 2024 17:21:30 GMT
content-type: application/javascript
x-served-by: cache-bfi-kbfi7400071-BFI, cache-yyz4573-YYZ
x-cache-hits: 68893, 8
x-amz-id-2: 4MZU/qJwaKiA7IlLNPTAIaab6w7QwTbEyUoZ8EMZEmJtpgz50Z9ZFoE++7BF51D2X3dGHKVF1Sk=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=3600, stale-while-revalidate=7200
x-timer: S1735588761.350832,VS0,VE0
x-amz-request-id: 13Z7E8Y2ZJYD9C5R
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4020
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 abba-client.js Show response
assets.bwbx.io/s3/abba/abba-client/latest/ 228 KB
68 KB 703ms
701ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/abba/abba-client/latest/abba-client.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

543df95af03277f0cb563fcf9d6d0434d3e517f86746c2914237889bc9b1eae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "06d9d249859e392f0f3189d170adb9b4"
x-amz-version-id: 6MoOsACGWvBym0CwYuZPocEYCp0H.rsN
age: 94
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Wed, 11 Dec 2024 18:03:29 GMT
x-served-by: cache-bfi-krnt7300050-BFI, cache-yyz4538-YYZ
x-cache-hits: 2084540, 2
content-type: application/javascript
x-amz-id-2: 7wYpPo+eJ9zAV8UArnPmz3YXR0+k3XEk9r62+ydH9oXGe0TU5w6h4PRKV0F4Y/TslK+wJT5kTng=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=120,stale-while-revalidate=300
x-timer: S1735588761.275840,VS0,VE0
x-amz-request-id: AVZE1YCHZ0SMRCR0
accept-ranges: bytes
access-control-allow-origin: *
content-length: 69587
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 bb854a8b18bdc2c8.css
assets.bwbx.io/s3/lightsaber/_next/static/css/ 32 KB
7 KB 128ms
39ms Stylesheet
text/css 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/css/bb854a8b18bdc2c8.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

36cceb7b76adba916a46424d0d066fe5cd80ca97ed715b865ace5cb1d9a72605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "bf05a9f53c408e69cac4a2984e32e24b"
x-amz-version-id: qs78cgrJa7e18O.5gcvogZwhIDo7szHF
age: 964930
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Thu, 19 Dec 2024 15:50:53 GMT
x-served-by: cache-bfi-kbfi7400092-BFI, cache-yyz4538-YYZ
x-cache-hits: 56, 1570
content-type: text/css
x-amz-id-2: bMG6lBBxv86xXXZ+AT7LcuggoR7swk+a4t+xT8J3MZMWvZXI6wlxUbEGOQzYu1V1Ux5ZjLHbtLY=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000,immutable,public
x-timer: S1735588761.233101,VS0,VE0
x-amz-request-id: 8F06PA0AR58EB8FF
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7205
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 a88632f8e14b00f6.css
assets.bwbx.io/s3/lightsaber/_next/static/css/ 162 KB
21 KB 174ms
85ms Stylesheet
text/css 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/css/a88632f8e14b00f6.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

890778493708846612fcfff7756d631366c2741338149d71e7cabbd7af7e096f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "ae5a99056fed9cd11d04e5ab1b70aa75"
x-amz-version-id: Wad89aq_MSd8ihKHnBwXgG2KRmFHryVL
age: 1549915
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Thu, 12 Dec 2024 21:22:46 GMT
x-served-by: cache-bfi-kbfi7400066-BFI, cache-yyz4538-YYZ
x-cache-hits: 4, 2834
content-type: text/css
x-amz-id-2: dHk549NA+aDVNMQRqDnFmZI/sBIwIghlI70aIf6L2THYktUEXFyKrxI1Y7ObBEyTaZExtV63eBI=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000,immutable,public
x-timer: S1735588761.233525,VS0,VE0
x-amz-request-id: D32KDF2896WEM7HY
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20740
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 197769b160e5b723.css
assets.bwbx.io/s3/lightsaber/_next/static/css/ 144 KB
20 KB 173ms
84ms Stylesheet
text/css 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/css/197769b160e5b723.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4ccf205852914ea3a3b297aa5a189a9b35d5c96c9d8abc7e623a19a846bbb39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "6f8ccea73426a7756891697447501fb8"
x-amz-version-id: cvJGtAXQLVw5PV0rqMw_uQhE7XyBhYwX
age: 964930
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Thu, 19 Dec 2024 15:50:52 GMT
x-served-by: cache-bfi-kbfi7400113-BFI, cache-yyz4538-YYZ
x-cache-hits: 56, 1585
content-type: text/css
x-amz-id-2: xSv0ts0okbceL2EszkfaUaUY/C9xJh2F5UNqIyJ8ZN+eMKAZRJ62GVYVEzFLoa6Jn0t8IlhrWSo=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000,immutable,public
x-timer: S1735588761.233508,VS0,VE0
x-amz-request-id: 8F079ZB2FE3Q1Q69
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20264
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 901fd35d90d54450.css
assets.bwbx.io/s3/lightsaber/_next/static/css/ 42 KB
6 KB 128ms
40ms Stylesheet
text/css 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/css/901fd35d90d54450.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6a01b03aee337d8a33581576aa392b38cc54d89a73e20d26b0dad3ace0f53ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "112c3cc4a03e07ae7c55691fc476d129"
x-amz-version-id: mE95EgwO40woZPOrYHy9_JqdcOZOyeVE
age: 964930
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Thu, 19 Dec 2024 15:50:52 GMT
x-served-by: cache-bfi-kbfi7400108-BFI, cache-yyz4538-YYZ
x-cache-hits: 55, 1570
content-type: text/css
x-amz-id-2: PcJWt/dyzKG+AWFTVbdPdkwkNSvvlvUqm+2W8MhV8QsNAzmW6N63Lo0GwP6RPJ5CSHWKgA9IOA4=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000,immutable,public
x-timer: S1735588761.233125,VS0,VE0
x-amz-request-id: 8F05CM05WQMGDKZ6
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6359
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 webpack-47840254b232882b.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 6 KB
3 KB 704ms
702ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/webpack-47840254b232882b.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6d6ac50a88f46c6874abe9564141e39678cb8ea13bc672388031abaf8292d5d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "2881024d80c35d18a4474649af9c81e5"
x-amz-version-id: 6BPNX1aihXmyEHZaLYVfQsXNlnF2Swxh
age: 964930
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Thu, 19 Dec 2024 15:52:39 GMT
x-served-by: cache-bfi-kbfi7400115-BFI, cache-yyz4538-YYZ
x-cache-hits: 56, 1538
content-type: application/javascript
x-amz-id-2: GxC0mlzwtGwAAE1oPZJVCQvxTvP5Lz7v+0NUJ5fTtOBpx54VsuD4PYS1S99VIDYM56DE9y9A4MQ=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.275811,VS0,VE0
x-amz-request-id: 8F03YPEHA1C4A9BJ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2429
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 framework-581107c637319eab.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 138 KB
42 KB 703ms
702ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/framework-581107c637319eab.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b9b668e6b01253b8c09a8124404a5d9a45ac072eb2b082ed2eea5ea08aff99b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "395d99a3d98b0bd547457d6fa919c970"
x-amz-version-id: fgX..dV4VmsDVkA4NYcb1UG0r6gM0ZUR
age: 4191025
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Tue, 22 Oct 2024 15:19:39 GMT
x-served-by: cache-bfi-krnt7300111-BFI, cache-yyz4538-YYZ
x-cache-hits: 14323, 4464
content-type: application/javascript
x-amz-id-2: V7wgvPWheL7DglBNEEsU3o8hNUR5T/gkPDJJ/tPHmd3MkQHNMF9IvKjnpAuZf025YX3okIT23ow=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.275805,VS0,VE0
x-amz-request-id: A9TR89X4E5V6QPA3
accept-ranges: bytes
access-control-allow-origin: *
content-length: 42622
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 main-cb9e666e2a3fb801.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 131 KB
36 KB 704ms
703ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/main-cb9e666e2a3fb801.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ca0ce6be211d280ee5a67ddbe28bbffb12f09cd9df5af72c6ba2e29f95993ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "40cac22be5c0b7dcd3f8880a3277b824"
x-amz-version-id: erb_oPb0GvGkfUpJYeSFWQn3zONY8Bhx
age: 5002864
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Tue, 22 Oct 2024 15:19:39 GMT
x-served-by: cache-bfi-krnt7300081-BFI, cache-yyz4538-YYZ
x-cache-hits: 29554, 4447
content-type: application/javascript
x-amz-id-2: BmBtMpHDguKzPx6B32133GeRqU+1S6KS5q8wgQvCUVXsL+Cqet9J2fuCJRuFQR/VFS1VaZZu638=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.276166,VS0,VE0
x-amz-request-id: A9THG37S4QSW8BSB
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36342
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 _app-de1b0041417d5c1d.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/pages/ 38 KB
13 KB 704ms
703ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/pages/_app-de1b0041417d5c1d.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

62ea0fcf72643ea10823a169fb1df310acc3f89110ec7c9f697146b0e76b3905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "e899677636e780ceca83fd7ab1cfaa8a"
x-amz-version-id: WR3_IhVLHmVgcv5P6dWfhjYQ1XlM15.V
age: 964930
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Thu, 19 Dec 2024 15:50:51 GMT
x-served-by: cache-bfi-krnt7300090-BFI, cache-yyz4538-YYZ
x-cache-hits: 57, 1551
content-type: application/javascript
x-amz-id-2: bpa5pHaq4r3vhxEWVEwMXdSQb+yKmRd62FwhJgVMCXSXZNWijpUmxDxKgrVEtba53+fyjIFg9qY=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.276142,VS0,VE0
x-amz-request-id: 8F0F4309VKED2ZQV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12455
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 5c0b189e-b741249bb303e7f1.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 35 KB
11 KB 704ms
702ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/5c0b189e-b741249bb303e7f1.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

