www.hngn.com Open in urlscan Pro
35.186.240.185 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Submission: On August 13 via api (August 13th 2021, 5:42:23 am UTC) from GB

Summary HTTP 181 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 67 IPs in 8 countries across 52 domains to perform 181 HTTP transactions. The main IP is 35.186.240.185, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.hngn.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on March 11th 2021. Valid for: a year.

This is the only time www.hngn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	35.186.240.185 35.186.240.185	15169 (GOOGLE) (GOOGLE)
40	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	18.211.226.152 18.211.226.152	14618 (AMAZON-AES) (AMAZON-AES)
14	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a03:2880:f24... 2a03:2880:f245:ca:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6810:dd1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	18.169.27.96 18.169.27.96	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	91.228.74.226 91.228.74.226	16509 (AMAZON-02) (AMAZON-02)
1 4	54.192.219.96 54.192.219.96	16509 (AMAZON-02) (AMAZON-02)
1	35.186.220.80 35.186.220.80	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	94.31.29.248 94.31.29.248	33438 (HIGHWINDS2) (HIGHWINDS2)
1	108.161.188.128 108.161.188.128	33438 (HIGHWINDS2) (HIGHWINDS2)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.84.45.52 52.84.45.52	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2016	15169 (GOOGLE) (GOOGLE)
1	18.213.12.146 18.213.12.146	14618 (AMAZON-AES) (AMAZON-AES)
2	54.234.151.247 54.234.151.247	14618 (AMAZON-AES) (AMAZON-AES)
2	23.20.158.212 23.20.158.212	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:de00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.1.182.12 3.1.182.12	16509 (AMAZON-02) (AMAZON-02)
1	44.227.231.197 44.227.231.197	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
6	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
5 5	35.158.174.229 35.158.174.229	16509 (AMAZON-02) (AMAZON-02)
1 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	109.206.188.82 109.206.188.82	50245 (SERVEREL-AS) (SERVEREL-AS)
3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	143.204.207.15 143.204.207.15	16509 (AMAZON-02) (AMAZON-02)
2 3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	44.236.74.78 44.236.74.78	16509 (AMAZON-02) (AMAZON-02)
1	34.208.245.208 34.208.245.208	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
2 7	52.43.149.174 52.43.149.174	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a04:4e42:3::300 2a04:4e42:3::300	54113 (FASTLY) (FASTLY)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	52.89.213.37 52.89.213.37	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	52.18.12.237 52.18.12.237	16509 (AMAZON-02) (AMAZON-02)
181	67

1 35.186.240.185 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 185.240.186.35.bc.googleusercontent.com

www.hngn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

1085610534.rsc.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1075914428.rsc.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.211.226.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-226-152.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f245:ca:face:b00c:0:43fe (Amsterdam, Netherlands) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:dd1d (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.169.27.96 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-27-96.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.226 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.192.219.96 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-192-219-96.mrs52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.220.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.220.186.35.bc.googleusercontent.com

stat.hngn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.248 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.248.IPYX-077437-ZYO.above.net

asset.pagefair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.188.128 (United States)

ASN33438 (HIGHWINDS2, US)

asset.pagefair.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.45.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-52.mrs52.r.cloudfront.net

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.12.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-12-146.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com

reporting.powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com

hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:de00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.1.182.12 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-182-12.ap-southeast-1.compute.amazonaws.com

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.227.231.197 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-227-231-197.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

acc68a85681925c9e63ec85f76021991.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.158.174.229 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-174-229.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.131 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.188.82 (Netherlands) 1 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.188.82.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.15 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-15.fra53.r.cloudfront.net

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.236.74.78 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-74-78.us-west-2.compute.amazonaws.com