86db61b23f719d8addc167fa47718ddb1d103dfaa9a5ba569876e81e71928186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "eedceb054178f9ceab89d130ce525f78"
x-amz-version-id: xv3LyDb8K0YfHhY49YVXh2bdph33CSOf
age: 4185954
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Tue, 22 Oct 2024 15:19:38 GMT
x-served-by: cache-bfi-kbfi7400075-BFI, cache-yyz4538-YYZ
x-cache-hits: 27009, 4369
content-type: application/javascript
x-amz-id-2: PqfnM1caGjk6tth5dbMXjVXrxvvPaW3V2LGO/TPvEq/RwqLOxUhbTJs9UWdKMqUmWru0aT12w1s=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.276136,VS0,VE0
x-amz-request-id: A9TQPQ1NWP0R654K
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11307
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 71-baef43e2acbe217a.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 1 MB
244 KB 706ms
704ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/71-baef43e2acbe217a.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9e1df7e1a5f2d70e4ac4bc0784ba50462936a3fd1510f70f5889e9318ce34cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "62fd236e63ae9a5f1bc71706d4f301cd"
x-amz-version-id: x_jzlnnUJT0BAJXB17E2Yqaz1hQWb1fE
age: 1549915
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Thu, 12 Dec 2024 21:22:43 GMT
x-served-by: cache-bfi-kbfi7400114-BFI, cache-yyz4538-YYZ
x-cache-hits: 28108, 306
content-type: application/javascript
x-amz-id-2: vAQ2GyGcVkV7DNpAYeCFy/OWxIbM2jefQJYFzNzgxYl2PLZY9MabunHm2IN8ZnJqlKYBCnkoR9U=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.300655,VS0,VE0
x-amz-request-id: D32MD8MKGG895F4H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 248825
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 59-27317c37e1db8c8e.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 325 KB
91 KB 706ms
704ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/59-27317c37e1db8c8e.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a3eb26e23827c3afe17606ebba52ebd69a3255329edc555da2896301b895739c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "e75542c82695b4635c1fef7661db61e1"
x-amz-version-id: b8K7a2jmt0B6jldFTrOs1PlXB1KgbFfB
age: 964930
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Thu, 19 Dec 2024 15:50:50 GMT
x-served-by: cache-bfi-kbfi7400068-BFI, cache-yyz4538-YYZ
x-cache-hits: 57, 1573
content-type: application/javascript
x-amz-id-2: laWBVrfBqUhBx/MKSFl03+4oX1Dvov4xM8fNJP3cu8Vn22Yu8woH7ALTfcqSYkrcN59n/5RiTzg=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.300661,VS0,VE0
x-amz-request-id: 8F0261ZFH82TY18X
accept-ranges: bytes
access-control-allow-origin: *
content-length: 93079
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 99-2bf805269ccd9030.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 21 KB
7 KB 706ms
705ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/99-2bf805269ccd9030.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13b7ae77a7187f6ffe410104b5019a709052e2fdd30a95712f7a8ec143f692a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "027c49e21548cca2d7aac7ac9b2a9a3b"
x-amz-version-id: d.sT650fTPi6rFkm0jxAWVDhwWEgs4mN
age: 1111258
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Tue, 17 Dec 2024 23:14:22 GMT
x-served-by: cache-bfi-krnt7300052-BFI, cache-yyz4538-YYZ
x-cache-hits: 6, 1894
content-type: application/javascript
x-amz-id-2: SXuGMUkv6qURiUtx4bk49sKH3w0MehZBneVbBQYuHauaep7CyPACa5xRkMA05xFqTbd2BZkGI6k=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.300597,VS0,VE0
x-amz-request-id: T1XYHD86C0M39ENE
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6755
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 90-5d91baf31b506831.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/ 91 KB
28 KB 706ms
705ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/90-5d91baf31b506831.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f4888d91ee1284ed3cc2d1e118d8d28832168d119ffd92ad04c78916dbe17724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "3b08815bd8a561b4bc30d898ab423265"
x-amz-version-id: IRbnykfEsryW58rF.Z9MarGrukm.nWzY
age: 964930
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Thu, 19 Dec 2024 15:50:51 GMT
x-served-by: cache-bfi-kbfi7400115-BFI, cache-yyz4538-YYZ
x-cache-hits: 57, 1564
content-type: application/javascript
x-amz-id-2: RMRe06jlO4mLaz5Y+qblzr4gsTSpQvdBjYRckAF03v1XAWzxdJ4L+7Wtx1+a60QavT0s/PsckHM=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.300607,VS0,VE0
x-amz-request-id: 8F01XG17SP8REAJ1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27881
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 %5B...slug%5D-b772d7ef29db0b1c.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/chunks/pages/content/%5Blang%5D/news/%5Btype%5D/ 295 B
566 B 705ms
704ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/pages/content/%5Blang%5D/news/%5Btype%5D/%5B...slug%5D-b772d7ef29db0b1c.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0575c9492a1f555be1e86b6000af17d5ad23a15e21af19850da6a33f7a6bba31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "e659c0b21e862be57fffb935aa15c0ea"
x-amz-version-id: qRMdeeozEYnfgE8DL6iwiFLYW_e4r_0X
age: 964930
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Thu, 19 Dec 2024 15:50:51 GMT
x-served-by: cache-bfi-krnt7300102-BFI, cache-yyz4538-YYZ
x-cache-hits: 57, 1548
content-type: application/javascript
x-amz-id-2: g8FuBuICWcC7xraB1UeBKksCgtgQw9rfLMc/2x7UJSkCM7dKdBlzesiwXACtzqQeIDZCBpFDiHo=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.300550,VS0,VE0
x-amz-request-id: 8F0B4T5VDN0E49NQ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 181
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 _buildManifest.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/YHgpZbJw59d5GUGkPd4tn/ 1 KB
756 B 705ms
704ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/YHgpZbJw59d5GUGkPd4tn/_buildManifest.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2ba34717036e5ae4ea0bb8445c21d71aa06a64582f84ef8d2d495f4179af6658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "63327624b79bd350b3ad43bbfef04a76"
x-amz-version-id: yXVN94oo3_fzUISZwODq0dyvpkRcRKkz
age: 964930
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Thu, 19 Dec 2024 15:52:35 GMT
x-served-by: cache-bfi-krnt7300069-BFI, cache-yyz4538-YYZ
x-cache-hits: 55, 1542
content-type: application/javascript
x-amz-id-2: /TaNjKwX4cMNVzUY7hUPH8uDqmwBPalnlxj/EQ+SWQGgHIae3aBu1PP70r7bn/jjiQWvESohqj8=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000,immutable,public
x-timer: S1735588761.300534,VS0,VE0
x-amz-request-id: 8F05JBGYXS9VCQ7J
accept-ranges: bytes
access-control-allow-origin: *
content-length: 503
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 _ssgManifest.js Show response
assets.bwbx.io/s3/lightsaber/_next/static/YHgpZbJw59d5GUGkPd4tn/ 80 B
461 B 704ms
703ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/lightsaber/_next/static/YHgpZbJw59d5GUGkPd4tn/_ssgManifest.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

678f6ce2cb80b1fe72fc67e7412be6e2ab6ada083111b64f7c40d35e3cba5e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "b404e23d62d95bafd03ad7747cc0e88b"
x-amz-version-id: 9MUuvRHOjI7Fq1tAlmMncxXcxYgNxbWP
age: 964930
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Thu, 19 Dec 2024 15:52:35 GMT
x-served-by: cache-bfi-krnt7300052-BFI, cache-yyz4538-YYZ
x-cache-hits: 56, 1545
content-type: application/javascript
x-amz-id-2: ALbNo6Hr8davjUObUbaVvnWi33o5BiaXtSLNCNl/tymHXopcGUupOggj+AQIJenRVUtUMDn9c+g=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000,immutable,public
x-timer: S1735588761.300545,VS0,VE0
x-amz-request-id: 8F021WA1ATVPN55F
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 app.bundle.js Show response
assets.bwbx.io/s3/fence/fast-path/v1/ 6 KB
3 KB 704ms
701ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fence/fast-path/v1/app.bundle.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

be961aa5aab73ab3b82b1cd7fc9098e7d999a3f769392f43671b41861e4512ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "983193fd598e0266f431193aa22b53d6"
x-amz-version-id: H5I5WknhFR6A2o7RBFQBa34UWtByShEQ
age: 40793
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Thu, 19 Dec 2024 15:28:54 GMT
x-served-by: cache-bfi-kbfi7400060-BFI, cache-yyz4538-YYZ
x-cache-hits: 4351, 90
content-type: application/javascript
x-amz-id-2: QaEGPelCyQZMLo93Kdw8429bcpL8GjWUUHV09kz//bfklT5/w65Fa6WrJmq3DG0wMP1RWhUJC2s=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=86400, stale-while-revalidate=604800
x-timer: S1735588761.275858,VS0,VE0
x-amz-request-id: CRN6B09N5B3C7B8H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2444
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 get Show response
vi.ml314.com/ 264 B
388 B 198ms
46ms Script
application/javascript 35.201.104.135
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vi.ml314.com/get?eid=50066&tk=aO1CCthMyYq5eNlVwlKQXL9igGlRPy95K4LLnm84p2bE3d&fp=

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

135.104.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

strict-transport-security: max-age=2592000
cache-control: private,max-age=86400
content-encoding: br
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 19:59:21 GMT
content-type: application/javascript
vary: Accept-Encoding
server: Google Frontend

GET
DATA 200
OK truncated
/ 113 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0604e1347945a5561c8176d5eb7ad5db2d70a3494ccd72267b572e99c6f07a3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 542 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8baed2039b7f621eac8fcebb89c159202493841f6aad9b48e128c61ee5e81e9a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 210 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9d1873e9dc49de0d9bc05cabcd59e303be9a7fcf38ff6ee4a9dd4970b0e5f34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 828 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1c8cc14ccbd26faaf0c308b648f16aa7fa98de56b162362c8501130e0cfeb1e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 487401ead4bbfa1f3ebb914de73d9608fbc72a5dc6b3ab34de0f18117f80ac61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 546 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 040cfadf88b5253a5a364a175a2d5326741f99674edd28294eb28f7f5bbabc2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 620 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b36320bb6f64d37820c6b5eb4f604cf8693615f17ab433c711139009ef19dee1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 379 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b026da50fc169ef54c2afc989bc6c38a513aefed22fa11d195b1bf5f1f0e0344

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 BWHaasGrotesk-55Roman-Web-5cf5733cd9.woff2
assets.bwbx.io/s3/fontservice/fonts/ 31 KB
31 KB 86ms
85ms Font
font/woff2 151.101.193.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/BWHaasGrotesk-55Roman-Web-5cf5733cd9.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f00b7c9097ac1c7661f126d5fcc494efec22745d53a1d5294027db2a7c382ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bloomberg.com
Referer: https://www.bloomberg.com/

Response headers

etag: "5cf5733cd9241d8e129282b8e5b8c193"
x-amz-version-id: gmgEdLUmA86gblnoepLNIwtUiryDQdHN
age: 1140068
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Wed, 19 Apr 2023 20:39:52 GMT
x-served-by: cache-bfi-kbfi7400076-BFI, cache-yyz4573-YYZ
x-cache-hits: 2349, 1222
content-type: font/woff2
x-amz-id-2: q3s2m8ATxsqD4fkbmoHZ0fdAqn2av6WNXHFyrD8h13+uoZaxp1ISj+fPiF8jf92dh/HWNPz7I2M=
strict-transport-security: max-age=31557600
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.483863,VS0,VE0
x-amz-request-id: CT1411FEYSKRVJZR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31420
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 AvenirNextPForBBG-Regular-eb3bb1b816.woff2
assets.bwbx.io/s3/fontservice/fonts/ 36 KB
36 KB 84ms
82ms Font
font/woff2 151.101.193.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/AvenirNextPForBBG-Regular-eb3bb1b816.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13f07e4a2a1699b8dfc0b0ee14014fba6e822a778155a62ac588225ff8fe068a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bloomberg.com
Referer: https://www.bloomberg.com/

Response headers

etag: "eb3bb1b8161ef443e50d2b9dfbcaeaa8"
x-amz-version-id: 8Tl5VGis9gmIi5st9QSz.k6zSIAoUZR0
age: 1117975
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Wed, 19 Apr 2023 20:39:52 GMT
x-served-by: cache-bfi-krnt7300073-BFI, cache-yyz4573-YYZ
x-cache-hits: 571, 955
content-type: font/woff2
x-amz-id-2: OL7tctDRhVH5OlsQdZu/nBIormLdfQPajKckYuUEQF9MkH8QMdqEGh1pZtAKl2FZzx8OZls/Bmk=
strict-transport-security: max-age=31557600
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.483832,VS0,VE0
x-amz-request-id: KSYTNBRTM2RR46HV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36456
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 AvenirNextPForBBG-Demi-b9b4abf0ea.woff2
assets.bwbx.io/s3/fontservice/fonts/ 36 KB
36 KB 85ms
84ms Font
font/woff2 151.101.193.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/AvenirNextPForBBG-Demi-b9b4abf0ea.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d24b492cc15692d79a344d3cee1952e99baf5a35e727eee802014e43311af9dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bloomberg.com
Referer: https://www.bloomberg.com/