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.208.245.208 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-245-208.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.244 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.43.149.174 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-149-174.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.89.213.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-213-37.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.12.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-12-237.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	cdn77.org 1085610534.rsc.cdn77.org 1075914428.rsc.cdn77.org	569 KB
20	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com cm.mgid.com	177 KB
13	doubleclick.net 3 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net	132 KB
12	googlesyndication.com acc68a85681925c9e63ec85f76021991.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	227 KB
10	ampproject.org cdn.ampproject.org	201 KB
10	ad.gt 2 redirects a.ad.gt p.ad.gt ids.ad.gt pixels.ad.gt	16 KB
9	youtube.com www.youtube.com	666 KB
6	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	11 KB
6	google.com 2 redirects www.google.com adservice.google.com	14 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	google-analytics.com www.google-analytics.com	21 KB
4	adsrvr.org 3 redirects match.adsrvr.org	2 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	facebook.com www.facebook.com	418 B
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
4	anura.io script.anura.io ads.anura.io	48 KB
4	powerad.ai powerad.ai reporting.powerad.ai	36 KB
3	pubmatic.com 2 redirects ads.pubmatic.com image2.pubmatic.com	55 KB
3	facebook.net connect.facebook.net	171 KB
3	instagram.com 2 redirects platform.instagram.com www.instagram.com	5 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	757 B
2	lijit.com 1 redirects ce.lijit.com	973 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	adtelligent.com 1 redirects s.adtelligent.com sync.adtelligent.com	1 KB
2	brainlyads.com hb.brainlyads.com	148 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	17 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	getclicky.com static.getclicky.com	6 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	33 KB
2	hngn.com www.hngn.com stat.hngn.com	13 KB
1	crwdcntrl.net id.crwdcntrl.net	825 B
1	rlcdn.com api.rlcdn.com	326 B
1	contextweb.com 1 redirects bh.contextweb.com	423 B
1	taboola.com trc.taboola.com	229 B
1	aufp.io aufp.io	3 KB
1	smadex.com 1 redirects cm.smadex.com	526 B
1	e-volution.ai 1 redirects sync.e-volution.ai	463 B
1	lentainform.com cm.lentainform.com	496 B
1	idealmedia.io cm.idealmedia.io	413 B
1	google.de adservice.google.de	165 B
1	zprk.io pixel.zprk.io	3 KB
1	quantcount.com rules.quantcount.com	352 B
1	postrelease.com jadserve.postrelease.com	538 B
1	ytimg.com i.ytimg.com	106 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	pagefair.net asset.pagefair.net	349 B
1	pagefair.com asset.pagefair.com	330 B
1	googletagmanager.com www.googletagmanager.com	40 KB
1	googletagservices.com www.googletagservices.com	25 KB
1	ntv.io s.ntv.io	109 KB
1	cloudflare.com cdnjs.cloudflare.com	1 KB
181	52

	Domain	Requested by
21	1085610534.rsc.cdn77.org	www.hngn.com 1085610534.rsc.cdn77.org
19	1075914428.rsc.cdn77.org	www.hngn.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	www.youtube.com	www.hngn.com www.youtube.com
8	tpc.googlesyndication.com	www.hngn.com securepubads.g.doubleclick.net tpc.googlesyndication.com
8	cm.mgid.com	jsc.mgid.com www.hngn.com s.adtelligent.com
7	ids.ad.gt	2 redirects www.hngn.com
6	s-img.mgid.com	www.hngn.com
5	x.bidswitch.net	5 redirects
5	www.google.com	2 redirects www.youtube.com www.hngn.com tpc.googlesyndication.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.hngn.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.hngn.com
4	match.adsrvr.org	3 redirects ads.pubmatic.com
4	www.facebook.com	www.hngn.com connect.facebook.net
4	googleads.g.doubleclick.net	1 redirects www.youtube.com www.hngn.com
4	sb.scorecardresearch.com	1 redirects www.hngn.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	cm.g.doubleclick.net	2 redirects www.hngn.com
3	connect.facebook.net	www.hngn.com connect.facebook.net
3	script.anura.io	www.hngn.com script.anura.io
2	token.rubiconproject.com	www.hngn.com eus.rubiconproject.com
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	ce.lijit.com	1 redirects www.hngn.com
2	creativecdn.com	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	mug.criteo.com	www.hngn.com
2	gum.criteo.com	1 redirects
2	cdn.mgid.com	www.hngn.com
2	hb.brainlyads.com	powerad.ai www.hngn.com
2	reporting.powerad.ai	powerad.ai
2	static.getclicky.com	www.hngn.com
2	www.instagram.com	1 redirects www.hngn.com
2	jsc.mgid.com	www.hngn.com jsc.mgid.com
2	powerad.ai	www.hngn.com powerad.ai
1	id.crwdcntrl.net	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	pixels.ad.gt	p.ad.gt
1	bh.contextweb.com	1 redirects
1	trc.taboola.com	www.hngn.com
1	p.ad.gt	a.ad.gt
1	aufp.io	a.ad.gt
1	sync.adtelligent.com	1 redirects
1	cm.smadex.com	1 redirects
1	pixel.rubiconproject.com	www.hngn.com
1	sync.e-volution.ai	1 redirects
1	cm.lentainform.com	www.hngn.com
1	cm.idealmedia.io	www.hngn.com
1	secure-assets.rubiconproject.com	1 redirects
1	s.adtelligent.com	cm.mgid.com
1	acc68a85681925c9e63ec85f76021991.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	servicer.mgid.com	jsc.mgid.com
1	ads.pubmatic.com	www.hngn.com
1	a.ad.gt	www.hngn.com
1	pixel.zprk.io	powerad.ai
1	c.mgid.com	jsc.mgid.com
1	pixel.quantserve.com	www.hngn.com
1	rules.quantcount.com	secure.quantserve.com
1	www.gstatic.com	www.youtube.com
1	jadserve.postrelease.com	s.ntv.io
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	ads.anura.io	script.anura.io
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	asset.pagefair.net	www.hngn.com
1	asset.pagefair.com	www.hngn.com
1	www.googletagmanager.com	www.hngn.com
1	stat.hngn.com	www.hngn.com
1	secure.quantserve.com	www.hngn.com
1	www.googletagservices.com	www.hngn.com
1	fonts.googleapis.com	1085610534.rsc.cdn77.org
1	s.ntv.io	www.hngn.com
1	platform.instagram.com	1 redirects
1	ajax.googleapis.com	www.hngn.com
1	cdnjs.cloudflare.com	www.hngn.com
1	www.hngn.com
181	80

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
thehill.com
edition.cnn.com
threatpost.com
widgets.mgid.com
www.mgid.com

Subject Issuer	Validity	Valid
*.hngn.com AlphaSSL CA - SHA256 - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
www.cdn77.com R3	`2021-07-15` - `2021-10-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.powerad.ai Go Daddy Secure Certificate Authority - G2	`2020-10-12` - `2021-10-12`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-06-19` - `2021-09-17`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
script.anura.io Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
stat.hngn.com GTS CA 1D4	`2021-06-28` - `2021-09-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
asset.pagefair.com Let's Encrypt Authority X3	`2020-01-22` - `2020-04-21`	3 months	crt.sh
asset.pagefair.net Let's Encrypt Authority X3	`2020-02-08` - `2020-05-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
ads.anura.io Amazon	`2021-07-29` - `2022-08-27`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
hb.brainlyads.com Go Daddy Secure Certificate Authority - G2	`2020-11-23` - `2021-12-25`	a year	crt.sh
*.zprk.io DigiCert TLS RSA SHA256 2020 CA1	`2020-12-11` - `2021-12-15`	a year	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-08-05` - `2021-11-03`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
aufp.io Amazon	`2020-12-26` - `2022-01-24`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Frame ID: 0F2F5A4B0BDEA1AB9349F57F853FF1D4
Requests: 125 HTTP requests in this frame

Frame: https://www.youtube.com/embed/rGYJ8VIIjZo
Frame ID: 3C8A8C2F74FE7704981268CAE3305957
Requests: 17 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Frame ID: 4432E3481096B69F01EE2CE90ADAA3EA
Requests: 7 HTTP requests in this frame

Frame: https://acc68a85681925c9e63ec85f76021991.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9E52DE14B2F45C34BEF9A9EEFB00F4F4
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1628833324953677859029
Frame ID: 1328FE7F848E0F04B24A486BF37C526F
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 64BBEA57F376AA03B8A26A9A817A3B91
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 74E6DDFAC7118F6B62CFA08CC69F0391
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Frame ID: 6A4DD263E330F719FE62976B337B876F
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Frame ID: 0B0F698B4086B46B8FAF925A12AF2440
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 697BC49C3FC30ADC75DACB3EBFA12DCB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 10412B8B6D471A0B31C2888E72574BC1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /moment(?:\.min)?\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

181
Requests

98 %
HTTPS

44 %
IPv6

52
Domains

80
Subdomains

67
IPs

8
Countries

2872 kB
Transfer

7521 kB
Size

19
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/HNGNcom

Search URL Search Domain Scan URL

URL: https://twitter.com/HNGNcom

Search URL Search Domain Scan URL

URL: https://thehill.com/policy/cybersecurity/567458-consulting-group-accenture-hit-by-cyberattack
Title: The Hill

Search URL Search Domain Scan URL

URL: https://edition.cnn.com/2021/08/11/tech/accenture-ransomware/index.html
Title: CNN news.