Response headers

etag: "b9b4abf0ea70a701fa5cfba89d02763f"
x-amz-version-id: PbbxNJgS1OJcH1wZ7WFnDXuJ5fRz31kk
age: 2280040
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Wed, 10 Jul 2024 14:19:52 GMT
x-served-by: cache-bfi-kbfi7400090-BFI, cache-yyz4573-YYZ
x-cache-hits: 5406, 749
content-type: font/woff2
x-amz-id-2: 8AM0eFtcA7n8THPcfDLCD6DAEer9eOxTi66HKJugOq4Z5HkMMQteA4QRO5BcHfv0XjtcL/eOfuo=
strict-transport-security: max-age=31557600
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.483785,VS0,VE0
x-amz-request-id: T2H40572WVB1WX87
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36708
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 BWHaasGrotesk-65Medium-Web-8f5de0c368.woff2
assets.bwbx.io/s3/fontservice/fonts/ 44 KB
44 KB 86ms
85ms Font
font/woff2 151.101.193.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/BWHaasGrotesk-65Medium-Web-8f5de0c368.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3d32d4c2d5335eb88ea6d28229f0da43e41eb98921baf759330ab5515419079b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bloomberg.com
Referer: https://www.bloomberg.com/

Response headers

etag: "8f5de0c368941f43014377e91a930437"
x-amz-version-id: vK8RIqqUhDaTLJxZc0UgYEsZkH35wfKn
age: 1496227
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Wed, 19 Apr 2023 20:39:52 GMT
x-served-by: cache-bfi-kbfi7400035-BFI, cache-yyz4573-YYZ
x-cache-hits: 21578, 1206
content-type: font/woff2
x-amz-id-2: BJppCBxRLAaElhnWXPpW9nWCg7j6rjOkmL5ze0Baeozj01M6bnhq0S+xnTkQkqfqx5w6e8OeHVs=
strict-transport-security: max-age=31557600
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.484289,VS0,VE0
x-amz-request-id: 7PVAGJZTYYSZHM0S
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44900
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 BWHaasGrotesk-56Italic-Web-669253244d.woff2
assets.bwbx.io/s3/fontservice/fonts/ 33 KB
33 KB 87ms
86ms Font
font/woff2 151.101.193.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/BWHaasGrotesk-56Italic-Web-669253244d.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

36ce7e2a8573961b9d4eb7377f293a1487af673156a2d47c3f212de3f306e380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bloomberg.com
Referer: https://www.bloomberg.com/

Response headers

etag: "669253244d5430629948724163d319a2"
x-amz-version-id: Z3M3k_b7bqG5Ctl09d8ajG16IF73skBo
age: 1510699
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Wed, 19 Apr 2023 20:39:52 GMT
x-served-by: cache-bfi-kbfi7400071-BFI, cache-yyz4573-YYZ
x-cache-hits: 1565, 1050
content-type: font/woff2
x-amz-id-2: pB72gjEhCii5qACb8xnPRLgwoaoGwSEoq2WODnvAsq7MibLnJC6rCexMrAjr1vzLWxwo8xanK4Y=
strict-transport-security: max-age=31557600
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.484268,VS0,VE0
x-amz-request-id: 290P57MRR9J5BK5W
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33488
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 BWHaasGrotesk-75Bold-Web-de8c77cce2.woff2
assets.bwbx.io/s3/fontservice/fonts/ 32 KB
32 KB 87ms
86ms Font
font/woff2 151.101.193.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/BWHaasGrotesk-75Bold-Web-de8c77cce2.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d6f4b49a31c43a76d5fb6e08431ec59336962b0454dd61228df343005f46120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bloomberg.com
Referer: https://www.bloomberg.com/

Response headers

etag: "de8c77cce206155c16c93d0ca69528ca"
x-amz-version-id: DS2BZAwNnKNlX1NEHcghk1Sf.zrbqSHM
age: 3543167
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Wed, 19 Apr 2023 20:39:52 GMT
x-served-by: cache-bfi-kbfi7400036-BFI, cache-yyz4573-YYZ
x-cache-hits: 28296, 1233
content-type: font/woff2
x-amz-id-2: aGwSxdyj4htUUQqYu9JwI3ON3rcn+NGRCd68qIcDMtqr7wIGQRy1O8yoSvLCEFBeU1Oa8RN7tpQ=
strict-transport-security: max-age=31557600
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.484243,VS0,VE0
x-amz-request-id: YR27WQ8DVETQR5PA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32756
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 PublicoText-Roman-Web-bfa063ee27.woff2
assets.bwbx.io/s3/fontservice/fonts/ 51 KB
52 KB 87ms
87ms Font
font/woff2 151.101.193.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fontservice/fonts/PublicoText-Roman-Web-bfa063ee27.woff2

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ac65679285de2392fc8b76767e1db03387d7c5968544f70975f74eaecf1be10d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bloomberg.com
Referer: https://www.bloomberg.com/

Response headers

etag: "bfa063ee2757aeb3365e8e0680513ae6"
x-amz-version-id: be9Dw4r26kcwlkk3edtKT8p1fUdqvJSq
age: 2335160
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:21 GMT
last-modified: Wed, 19 Apr 2023 20:39:55 GMT
x-served-by: cache-bfi-kbfi7400094-BFI, cache-yyz4573-YYZ
x-cache-hits: 8764, 1070
content-type: font/woff2
x-amz-id-2: 04xOABWLkMPILGo+GjVJMiK+cDjOa4b8QtiO6cntQl8mmGVGgb1rgJvj3oZeU5SNzvFJ8ZXZZs0=
strict-transport-security: max-age=31557600
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000, immutable
x-timer: S1735588761.484222,VS0,VE0
x-amz-request-id: JD912X5N20REYE7J
accept-ranges: bytes
access-control-allow-origin: *
content-length: 52512
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 -1x-1.webp
assets.bwbx.io/images/users/iqjWHBFdfxIU/iowhAKkQWxag/v0/ 251 KB
252 KB 1896ms
1895ms Image
image/webp 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iowhAKkQWxag/v0/-1x-1.webp

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0f730e6c6675f586edbfe26b83913a3199040166d072fdd5f5e8e300e3a0ecfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

etag: "0640a139a2d684d296259cb6b3ca05d8a"
age: 1451499
access-control-allow-methods: GET
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
date: Mon, 30 Dec 2024 19:59:21 GMT
content-type: image/webp
x-served-by: cache-lga21933-LGA, cache-yyz4538-YYZ
x-cache-hits: 20, 725
strict-transport-security: max-age=31557600
cache-control: public,max-age=31536000
x-timer: S1735588761.480940,VS0,VE0
x-wss-client-request-id: 69c17710-101d-42c4-862e-92cf919f0d73
accept-ranges: bytes
access-control-allow-origin: *
x-wss-server: asset-service-java-eksproduction.prod-6d5c4bfb6d-wcstx
content-length: 257156

GET
H3 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/ids/ 13 B
340 B 161ms
160ms Fetch
application/json 104.18.167.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/ids/pub.json?ctx=24434720&cmp=DV1422145&url=https%3A%2F%2Fbloomberg.com&ids=1&token=ptd5mnTdiCI46Euyulmx466uXVIlo9ZPu2FfpCkCFSQKDdsaGb2eqr4KpNVUoPWaRRZEQ4uabAGGY5ME95h2SEcecogZw8WwO0P2nDm36oduzQYGtfWy0y%2B%2Fq4z%2Bz5lYrjv1WKtapvc3%2BUw%3D

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.167.224 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44d6d1f2648e7469518e4c7c2434917f72f734dfb30716ea66a139ff4b6eb53b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

access-control-expose-headers: Server-Timing, Cf-Ray
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 30 Dec 2024 19:59:21 GMT
content-type: application/json
vary: origin, x-forwarded-for, user-agent, Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
cache-control: private, max-age=900
timing-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8fa49c1f8de239fc-YYZ
access-control-allow-origin: https://www.bloomberg.com
content-length: 13
server: cloudflare

GET
H3 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/bsc/ 116 B
348 B 129ms
128ms Fetch
application/json 104.18.167.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/bsc/pub.json?ctx=24434720&cmp=DV1422145&url=https%3A%2F%2Fbloomberg.com%2Fnews%2Ffeatures%2F2024-12-06%2Fhow-russia-linked-ransomware-hackers-bled-this-small-company-dry&bsc=1&abs=1&token=ptd5mnTdiCI46Euyulmx466uXVIlo9ZPu2FfpCkCFSQKDdsaGb2eqr4KpNVUoPWaRRZEQ4uabAGGY5ME95h2SEcecogZw8WwO0P2nDm36oduzQYGtfWy0y%2B%2Fq4z%2Bz5lYrjv1WKtapvc3%2BUw%3D

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.167.224 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

883744dc82fbac6b83090d3b6808b58c17326c62fef9ce0b02ebdd8a79982e0d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

access-control-expose-headers: Server-Timing, Cf-Ray
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 30 Dec 2024 19:59:21 GMT
content-type: application/json
vary: origin, Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
cache-control: public, max-age=2332
timing-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8fa49c1f8de439fc-YYZ
access-control-allow-origin: https://www.bloomberg.com
server: cloudflare

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 492 KB
153 KB 57ms
57ms Script
text/javascript 172.217.197.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f157.1e100.net

Software

cafe /

Resource Hash

04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: 5395541545685299795
age: 52490
x-content-type-options: nosniff
expires: Tue, 30 Dec 2025 05:24:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 30 Dec 2024 05:24:31 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 156760
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 108ms
107ms Other
text/plain 172.217.197.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f157.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 80922
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 21:30:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 29 Dec 2024 21:30:39 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H2 200 gdpr-tcf.00cd3b6a2692e330e4ec.bundle.js Show response
sourcepointcmp.bloomberg.com/unified/4.27.3/ 156 KB
25 KB 101ms
100ms Script
text/javascript 3.167.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/unified/4.27.3/gdpr-tcf.00cd3b6a2692e330e4ec.bundle.js
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.37.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-37-17.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9d71756522e7ae94b93a30c45fb51fa255d23144e4ff6e94834f6611c050291

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

vary: accept-encoding
cache-control: max-age=31536000
content-encoding: br
etag: W/"ea06a4a0a473e3527170a161bf999f4d"
age: 1659801
via: 1.1 cbd54a3b44bc9e01c474bf6778503afa.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 4ZHK-RKi0pA4ue5875QIh0k8G0jYqQQRaq34jez9lZyFmqR6nTGbBA==
date: Wed, 11 Dec 2024 14:56:01 GMT
content-type: text/javascript
last-modified: Tue, 10 Dec 2024 17:21:00 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P4
x-amz-server-side-encryption: AES256

GET
H2 200 usnat-uspapi.784cb86039101848d683.bundle.js Show response
sourcepointcmp.bloomberg.com/unified/4.27.3/ 349 KB
35 KB 137ms
137ms Script
text/javascript 3.167.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/unified/4.27.3/usnat-uspapi.784cb86039101848d683.bundle.js
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.37.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-37-17.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 952402b6ebab9b7125180cf7a3bf6b07dde95b757a160d1b4b851f89a0f9835e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

vary: accept-encoding
cache-control: max-age=31536000
content-encoding: br
etag: W/"fa68020b353ec39bc51d9e7d11ae370b"
age: 1659801
via: 1.1 cbd54a3b44bc9e01c474bf6778503afa.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: kSTZBOkdmDdDMevAmLluBKQpJKPNxugkJYUOoFyeVkH9Z9-Z-_jkHA==
date: Wed, 11 Dec 2024 14:56:01 GMT
content-type: text/javascript
last-modified: Tue, 10 Dec 2024 17:21:00 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P4
x-amz-server-side-encryption: AES256

GET
H2 200 meta-data Show response
sourcepointcmp.bloomberg.com/wrapper/v2/ 469 B
1023 B 209ms
47ms XHR
application/json 3.167.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/wrapper/v2/meta-data?hasCsp=true&accountId=1425&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%2C%22usnat%22%3A%7B%7D%7D&propertyId=31489&scriptVersion=4.27.3&scriptType=unified

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-37-17.iad61.r.cloudfront.net

Software

/ Express

Resource Hash

8d438eec2f1e4282482c3e8ee71ace3f56db7bb0fde39e9ed4c687105fd077c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

age: 2080
access-control-allow-methods: GET, PUT, POST, DELETE
x-cache: Hit from cloudfront
x-amz-cf-id: BcmIipxRx2eRMC-Ih5di8CYNM_IczEFcyE5vPbORSm6BKN4nbVRuNA==
date: Mon, 30 Dec 2024 19:24:41 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=3600, s-maxage=3600
access-control-allow-credentials: true
via: 1.1 3801c1756029d7785c1b1ccb7897ebfc.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 469
x-sp-geo-usp: CA-ON
x-amz-cf-pop: IAD61-P4
x-powered-by: Express

GET
H2 200 messages Show response
sourcepointcmp.bloomberg.com/wrapper/v2/ 52 KB
8 KB 221ms
221ms XHR
application/json 3.167.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1425%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%22isKisa%22%3Afalse%2C%22view%22%3A%22web%22%7D%7D%2C%22usnat%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%22isKisa%22%3Afalse%2C%22view%22%3A%22web%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepointcmp.bloomberg.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fmc.bloomberg.com%2Fnews%2Ffeatures%2F2024-12-06%2Fhow-russia-linked-ransomware-hackers-bled-this-small-company-dry%22%2C%22propertyId%22%3A31489%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%2C%22usnat%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=47024829947024829999d44548575307b85&scriptVersion=4.27.3&scriptType=unified

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-37-17.iad61.r.cloudfront.net

Software

/ Express

Resource Hash

68254d433450bc19cdee07f5cce37c57d0b7949b8a5a81e6be88203810b2cdb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: gzip
access-control-allow-methods: GET, PUT, POST, DELETE
x-cache: Miss from cloudfront
x-amz-cf-id: -K7w3VATg7VkuuJF6fyJN5XPpmXJHYJh93xSCP4W-f236EUiOSXEbQ==
date: Mon, 30 Dec 2024 19:59:22 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=0, s-maxage=1200
access-control-allow-credentials: true
via: 1.1 3801c1756029d7785c1b1ccb7897ebfc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-sp-geo-usp: CA-ON
x-amz-cf-pop: IAD61-P4
x-powered-by: Express

OPTIONS
H2 200 pv-data
sourcepointcmp.bloomberg.com/wrapper/v2/ Frame 0
0 53ms
53ms Preflight
text/html 3.167.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=47024829947024829999d44548575307b85&scriptVersion=4.27.3&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-37-17.iad61.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bloomberg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://www.bloomberg.com
allow: POST
cache-control: no-cache, no-store
content-length: 4
content-type: text/html; charset=utf-8
date: Mon, 30 Dec 2024 19:59:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 3801c1756029d7785c1b1ccb7897ebfc.cloudfront.net (CloudFront)
x-amz-cf-id: GygNSr3wqLbwyPVEVW3AQ3gtRtK_FhKAh65CnF9YE-BNs77jE_v2WA==
x-amz-cf-pop: IAD61-P4
x-cache: Miss from cloudfront
x-powered-by: Express

POST
H2 200 pv-data Show response
sourcepointcmp.bloomberg.com/wrapper/v2/ 217 B
755 B 146ms
145ms XHR
application/json 3.167.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=47024829947024829999d44548575307b85&scriptVersion=4.27.3&scriptType=unified

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-37-17.iad61.r.cloudfront.net

Software

/ Express

Resource Hash

d3ed295ce2399f26576acd56b80f71570f83ab4daa310ffc6fc4facc90f5b81e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE
via: 1.1 3801c1756029d7785c1b1ccb7897ebfc.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.bloomberg.com
x-cache: Miss from cloudfront
content-length: 217
x-amz-cf-id: txeY6zkUG2tnZ_8dz4Uj6gt-108s_xj41RqGKat0x0jfAozuV199jw==
date: Mon, 30 Dec 2024 19:59:22 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
x-amz-cf-pop: IAD61-P4
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION

POST
H2 200 set_consent_cookies Show response
sourcepointcmp.bloomberg.com/mms/ 0
395 B 53ms
53ms XHR
text/plain 3.167.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/mms/set_consent_cookies?consentUUID=b1e29504-b15d-476e-8b58-08ccf157ae9b&consentUUID_maxAge=31536000&hasCsp=true

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-37-17.iad61.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

strict-transport-security: max-age=15552000; includeSubdomains
access-control-allow-credentials: true
access-control-allow-methods: *
via: 1.1 3801c1756029d7785c1b1ccb7897ebfc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: s9wZ-tm-IcV8ffOKdV4XN8fqJkUSISg1IGTjE3wvqoHfmZMV8tS73Q==
date: Mon, 30 Dec 2024 19:59:22 GMT
x-amz-cf-pop: IAD61-P4

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/12098/ 68 KB
20 KB 142ms
46ms Script
text/javascript 3.167.69.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/12098/lt.min.js
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.69.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-69-118.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4cf290e30617603ac84acae05a845cea9e42505233a9f8748fd8948727c1a4f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"dc556615c7a63f58eb72ef239f3e1b4b"
age: 23015
via: 1.1 8b272af022490485e447507e6865c8a6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: pI4X91GPsJ4N55A6rwD01CPnPEzQ_yy2bxrUKVUsHw8dxS_uTUamjg==
date: Mon, 30 Dec 2024 13:39:59 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:15:17 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P6
x-amz-server-side-encryption: AES256

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 597 B
2 KB 160ms
59ms XHR
application/json 52.45.239.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.239.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-239-128.compute-1.amazonaws.com
Software: /
Resource Hash: d2ab4243fd5e975afcbe2dd23eb609c143dca5765476d4349212d44766ac50fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.bloomberg.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 597
date: Mon, 30 Dec 2024 19:59:23 GMT
content-type: application/json;charset=utf-8
x-server: 10.40.49.251

GET
H2 200 lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame E825 0
0 198ms
43ms Document
text/html 3.167.69.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=12098
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.69.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-69-118.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 18054
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Mon, 30 Dec 2024 14:58:30 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: accept-encoding
via: 1.1 e65919f7601620126c233ab61638efee.cloudfront.net (CloudFront)
x-amz-cf-id: t4y5EJIDqnYTIsdya1wCGQEAhwNfP2gdQkdRaoilcAK-noxqj6stWg==
x-amz-cf-pop: IAD61-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 frontend.json Show response
assets.bwbx.io/s3/abba/feed/ 915 KB
42 KB 132ms
132ms Fetch
application/json 151.101.193.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/abba/feed/frontend.json

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f4a9c8019d712fc82fc2a1a4d37d0a4c4e5cfd08665265d16bd7dd3d2c99b00c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "eae5bdd420102190a35fb012182ca94b"
x-amz-version-id: 0p5QnO7innw5RBYpWZr_8Vi4EvVvHzYp
age: 46
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:24 GMT
last-modified: Fri, 27 Dec 2024 16:08:23 GMT
x-served-by: cache-bfi-krnt7300026-BFI, cache-yyz4573-YYZ
x-cache-hits: 2208, 4
content-type: application/json
x-amz-id-2: aXpGYa8Cs+kTHP1vbpYyfIF6o5mqA5hxDia8z+lelLpZOiJP/cj1Idm1kFQyiA2l7JARxSwlAvA=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=60, stale-while-revalidate=3600
x-timer: S1735588764.283629,VS0,VE0
x-amz-request-id: 0E2F10JAV2MEY22K
accept-ranges: bytes
access-control-allow-origin: *
content-length: 42841
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 coordination Show response
coordinator.cm.bloomberg.com/ 476 B
1 KB 310ms
64ms Fetch
application/json 54.83.128.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://coordinator.cm.bloomberg.com/coordination?metadata.paywall.device=Desktop%7CLinux%7Cchrome&metadata.consent=false&metadata.paywall.referrer=Direct&limit=100

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.83.128.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-128-29.compute-1.amazonaws.com

Software

Resource Hash

3760b7b6d7c5c58e599af14ca05fdc0dbfa109400cf21feaac581ae0ae075f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"1dc-0AtzwJRtOue43ZfXoopmUE9ma0U"
access-control-allow-credentials: true
access-control-allow-origin: https://www.bloomberg.com
date: Mon, 30 Dec 2024 19:59:24 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin, Accept-Encoding

GET
H2 200 event-recorder-client.min.js Show response
assets.bwbx.io/s3/foundation/event-recorder-client/1.0/ 3 KB
2 KB 36ms
36ms Script
application/javascript 151.101.193.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

41b196ac204322a3f50b7370f073bb7f3612a0135f46c1971a55d03097c3d55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bloomberg.com
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "464af715bdda7a3e57778c19b886bfcf"
x-amz-version-id: XAHhl_x6osT3Gd02S8eSAOvY.HwNNRKb
age: 1001
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:25 GMT
last-modified: Tue, 17 Dec 2024 07:40:05 GMT
content-type: application/javascript
x-served-by: cache-bfi-kbfi7400072-BFI, cache-yyz4573-YYZ
x-cache-hits: 94798, 13
x-amz-id-2: WG9StJDzVMuIiUGv98N/GiuiSsznxb8E64pEP8trH2xFqMnA9cBsJ2EZfrCujiFFpha98GxRyu0=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=3600, stale-while-revalidate=7200
x-timer: S1735588765.468446,VS0,VE0
x-amz-request-id: KJPGJ7N9HWEV2J6J
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1199
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 311ms
137ms Ping
application/json 54.204.15.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.15.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-15-222.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

date: Mon, 30 Dec 2024 19:59:25 GMT
content-type: application/json
content-length: 4

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 310ms
138ms Ping
application/json 54.204.15.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.15.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-15-222.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

date: Mon, 30 Dec 2024 19:59:25 GMT
content-type: application/json
content-length: 4

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 310ms
136ms Ping
application/json 54.204.15.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.15.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-15-222.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

date: Mon, 30 Dec 2024 19:59:25 GMT
content-type: application/json
content-length: 4

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 311ms
138ms Ping
application/json 54.204.15.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.15.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-15-222.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

date: Mon, 30 Dec 2024 19:59:25 GMT
content-type: application/json
content-length: 4

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
73 B 307ms
134ms Ping
application/json 54.204.15.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.15.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-15-222.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

date: Mon, 30 Dec 2024 19:59:25 GMT
content-type: application/json
content-length: 4

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 307ms
135ms Ping
application/json 54.204.15.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.15.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-15-222.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

date: Mon, 30 Dec 2024 19:59:25 GMT
content-type: application/json
content-length: 4

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 98ms
92ms Ping
application/json 54.204.15.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.15.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-15-222.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

date: Mon, 30 Dec 2024 19:59:25 GMT
content-type: application/json
content-length: 4

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 98ms
93ms Ping
application/json 54.204.15.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.15.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-15-222.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

date: Mon, 30 Dec 2024 19:59:25 GMT
content-type: application/json
content-length: 4

POST
H2 200 record
eventrecorder.cm.bloomberg.com/events/ 4 B
72 B 99ms
93ms Ping
application/json 54.204.15.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eventrecorder.cm.bloomberg.com/events/record
Requested by: Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/foundation/event-recorder-client/1.0/event-recorder-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.15.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-15-222.compute-1.amazonaws.com
Software: /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

date: Mon, 30 Dec 2024 19:59:25 GMT
content-type: application/json
content-length: 4

GET
H2 200 index.html Show response
sourcepointcmp.bloomberg.com/ Frame EB73 5 KB
2 KB 47ms
46ms Document
text/html 3.167.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135994&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.37.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-37-17.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67a38cd1a889974219c731ca8b27cf6ebb6503314e10deb1098cdc0fa0bd01e7

Request headers

Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 2056
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html
date: Mon, 30 Dec 2024 19:25:18 GMT
etag: W/"53e697dfbc1cbdd9406ed03b92f2b623"
last-modified: Wed, 11 Dec 2024 15:42:04 GMT
server: AmazonS3
vary: accept-encoding
via: 1.1 cbd54a3b44bc9e01c474bf6778503afa.cloudfront.net (CloudFront)
x-amz-cf-id: Vh12Tkd0LPX7-XeidgucssspA0Z4bkxy2_gND7HGlLdhdrV4LOCW3g==
x-amz-cf-pop: IAD61-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

OPTIONS
H/1.1 200
OK user-info
login.bloomberg.com/ Frame 0
0 180ms
53ms Preflight
application/octet-stream 69.191.136.181
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/user-info?withSubscriberData=false&activeSubscriptionsOnly=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

69.191.136.181 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bloomberg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-csrf-token,correlationid,x-application-caller,x-jwt-token
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.bloomberg.com
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Mon, 30 Dec 2024 19:59:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 745 KB
159 KB 411ms
54ms Script
application/javascript 173.194.207.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MNTH5N

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

1fdbaf3e2e2fa43760c84e5919ecb68c7bd158493e2f660bc98cacf9b7acf7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 30 Dec 2024 19:59:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 19:59:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 30 Dec 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 162345
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 2000x1290.webp
assets.bwbx.io/images/users/iqjWHBFdfxIU/i8w5yIkN5dDc/v0/ 405 KB
0 0ms
0ms Image
image/webp 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bwbx.io/images/users/iqjWHBFdfxIU/i8w5yIkN5dDc/v0/2000x1290.webp
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: df4d204d0b400a760709168f6e4ab119e454e4fa17966458b996b1ce0c237bf7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

etag: "0bef6a2d81bff3f230782b490c2e3a97a"
age: 1761803
access-control-allow-methods: GET
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
edge-control: !no-store,max-age=365d
date: Mon, 30 Dec 2024 19:59:21 GMT
content-type: image/webp
x-served-by: cache-lga21939-LGA, cache-yyz4538-YYZ
x-cache-hits: 159, 0
cache-control: public,max-age=31536000
x-timer: S1735588761.233494,VS0,VE3
x-wss-client-request-id: cbeaba35-b5bc-4a15-b9c3-53c21e643389
accept-ranges: bytes
access-control-allow-origin: *
x-wss-server: asset-service-java-eksproduction.prod-6d5c4bfb6d-9mxmz
content-length: 414952

GET
H2 200 that.js Show response
www.bloomberg.com/tophat/assets/v2.7.0/ 9 KB
3 KB 1380ms
1379ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomberg.com/tophat/assets/v2.7.0/that.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

1b28198d91713aa890caba2881a528dce345c12a98eb11f1023712def6ff8634

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: wss: 'unsafe-inline' 'unsafe-eval', upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

x-bb-vary-key: https,CA,CANADA
content-encoding: br
etag: W/"66c4ebb8-250f"
age: 2896222
x-content-type-options: nosniff, nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Mon, 30 Dec 2024 19:59:33 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kcgs7200057-IAD, cache-yyz4538-YYZ
x-cache-hits: 0, 12023
last-modified: Tue, 20 Aug 2024 19:17:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31557600
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-security-policy: default-src 'self' http: https: data: blob: wss: 'unsafe-inline' 'unsafe-eval', upgrade-insecure-requests
cache-control: public, s-maxage=31536000, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
x-timer: S1735588773.130388,VS0,VE1
referrer-policy: no-referrer-when-downgrade
permissions-policy: join-ad-interest-group=(), run-ad-auction=(), browsing-topics=()
accept-ranges: bytes
content-length: 2454
x-xss-protection: 1; mode=block
server: openresty

GET
H/1.1 200
OK user-info Show response
login.bloomberg.com/ 196 B
2 KB 458ms
69ms Fetch
application/json 69.191.136.181
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/user-info?withSubscriberData=false&activeSubscriptionsOnly=false

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

69.191.136.181 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

Resource Hash

43d7b24e581a671fc3c21b87dece2052a694400bc63a7772a844db15204361ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-cache, no-store
Pragma: no-cache
ETag: W/"c4-CTjo4j3Vfp+Vhuj+04c0a1034jI"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: -1
Access-Control-Allow-Origin: https://www.bloomberg.com
Content-Length: 196
Date: Mon, 30 Dec 2024 19:59:33 GMT
Content-Type: application/json; charset=utf-8

GET
H2 200 app.bundle.js Show response
assets.bwbx.io/s3/fence/fortress-client/v1/ 626 KB
152 KB 1390ms
1390ms Script
application/javascript 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fence/fortress-client/v1/app.bundle.js

Requested by

Host: assets.bwbx.io
URL: https://assets.bwbx.io/s3/lightsaber/_next/static/chunks/71-baef43e2acbe217a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a8c9ca4d7d06369db99e19fa2a52934592e4b9154534ce6a23f35c883056117d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "43c6bdb0abf369c16f9dbf0adebb129d"
x-amz-version-id: DmKrzDcWBbOLKqejfDsAXmZScqUUFbyI
age: 764
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:33 GMT
last-modified: Thu, 19 Dec 2024 15:28:52 GMT
x-served-by: cache-bfi-krnt7300092-BFI, cache-yyz4538-YYZ
x-cache-hits: 153477, 5
content-type: application/javascript
x-amz-id-2: encprDajp4JzlRA43O2K5s6/JtmJGxJTHz0CVTRmu+D7MbyqOxdnq5ZjoZtUsSoc92OsUSUsVXs=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=3600, stale-while-revalidate=86400
x-timer: S1735588773.140184,VS0,VE0
x-amz-request-id: K735FBPZAJM72T98
accept-ranges: bytes
access-control-allow-origin: *
content-length: 154631
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 frontend.json Show response
assets.bwbx.io/s3/abba/feed/ 915 KB
0 0ms
0ms Fetch
application/json 151.101.193.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bwbx.io/s3/abba/feed/frontend.json
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.73 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4a9c8019d712fc82fc2a1a4d37d0a4c4e5cfd08665265d16bd7dd3d2c99b00c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "eae5bdd420102190a35fb012182ca94b"
x-amz-version-id: 0p5QnO7innw5RBYpWZr_8Vi4EvVvHzYp
age: 46
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:24 GMT
last-modified: Fri, 27 Dec 2024 16:08:23 GMT
x-served-by: cache-bfi-krnt7300026-BFI, cache-yyz4573-YYZ
x-cache-hits: 2208, 4
content-type: application/json
x-amz-id-2: aXpGYa8Cs+kTHP1vbpYyfIF6o5mqA5hxDia8z+lelLpZOiJP/cj1Idm1kFQyiA2l7JARxSwlAvA=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=60, stale-while-revalidate=3600
x-timer: S1735588764.283629,VS0,VE0
x-amz-request-id: 0E2F10JAV2MEY22K
accept-ranges: bytes
access-control-allow-origin: *
content-length: 42841
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 coordination Show response
coordinator.cm.bloomberg.com/ 477 B
1 KB 52ms
50ms Fetch
application/json 54.83.128.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://coordinator.cm.bloomberg.com/coordination?currentResource=Feature%7CSO239QT0G1KW00&metadata.paywall.device=Desktop%7CLinux%7Cchrome&metadata.consent=false&metadata.paywall.referrer=Direct&limit=100

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.83.128.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-128-29.compute-1.amazonaws.com

Software

Resource Hash

be88334d5dca00715b490a9c84e650544150b405aac266101e495d11ace525d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"1dd-bP5bmtOENOxfvm2OMUY/xee9tJ4"
access-control-allow-credentials: true
access-control-allow-origin: https://www.bloomberg.com
date: Mon, 30 Dec 2024 19:59:33 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin, Accept-Encoding

GET
H2 200 Notice.f8044.css
sourcepointcmp.bloomberg.com/ Frame EB73 34 KB
6 KB 52ms
50ms Stylesheet
text/css 3.167.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/Notice.f8044.css
Requested by: Host: sourcepointcmp.bloomberg.com
URL: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135994&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.37.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-37-17.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ad5c363f234d1dd53f0ea39e90bd044f93ff0817de6c0de1f664fc6eedeaac7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135994&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1

Response headers

vary: accept-encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"36a4f8b68226608e536664781f79f180"
age: 2056
via: 1.1 cbd54a3b44bc9e01c474bf6778503afa.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 3q69gwpcxubQ8XuRAHOh8-5FrFyl46gv3H5rUzC0Enpeq8HemCm1xw==
date: Mon, 30 Dec 2024 19:25:18 GMT
content-type: text/css
last-modified: Wed, 11 Dec 2024 15:42:03 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P4
x-amz-server-side-encryption: AES256

GET
H2 200 polyfills.355e5.js Show response
sourcepointcmp.bloomberg.com/ Frame EB73 5 KB
2 KB 51ms
50ms Script
text/javascript 3.167.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/polyfills.355e5.js
Requested by: Host: sourcepointcmp.bloomberg.com
URL: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135994&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.37.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-37-17.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135994&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1

Response headers

vary: accept-encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"89661b8fd918815bcb224bba79cabab1"
age: 209
via: 1.1 cbd54a3b44bc9e01c474bf6778503afa.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: Py0DY6ckCA8IqCIiOpyMYL4gbH1AJIY3ozMX6sHc7Q4h28hKDxTv0Q==
date: Mon, 30 Dec 2024 19:56:05 GMT
content-type: text/javascript
last-modified: Wed, 11 Dec 2024 15:42:04 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P4
x-amz-server-side-encryption: AES256

GET
H2 200 Notice.2f601.js Show response
sourcepointcmp.bloomberg.com/ Frame EB73 295 KB
77 KB 471ms
470ms Script
text/javascript 3.167.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepointcmp.bloomberg.com/Notice.2f601.js
Requested by: Host: sourcepointcmp.bloomberg.com
URL: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135994&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.37.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-37-17.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3098c42113312ee7f1841d7e7e98e0f5c596a45ab4956fa0110e615029a6bdce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135994&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1

Response headers

vary: accept-encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"9587550ff583d3cba1c29c0c5469cb1b"
age: 2056
via: 1.1 cbd54a3b44bc9e01c474bf6778503afa.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 6f1mT6Ay4gcaVGyJiu16UW6WfnsDtxUx0omHUJwlWbEZfboKCbugmA==
date: Mon, 30 Dec 2024 19:25:18 GMT
content-type: text/javascript
last-modified: Wed, 11 Dec 2024 15:42:03 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P4
x-amz-server-side-encryption: AES256

GET
H2 200 categories Show response
sourcepointcmp.bloomberg.com/consent/tcfv2/vendor-list/ Frame EB73 2 KB
1 KB 46ms
44ms Fetch
application/json 3.167.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/consent/tcfv2/vendor-list/categories?siteId=31489

Requested by

Host: sourcepointcmp.bloomberg.com
URL: https://sourcepointcmp.bloomberg.com/Notice.2f601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-37-17.iad61.r.cloudfront.net

Software

Resource Hash

ede963704bb0fe431e49423f123b6cc891ae1119ad4bd29118e8c05138e84267

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135994&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=0, s-maxage=3600
content-encoding: gzip
age: 3192
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE
via: 1.1 cbd54a3b44bc9e01c474bf6778503afa.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: 16XCFyzQmCuVSYP702cPsiDTJEDwJeVCXmq1HhzDjBY7GZ2zAdL2AQ==
date: Mon, 30 Dec 2024 19:06:21 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: IAD61-P4
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H/1.1 200
OK user-info Show response
login.bloomberg.com/ 196 B
1 KB 64ms
64ms Fetch
application/json 69.191.136.181
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/user-info?withSubscriberData=false&activeSubscriptionsOnly=false

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

69.191.136.181 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

Resource Hash

43d7b24e581a671fc3c21b87dece2052a694400bc63a7772a844db15204361ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-csrf-token: uSm1nKBT-EKhoOdhnpCx83OUKqzBauqOdyd0
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-cache, no-store
Pragma: no-cache
ETag: W/"c4-CTjo4j3Vfp+Vhuj+04c0a1034jI"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: -1
Access-Control-Allow-Origin: https://www.bloomberg.com
Content-Length: 196
Date: Mon, 30 Dec 2024 19:59:33 GMT
Content-Type: application/json; charset=utf-8

POST
H2 200 initialize Show response
featureassets.org/v1/ 7 KB
1 KB 144ms
60ms Fetch
application/json 34.128.128.0
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://featureassets.org/v1/initialize?k=client-znj6VybwKiTebQPAyxcLNc9abgnAvgZA0CrU5JWH4Ia&st=javascript-client-react&sv=3.7.0&t=1735588773780&sid=e1f02802-d3a1-4823-b343-af36b8e9b37d&se=1

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.128.128.0 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

0.128.128.34.bc.googleusercontent.com

Software

Resource Hash

ecafdc04f4bddd795b49b5fb7edbe74df509e5528d40c4dae37c309c3660986a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-security-policy: frame-ancestors *.statsig.com
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
via: 1.1 google
x-statsig-region: gke-us-east5
stale-if-error: 86400
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1204
date: Mon, 30 Dec 2024 19:59:33 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding

POST
H2 200 initialize Show response
featureassets.org/v1/ 7 KB
1 KB 172ms
88ms Fetch
application/json 34.128.128.0
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://featureassets.org/v1/initialize?k=client-znj6VybwKiTebQPAyxcLNc9abgnAvgZA0CrU5JWH4Ia&st=javascript-client-react&sv=3.7.0&t=1735588773780&sid=e1f02802-d3a1-4823-b343-af36b8e9b37d&se=1

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.128.128.0 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

0.128.128.34.bc.googleusercontent.com

Software

Resource Hash

c8cbc6380c8aac5f7602f6c34a1e6c46521132fe89d5b8e8297690365d48a5b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-security-policy: frame-ancestors *.statsig.com
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
via: 1.1 google
x-statsig-region: gke-us-east5
stale-if-error: 86400
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1248
date: Mon, 30 Dec 2024 19:59:33 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding

POST
H2 202 rgstr Show response
prodregistryv2.org/v1/ 16 B
120 B 186ms
98ms Fetch
application/json 34.128.128.0
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://prodregistryv2.org/v1/rgstr?k=client-znj6VybwKiTebQPAyxcLNc9abgnAvgZA0CrU5JWH4Ia&st=javascript-client-react&sv=3.7.0&t=1735588773781&sid=e1f02802-d3a1-4823-b343-af36b8e9b37d&ec=1

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.128.128.0 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

0.128.128.34.bc.googleusercontent.com

Software

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-security-policy: frame-ancestors *.statsig.com
access-control-allow-credentials: true
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
permissions-policy: interest-cohort=()
x-response-time: 0 ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Mon, 30 Dec 2024 19:59:33 GMT
content-type: application/json
x-frame-options: SAMEORIGIN

POST
H2 202 rgstr Show response
prodregistryv2.org/v1/ 16 B
381 B 184ms
96ms Fetch
application/json 34.128.128.0
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://prodregistryv2.org/v1/rgstr?k=client-znj6VybwKiTebQPAyxcLNc9abgnAvgZA0CrU5JWH4Ia&st=javascript-client-react&sv=3.7.0&t=1735588773781&sid=e1f02802-d3a1-4823-b343-af36b8e9b37d&ec=1

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.128.128.0 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

0.128.128.34.bc.googleusercontent.com

Software

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-security-policy: frame-ancestors *.statsig.com
access-control-allow-credentials: true
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
permissions-policy: interest-cohort=()
x-response-time: 0 ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Mon, 30 Dec 2024 19:59:33 GMT
content-type: application/json
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 364 KB
121 KB 58ms
57ms Script
application/javascript 173.194.207.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GQ1PBLXZCT&l=dataLayer&cx=c&gtm=45He4cc1v72479467za200

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

5c99de4a50b13fd17ae941a6b622721ef185466e8edab5b57f3093fe24dd3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 30 Dec 2024 19:59:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 19:59:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 123567
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 categories Show response
sourcepointcmp.bloomberg.com/consent/tcfv2/vendor-list/ Frame EB73 2 KB
1 KB 46ms
46ms Fetch
application/json 3.167.37.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepointcmp.bloomberg.com/consent/tcfv2/vendor-list/categories?siteId=31489&consentLanguage=en

Requested by

Host: sourcepointcmp.bloomberg.com
URL: https://sourcepointcmp.bloomberg.com/Notice.2f601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.37.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-37-17.iad61.r.cloudfront.net

Software

Resource Hash

ede963704bb0fe431e49423f123b6cc891ae1119ad4bd29118e8c05138e84267

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sourcepointcmp.bloomberg.com/index.html?hasCsp=true&message_id=1135994&consentUUID=null&consent_origin=https%3A%2F%2Fsourcepointcmp.bloomberg.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=0, s-maxage=3600
content-encoding: gzip
age: 3191
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE
via: 1.1 cbd54a3b44bc9e01c474bf6778503afa.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: -lTLffYaiEVjUbhGSLndNVe75HWbm3jMgyU9f0AnTr6QSTgpA6-KDQ==
date: Mon, 30 Dec 2024 19:06:22 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: IAD61-P4
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

POST
H2 202 rgstr Show response
prodregistryv2.org/v1/ 16 B
120 B 53ms
52ms Fetch
application/json 34.128.128.0
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://prodregistryv2.org/v1/rgstr?k=client-znj6VybwKiTebQPAyxcLNc9abgnAvgZA0CrU5JWH4Ia&st=javascript-client-react&sv=3.7.0&t=1735588773941&sid=e1f02802-d3a1-4823-b343-af36b8e9b37d&ec=1

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.128.128.0 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

0.128.128.34.bc.googleusercontent.com

Software

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-security-policy: frame-ancestors *.statsig.com
access-control-allow-credentials: true
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
permissions-policy: interest-cohort=()
x-response-time: 0 ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Mon, 30 Dec 2024 19:59:33 GMT
content-type: application/json
x-frame-options: SAMEORIGIN

GET
H2 200 spotlights Show response
www.bloomberg.com/tophat/api/ 17 B
888 B 1729ms
1729ms XHR
application/json 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bloomberg.com/tophat/api/spotlights?site=bcom

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

bb60b10bbd8ee62462aab755a86067f95ce3b2b5c777567e16c06fa32c1f1b92

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: wss: 'unsafe-inline' 'unsafe-eval', upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

traceparent: 00-63aadcefedaf0b72dc97842c6ba8bc30-d50f06a9af5ba5b4-01
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5ODI2OTciLCJhcCI6IjEwNDQ3NDcyMjEiLCJpZCI6ImQ1MGYwNmE5YWY1YmE1YjQiLCJ0ciI6IjYzYWFkY2VmZWRhZjBiNzJkYzk3ODQyYzZiYThiYzMwIiwidGkiOjE3MzU1ODg3NzQ1MjcsInRrIjoiMjUzMDAifX0=
tracestate: 25300@nr=0-1-1982697-1044747221-d50f06a9af5ba5b4----1735588774527

Response headers

x-bb-vary-key: https,CA,CANADA
content-encoding: br
age: 600
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Mon, 30 Dec 2024 20:19:34 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Mon, 30 Dec 2024 19:59:34 GMT
content-type: application/json
x-served-by: cache-yyz4538-YYZ
x-cache-hits: 4
access-control-allow-headers: origin, content-type, accept
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31557600
vary: Accept-Encoding, Accept-Encoding
content-security-policy: default-src 'self' http: https: data: blob: wss: 'unsafe-inline' 'unsafe-eval', upgrade-insecure-requests
cache-control: max-age=1800, public, s-maxage=1800
referrer-policy: no-referrer-when-downgrade
permissions-policy: join-ad-interest-group=(), run-ad-auction=(), browsing-topics=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21
x-xss-protection: 1; mode=block
fastly-restarts: 1
server: openresty

OPTIONS
H/1.1 200
OK user-info
login.bloomberg.com/ Frame 0
0 56ms
55ms Preflight
application/octet-stream 69.191.136.181
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/user-info?withSubscriberData=false&activeSubscriptionsOnly=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

69.191.136.181 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-csrf-token
Access-Control-Request-Method: GET
Origin: https://www.bloomberg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-csrf-token,correlationid,x-application-caller,x-jwt-token
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.bloomberg.com
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Mon, 30 Dec 2024 19:59:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 styles.css
assets.bwbx.io/s3/fence/fortress-client/v1/ 57 KB
10 KB 62ms
62ms Stylesheet
text/css 151.101.129.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/fence/fortress-client/v1/styles.css

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9618a6eab120b45fdc729c7cbbeee6fd3fcdc31db1423d49edf74e4ae121e269

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "70957215046b0be12a87128dcbef453e"
x-amz-version-id: p2Io5fvIQG.8xrTzSUiqehS5DUkR7qQM
age: 1832
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:36 GMT
last-modified: Thu, 19 Dec 2024 15:28:52 GMT
x-served-by: cache-bfi-kbfi7400066-BFI, cache-yyz4538-YYZ
x-cache-hits: 36860, 9
content-type: text/css
x-amz-id-2: rmeh7O4wE1l1EtvhzB2pEihAnsnPmcSmsoRWeK3dfQK4LfOaeKaDCyMAJHxuX0/lZ+YuUkhBaJg=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=3600, stale-while-revalidate=86400
x-timer: S1735588776.436121,VS0,VE0
x-amz-request-id: NSEDEGM9412SSQ86
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9610
server: AmazonS3
x-amz-server-side-encryption: AES256

GET user-info
login.bloomberg.com/ 0
0

GET
H2 200 v3 Show response
js.stripe.com/ 694 KB
166 KB 219ms
27ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

49eb91ccb014544e86ffd670d8f1f1c2048d59e663c41655ad02651b0a1e302f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

x-request-id: 6e538abf-4c6c-4961-8f21-d2186ba428e6
content-encoding: br
etag: "057d0c0fbd2c6945e582717c1b7e7e73"
age: 46
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Mon, 30 Dec 2024 19:59:36 GMT
last-modified: Mon, 23 Dec 2024 22:07:10 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-yyz4521-YYZ
x-cache-hits: 7
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 169529
server: Fastly

GET
H2 200 data.json Show response
assets.bwbx.io/s3/mediaservices/superelastic/ 103 KB
28 KB 190ms
189ms Fetch
binary/octet-stream 151.101.193.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bwbx.io/s3/mediaservices/superelastic/data.json

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.73 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

452798f8b275b229c951910d4e874c3ae8103005f3e1ce2aa3e218fec36d4681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "7c75126ed533d9f1301a278fa0badb85"
x-amz-version-id: Ysd.VMIKjSiYionLzVRUwzdTUQV__G.I
age: 513
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:36 GMT
last-modified: Mon, 24 Oct 2022 14:07:26 GMT
x-served-by: cache-bfi-kbfi7400096-BFI, cache-yyz4573-YYZ
x-cache-hits: 39845, 1
content-type: binary/octet-stream
x-amz-id-2: r0kn8yOUx4LXHnfcYRD+PxElt5GgfItXmi6wa38I1JGsVsPlGA/ZwcuGPl3Y4Nvj13NqFKSou8g=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
x-timer: S1735588776.462304,VS0,VE1
x-amz-request-id: AX5A98H8K7N6YFGC
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27916
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 data.json Show response
assets.bwbx.io/s3/mediaservices/superelastic/ 103 KB
0 0ms
0ms Fetch
binary/octet-stream 151.101.193.73
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bwbx.io/s3/mediaservices/superelastic/data.json
Requested by: Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.73 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 452798f8b275b229c951910d4e874c3ae8103005f3e1ce2aa3e218fec36d4681

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: br
etag: "7c75126ed533d9f1301a278fa0badb85"
x-amz-version-id: Ysd.VMIKjSiYionLzVRUwzdTUQV__G.I
age: 513
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 30 Dec 2024 19:59:36 GMT
last-modified: Mon, 24 Oct 2022 14:07:26 GMT
x-served-by: cache-bfi-kbfi7400096-BFI, cache-yyz4573-YYZ
x-cache-hits: 39845, 1
content-type: binary/octet-stream
x-amz-id-2: r0kn8yOUx4LXHnfcYRD+PxElt5GgfItXmi6wa38I1JGsVsPlGA/ZwcuGPl3Y4Nvj13NqFKSou8g=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
x-timer: S1735588776.462304,VS0,VE1
x-amz-request-id: AX5A98H8K7N6YFGC
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27916
server: AmazonS3
x-amz-server-side-encryption: AES256

OPTIONS
H2 200 eligibility
gatehouse.cm.bloomberg.com/gatehousesvc/v2/sessions/6e1c2d12-d1a0-4127-a2df-5a510432214c/ Frame 0
0 1025ms
85ms Preflight 52.205.177.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gatehouse.cm.bloomberg.com/gatehousesvc/v2/sessions/6e1c2d12-d1a0-4127-a2df-5a510432214c/eligibility

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.205.177.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-177-82.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bloomberg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.bloomberg.com
access-control-max-age: 1800
content-length: 0
date: Mon, 30 Dec 2024 19:59:37 GMT
strict-transport-security: max-age=31536000
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-deployment-name: cmap-aws-production

POST
H2 200 eligibility Show response
gatehouse.cm.bloomberg.com/gatehousesvc/v2/sessions/6e1c2d12-d1a0-4127-a2df-5a510432214c/ 275 B
480 B 53ms
52ms Fetch
application/json 52.205.177.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gatehouse.cm.bloomberg.com/gatehousesvc/v2/sessions/6e1c2d12-d1a0-4127-a2df-5a510432214c/eligibility

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.205.177.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-177-82.compute-1.amazonaws.com

Software

Resource Hash

4989142ed477750ed5a257884d2d88326f776e0c8a5153df1471148d56af952e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.bloomberg.com
content-encoding: gzip
date: Mon, 30 Dec 2024 19:59:37 GMT
content-type: application/json
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-deployment-name: cmap-aws-production

OPTIONS
H/1.1 200
OK nrd9n8bm
login.bloomberg.com/plutus-api/v1/rate-plan/ Frame 0
0 51ms
50ms Preflight
application/octet-stream 69.191.136.181
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/plutus-api/v1/rate-plan/nrd9n8bm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

69.191.136.181 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,correlationid
Access-Control-Request-Method: GET
Origin: https://www.bloomberg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-csrf-token,correlationid,x-application-caller,x-jwt-token
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.bloomberg.com
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Mon, 30 Dec 2024 19:59:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK nrd9n8bm Show response
login.bloomberg.com/plutus-api/v1/rate-plan/ 3 KB
2 KB 195ms
194ms Fetch
application/json 69.191.136.181
BLOOMBERG-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bloomberg.com/plutus-api/v1/rate-plan/nrd9n8bm

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

69.191.136.181 , United States, ASN10361 (BLOOMBERG-NET, US),

Reverse DNS

Software

Resource Hash

3fed54065a61789ea1dd96022f9bb3e59342e832604e04a9642b0ccb76addc74

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

correlationId: 72501a52-dece-4edf-a4a5-9f0688c8d7ad
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json

Response headers

Content-Encoding: gzip
ETag: W/"c07-wizOt60kRTtmUaMSBMJzoyAOQDs"
Expect-CT: max-age=0
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
Date: Mon, 30 Dec 2024 19:59:37 GMT
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-DNS-Prefetch-Control: off
Cross-Origin-Opener-Policy: same-origin
Connection: keep-alive
Cross-Origin-Resource-Policy: same-origin
Referrer-Policy: no-referrer
X-Download-Options: noopen
Access-Control-Allow-Credentials: true
Cross-Origin-Embedder-Policy: require-corp
Access-Control-Allow-Origin: https://www.bloomberg.com
X-XSS-Protection: 0
Origin-Agent-Cluster: ?1

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 285ms
182ms Script
text/javascript 173.194.66.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6Lf7rDgfAAAAAI8VMW8SVVA-1mJZE25oy_WF1AGi

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f103.1e100.net

Software

ESF /

Resource Hash

78b2749ebed147028a7f586ac2a91fcf3dd1151dc992ef16dd95f85a46982cf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 19:59:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Mon, 30 Dec 2024 19:59:37 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ 547 KB
216 KB 216ms
50ms Script
text/javascript 142.251.174.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f94.1e100.net

Software

sffe /

Resource Hash

b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.bloomberg.com
Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Response headers

content-encoding: gzip
age: 458494
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 25 Dec 2025 12:38:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Dec 2024 12:38:03 GMT
last-modified: Tue, 10 Dec 2024 23:05:10 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220882
x-xss-protection: 0
server: sffe

GET anchor
www.google.com/recaptcha/enterprise/ Frame 2516 0
0

GET user-info
login.bloomberg.com/ 0
0

GET
H2 200 controller-with-preconnect-5f8fe069f0f25d457a465ae97c75bf56.html
js.stripe.com/v3/ Frame 1C89 0
0 79ms
26ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-5f8fe069f0f25d457a465ae97c75bf56.html

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 18
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 403
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 30 Dec 2024 19:59:38 GMT
etag: "5f8fe069f0f25d457a465ae97c75bf56"
last-modified: Mon, 23 Dec 2024 21:44:29 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 5
x-content-type-options: nosniff
x-request-id: 6678db45-5db9-4711-8491-d1efc189aae7
x-served-by: cache-yyz4557-YYZ

GET
H2 200 payment-request-inner-google-pay-4c9e178fd7d3dedf3a60076092cf3ce5.html
js.stripe.com/v3/ Frame 9253 0
0 69ms
27ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-4c9e178fd7d3dedf3a60076092cf3ce5.html

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bloomberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 561207
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 181
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 30 Dec 2024 19:59:38 GMT
etag: "4c9e178fd7d3dedf3a60076092cf3ce5"
last-modified: Mon, 23 Dec 2024 21:44:42 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2320
x-content-type-options: nosniff
x-request-id: 40969965-6f2d-4eca-97f8-4efdbe445e5c
x-served-by: cache-yyz4557-YYZ

GET
H2 200 payment-request-inner-browser-2844110fc082720a991c1b220231ca83.html
js.stripe.com/v3/ Frame 5711 0
0 67ms
28ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-2844110fc082720a991c1b220231ca83.html

Requested by

Host: www.bloomberg.com
URL: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bloomberg.com/news/features/2024-12-06/how-russia-linked-ransomware-hackers-bled-this-small-company-dry
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 33
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 160
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 30 Dec 2024 19:59:38 GMT
etag: "2844110fc082720a991c1b220231ca83"
last-modified: Mon, 23 Dec 2024 21:44:42 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: 37e90d4e-7d5b-454d-ad3c-5249c58aa5e8
x-served-by: cache-yyz4557-YYZ

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.bloomberg.com
URL: https://login.bloomberg.com/user-info?withSubscriberData=false&activeSubscriptionsOnly=true

Domain: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf7rDgfAAAAAI8VMW8SVVA-1mJZE25oy_WF1AGi&co=aHR0cHM6Ly93d3cuYmxvb21iZXJnLmNvbTo0NDM.&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=ygyhvsl32g8e

Domain: login.bloomberg.com
URL: https://login.bloomberg.com/user-info?withSubscriberData=false&activeSubscriptionsOnly=false

Verdicts & Comments Add Verdict or Comment

287 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bloomberg.com/	1969-12-31 23:59:59	Name: exp_pref Value: CANADA
.www.bloomberg.com/	1969-12-31 23:59:59	Name: country_code Value: CA
.bloomberg.com/	1970-01-21 04:16:04	Name: _sp_krux Value: false
.bloomberg.com/	1970-01-21 10:52:04	Name: consentUUID Value: b1e29504-b15d-476e-8b58-08ccf157ae9b
.crwdcntrl.net/	1970-01-21 08:35:13	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 08:35:13	Name: _cc_domain Value: .cc.bloomberg.com
.crwdcntrl.net/	1970-01-21 08:35:13	Name: _cc_id Value: db7d1bb0ddf6b619704c931aabeaf945
.crwdcntrl.net/	1970-01-21 08:35:16	Name: _cc_cc Value: "ACZ4nGNQSEkyTzFMSjJISUkzSzIztDQ3MEm2NDZMTExKTUyzNDFlAIL0ot%2BzGeBA8tO9z6aMh%2BIY%2FjMyMvxYeV8axp666IE2jN2KxH64GqHmWl%2BDOoz9Hcmcb0jsr0jsL0jsz0jsXb%2FbzGDsLWf36MDYy2%2FPFIexzy%2BewwJjH0ZiTz4Bd8KvjVPgwsv%2FFMKYl049YoOxn7z4qAtj31%2FXjnDBuqfcMPYNJPXnjh5ihrEBOd1%2B4Q%3D%3D"
.crwdcntrl.net/	1970-01-21 08:35:16	Name: _cc_aud Value: "ABR4nGNgYGBIL%2Fo9mwEGmBhYM4tADNbMQiAJAE4rBDE%3D"
.bloomberg.com/	1970-01-21 08:35:16	Name: _cc_id Value: db7d1bb0ddf6b619704c931aabeaf945
.bloomberg.com/	1970-01-21 08:35:16	Name: _cc_cc Value: ACZ4nGNQSEkyTzFMSjJISUkzSzIztDQ3MEm2NDZMTExKTUyzNDFlAIL0ot%2BzGeBA8tO9z6aMh%2BIY%2FjMyMvxYeV8axp666IE2jN2KxH64GqHmWl%2BDOoz9Hcmcb0jsr0jsL0jsz0jsXb%2FbzGDsLWf36MDYy2%2FPFIexzy%2BewwJjH0ZiTz4Bd8KvjVPgwsv%2FFMKYl049YoOxn7z4qAtj31%2FXjnDBuqfcMPYNJPXnjh5ihrEBOd1%2B4Q%3D%3D
.bloomberg.com/	1970-01-21 08:35:16	Name: _cc_aud Value: ABR4nGNgYGBIL%2Fo9mwEGmBhYM4tADNbMQiAJAE4rBDE%3D
.bloomberg.com/	1970-01-21 02:07:55	Name: panoramaId_expiry Value: 1735675163222
.adnxs.com/	1970-01-21 11:42:28	Name: receive-cookie-deprecation Value: 1
.ml314.com/	1970-01-21 10:52:04	Name: pi Value: 3649493401605767229
.doubleclick.net/	1970-01-21 02:06:29	Name: test_cookie Value: CheckForPermission
.twitter.com/	1970-01-21 11:42:28	Name: personalization_id Value: "v1_c2hlc3+zZjaYEIbVHFB2Hg=="
.bloomberg.com/	1970-01-21 10:52:04	Name: agent_id Value: 62101a9f-7efd-4bec-b05a-9b63383dfdb6
.bloomberg.com/	1970-01-21 10:52:04	Name: session_id Value: 687b1643-0a84-4ff3-8053-c8da81a78ab5
.bloomberg.com/	1970-01-21 10:52:04	Name: _session_id_backup Value: 687b1643-0a84-4ff3-8053-c8da81a78ab5
.bloomberg.com/	1970-01-21 10:52:04	Name: session_key Value: 6482c803ab59a0645cbc82868f6c5bb05c1602ce
.bloomberg.com/	1970-01-21 10:52:04	Name: gatehouse_id Value: 6e1c2d12-d1a0-4127-a2df-5a510432214c
.bloomberg.com/	1970-01-21 10:52:04	Name: geo_info Value: %7B%22countryCode%22%3A%22CA%22%2C%22country%22%3A%22CA%22%2C%22field_d%22%3A%22datapacket.com%22%2C%22field_n%22%3A%22cp%22%2C%22trackingRegion%22%3A%22US%22%2C%22cacheExpiredTime%22%3A1736193564559%2C%22region%22%3A%22US%22%2C%22fieldN%22%3A%22cp%22%2C%22fieldD%22%3A%22datapacket.com%22%7D%7C1736193564559
.bloomberg.com/	1969-12-31 23:59:59	Name: _reg-csrf Value: s%3AbfMfptkHQ5ffnXAjHeJd5HLP.kFHQLn4TVNDAWiJ7qJqXUoq33BLX1IhDkHc3VwmpRMU
.bloomberg.com/	1970-01-21 02:06:32	Name: _user-data Value: %7B%22status%22%3A%22anonymous%22%7D
.bloomberg.com/	1970-01-21 02:06:32	Name: _last-refresh Value: 2024-12-30%2019%3A59
.bloomberg.com/	1969-12-31 23:59:59	Name: _reg-csrf-token Value: 9WRrNcsz-5BAO1P5zOdc4b2lk64DrJuq3Vi0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	Message: Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other	warning	Message: Dropped srcset candidate "https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iowhAKkQWxag/v0/76x48.webp"
other	warning	Message: Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other	warning	Message: Dropped srcset candidate "https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iowhAKkQWxag/v0/152x96.webp"
other	warning	Message: Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other	warning	Message: Dropped srcset candidate "https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iowhAKkQWxag/v0/76x48.webp"
other	warning	Message: Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other	warning	Message: Dropped srcset candidate "https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iowhAKkQWxag/v0/152x96.webp"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' http://.bloomberg.com https://.bloomberg.com upgrade-insecure-requests
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.bwbx.io
bcp.crwdcntrl.net
coordinator.cm.bloomberg.com
eventrecorder.cm.bloomberg.com
featureassets.org
gatehouse.cm.bloomberg.com
js.stripe.com
login.bloomberg.com
prodregistryv2.org
pub.doubleverify.com
securepubads.g.doubleclick.net
sourcepointcmp.bloomberg.com
tags.crwdcntrl.net
vi.ml314.com
www.bloomberg.com
www.google.com
www.googletagmanager.com
www.gstatic.com
login.bloomberg.com
www.google.com
104.18.167.224
142.251.174.94
151.101.0.176
151.101.129.73
151.101.192.176
151.101.193.73
172.217.197.157
173.194.207.97
173.194.66.103
3.167.37.17
3.167.69.118
34.128.128.0
35.201.104.135
52.205.177.82
52.45.239.128
54.204.15.222
54.83.128.29
69.191.136.181
040cfadf88b5253a5a364a175a2d5326741f99674edd28294eb28f7f5bbabc2f
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
0575c9492a1f555be1e86b6000af17d5ad23a15e21af19850da6a33f7a6bba31
0604e1347945a5561c8176d5eb7ad5db2d70a3494ccd72267b572e99c6f07a3a
0ecd3d39ec535810f3c25f129bf9acfa1d2038adf02766b461009c348caf2f2a
0f730e6c6675f586edbfe26b83913a3199040166d072fdd5f5e8e300e3a0ecfe
13b7ae77a7187f6ffe410104b5019a709052e2fdd30a95712f7a8ec143f692a1
13f07e4a2a1699b8dfc0b0ee14014fba6e822a778155a62ac588225ff8fe068a
1b28198d91713aa890caba2881a528dce345c12a98eb11f1023712def6ff8634
1fdbaf3e2e2fa43760c84e5919ecb68c7bd158493e2f660bc98cacf9b7acf7d4
289baa47042b4450a56882988c6eb6fdf2e2ae335dc0e2c810fd02f969d6ecc8
2ba34717036e5ae4ea0bb8445c21d71aa06a64582f84ef8d2d495f4179af6658
3098c42113312ee7f1841d7e7e98e0f5c596a45ab4956fa0110e615029a6bdce
36cceb7b76adba916a46424d0d066fe5cd80ca97ed715b865ace5cb1d9a72605
36ce7e2a8573961b9d4eb7377f293a1487af673156a2d47c3f212de3f306e380
3760b7b6d7c5c58e599af14ca05fdc0dbfa109400cf21feaac581ae0ae075f7d
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3d32d4c2d5335eb88ea6d28229f0da43e41eb98921baf759330ab5515419079b
3fed54065a61789ea1dd96022f9bb3e59342e832604e04a9642b0ccb76addc74
41b196ac204322a3f50b7370f073bb7f3612a0135f46c1971a55d03097c3d55b
43d7b24e581a671fc3c21b87dece2052a694400bc63a7772a844db15204361ed
43de41f61ccbd20af6f03c7ef6ff92259c4c2c52106dd8a8e6d377139c761a11
44d6d1f2648e7469518e4c7c2434917f72f734dfb30716ea66a139ff4b6eb53b
452798f8b275b229c951910d4e874c3ae8103005f3e1ce2aa3e218fec36d4681
487401ead4bbfa1f3ebb914de73d9608fbc72a5dc6b3ab34de0f18117f80ac61
4989142ed477750ed5a257884d2d88326f776e0c8a5153df1471148d56af952e
49eb91ccb014544e86ffd670d8f1f1c2048d59e663c41655ad02651b0a1e302f
4ad5c363f234d1dd53f0ea39e90bd044f93ff0817de6c0de1f664fc6eedeaac7
4ccf205852914ea3a3b297aa5a189a9b35d5c96c9d8abc7e623a19a846bbb39d
4cf290e30617603ac84acae05a845cea9e42505233a9f8748fd8948727c1a4f1
4d44e673ab7f35cd2babde98f4e434d45f63b53c6c4c68cc6ae3541d66877d00
4d6f4b49a31c43a76d5fb6e08431ec59336962b0454dd61228df343005f46120
4f00b7c9097ac1c7661f126d5fcc494efec22745d53a1d5294027db2a7c382ab
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
543df95af03277f0cb563fcf9d6d0434d3e517f86746c2914237889bc9b1eae1
5c99de4a50b13fd17ae941a6b622721ef185466e8edab5b57f3093fe24dd3444
62ea0fcf72643ea10823a169fb1df310acc3f89110ec7c9f697146b0e76b3905
678f6ce2cb80b1fe72fc67e7412be6e2ab6ada083111b64f7c40d35e3cba5e00
67a38cd1a889974219c731ca8b27cf6ebb6503314e10deb1098cdc0fa0bd01e7
68254d433450bc19cdee07f5cce37c57d0b7949b8a5a81e6be88203810b2cdb6
6a01b03aee337d8a33581576aa392b38cc54d89a73e20d26b0dad3ace0f53ad4
6d6ac50a88f46c6874abe9564141e39678cb8ea13bc672388031abaf8292d5d9
78b2749ebed147028a7f586ac2a91fcf3dd1151dc992ef16dd95f85a46982cf0
86db61b23f719d8addc167fa47718ddb1d103dfaa9a5ba569876e81e71928186
883744dc82fbac6b83090d3b6808b58c17326c62fef9ce0b02ebdd8a79982e0d
890778493708846612fcfff7756d631366c2741338149d71e7cabbd7af7e096f
8baed2039b7f621eac8fcebb89c159202493841f6aad9b48e128c61ee5e81e9a
8d438eec2f1e4282482c3e8ee71ace3f56db7bb0fde39e9ed4c687105fd077c9
952402b6ebab9b7125180cf7a3bf6b07dde95b757a160d1b4b851f89a0f9835e
9618a6eab120b45fdc729c7cbbeee6fd3fcdc31db1423d49edf74e4ae121e269
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
9e1df7e1a5f2d70e4ac4bc0784ba50462936a3fd1510f70f5889e9318ce34cf4
a3eb26e23827c3afe17606ebba52ebd69a3255329edc555da2896301b895739c
a8c9ca4d7d06369db99e19fa2a52934592e4b9154534ce6a23f35c883056117d
a9d1873e9dc49de0d9bc05cabcd59e303be9a7fcf38ff6ee4a9dd4970b0e5f34
a9d71756522e7ae94b93a30c45fb51fa255d23144e4ff6e94834f6611c050291
abb0359d290d9980fc053f64d4c9eb5432e7d92ba6c38a11782e40b02451f24a
ac65679285de2392fc8b76767e1db03387d7c5968544f70975f74eaecf1be10d
b026da50fc169ef54c2afc989bc6c38a513aefed22fa11d195b1bf5f1f0e0344
b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6
b36320bb6f64d37820c6b5eb4f604cf8693615f17ab433c711139009ef19dee1
b9b668e6b01253b8c09a8124404a5d9a45ac072eb2b082ed2eea5ea08aff99b6
bb60b10bbd8ee62462aab755a86067f95ce3b2b5c777567e16c06fa32c1f1b92
be88334d5dca00715b490a9c84e650544150b405aac266101e495d11ace525d2
be961aa5aab73ab3b82b1cd7fc9098e7d999a3f769392f43671b41861e4512ba
c1c8cc14ccbd26faaf0c308b648f16aa7fa98de56b162362c8501130e0cfeb1e
c8cbc6380c8aac5f7602f6c34a1e6c46521132fe89d5b8e8297690365d48a5b9
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca0ce6be211d280ee5a67ddbe28bbffb12f09cd9df5af72c6ba2e29f95993ca8
ca8e937588d9eabb3fd74b4d0baf2ce83dc0eeb78ef14caf7bdd8082ceead124
d24b492cc15692d79a344d3cee1952e99baf5a35e727eee802014e43311af9dc
d2ab4243fd5e975afcbe2dd23eb609c143dca5765476d4349212d44766ac50fa
d3ed295ce2399f26576acd56b80f71570f83ab4daa310ffc6fc4facc90f5b81e
dd23c0a33f0e033d8bf9e2f91103179ddebaa04da905b4e02545c51b13099ae5
df4d204d0b400a760709168f6e4ab119e454e4fa17966458b996b1ce0c237bf7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecafdc04f4bddd795b49b5fb7edbe74df509e5528d40c4dae37c309c3660986a
ede963704bb0fe431e49423f123b6cc891ae1119ad4bd29118e8c05138e84267
f4888d91ee1284ed3cc2d1e118d8d28832168d119ffd92ad04c78916dbe17724
f4a9c8019d712fc82fc2a1a4d37d0a4c4e5cfd08665265d16bd7dd3d2c99b00c

www.bloomberg.com Open in urlscan Pro 151.101.129.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

100 Requests

97 %HTTPS

0 %IPv6

12 Domains

18 Subdomains

19 IPs

2 Countries

2979 kBTransfer

11174 kBSize

27 Cookies

20 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bloomberg.com Open in urlscan Pro
151.101.129.73 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

97 %
HTTPS

0 %
IPv6

12
Domains

18
Subdomains

19
IPs

2
Countries

2979 kB
Transfer

11174 kB
Size

27
Cookies

100 HTTP transactions
8 data transactions