Search URL Search Domain Scan URL

URL: https://threatpost.com/accenture-lockbit-ransomware-attack/168594/
Title: Threat Post

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=www.hngn.com&utm_medium=referral&utm_campaign=widgets&utm_content=1119438
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193537/i/57453136/0/pp/1/1?h=RTxIuxEVr6GpPLMVZB_nXBQAZPXDdYGVdhjfqvLnr7H9UFcpoaTEMBNRwyXqoFKi&rid=30c37a16-fbf9-11eb-a20b-d0946675f626&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193510/i/57453136/0/pp/2/1?h=RTxIuxEVr6GpPLMVZB_nXFonAvTClEYT7fzxQabkq-Pure3JWFP_hHozDYwbk3Y5&rid=30c37a16-fbf9-11eb-a20b-d0946675f626&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164901/i/57453136/0/pp/3/1?h=RTxIuxEVr6GpPLMVZB_nXKjs2bsEp1llmJbxfZs39dL4UaQM21sTNX27DkxTeXiO&rid=30c37a16-fbf9-11eb-a20b-d0946675f626&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164910/i/57453136/0/pp/4/1?h=RTxIuxEVr6GpPLMVZB_nXGl5EleZD1YKlfTgMpS7CeWPACs4FNr4iIvrbD2ywC59&rid=30c37a16-fbf9-11eb-a20b-d0946675f626&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164883/i/57453136/0/pp/5/1?h=RTxIuxEVr6GpPLMVZB_nXNXyiaID-wjL6jcfhrXJ7yHsW_Yeum9QJDS8Nb3zv3O5&rid=30c37a16-fbf9-11eb-a20b-d0946675f626&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164905/i/57453136/0/pp/6/1?h=RTxIuxEVr6GpPLMVZB_nXIfl-gxkxwTbTnrhtCdtUuzePm-kQwrwFEg4cjFKm5_F&rid=30c37a16-fbf9-11eb-a20b-d0946675f626&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 71

https://sb.scorecardresearch.com/b?c1=2&c2=14401431&ns__t=1628833323987&ns_c=UTF-8&cv=3.5&c8=Global%20Consulting%20Group%20Accenture%20Confirms%20Being%20Hit%20by%20a%20Cyber%20Attack%20%7C%20HNGN%20-%20Headlines%20%26%20Global%20News&c7=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=14401431&ns__t=1628833323987&ns_c=UTF-8&cv=3.5&c8=Global%20Consulting%20Group%20Accenture%20Confirms%20Being%20Hit%20by%20a%20Cyber%20Attack%20%7C%20HNGN%20-%20Headlines%20%26%20Global%20News&c7=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&c9=

Request Chain 74

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 104

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hngn.com%2F&domain=www.hngn.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=EZOELHxNRzA4Zkdib3hjdU1ZalJlVTJ2anVxNXVDUjlwYWlTMDFNU1MwZkdJV1NkWjFNNU5NdFJCR1czZ096NnlCQ2JNRjhZNmlSdGVaQzVEK2t4ZjYyL0NYcTgzcGRwK2RDWERJeGdDdHNSaFdDRHRrditOMGtyY29YSjB2WnRSS0E2a1lNMnNOSUREV0VGRWlzd0ZOdGVJTXBXWW03ZlJmOEkzdXRoWGJQSHlMMm5ESEFrMERwLzdnNWdJM3RzNDN1RDdNUUoxcWJRUlF6bE9kN2xaTXNKMHVwNjZybmVHVXZFSWlpbVJvRDlWL3FvPXw&cppv=2

Request Chain 121

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 123

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=G5k4Qh2g1jI0kai3as0z&pi=mgid&tc=1

Request Chain 124

https://x.bidswitch.net/sync?dsp_id=303&user_id=l7c4Netpq4Gm HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l7c4Netpq4Gm HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=28c21cb3-0978-485a-85d3-6811eec1749a HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=28c21cb3-0978-485a-85d3-6811eec1749a&dnr=1

Request Chain 125

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=c3b2433b-4b3e-4c6c-8870-26b35e22eb97

Request Chain 127

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=b346326c-a292-4f13-a713-36eeedf0aeed&ttl=1631425325

Request Chain 128

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l7c4Netpq4Gm HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=

Request Chain 129

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=1eb4debb-919a-4744-b7d4-5048fc0d372b HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=308275c8-4914-451b-91c5-4403514af507&expires=10&ssp=mgid&bsw_param=1eb4debb-919a-4744-b7d4-5048fc0d372b HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=28c21cb3-0978-485a-85d3-6811eec1749a&gdpr=&gdpr_consent=&us_privacy=

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDdjNE5ldHBxNEdt&muidn=l7c4Netpq4Gm HTTP 302
https://cm.mgid.com/google?muidn=l7c4Netpq4Gm&google_ula={guid},5&google_gid=CAESEKa19Y2F5Ox8PcRvHH91XTc&google_cver=1

Request Chain 131

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
https://cm.mgid.com/m?cdsp=617666&c=72f47439964628b2

Request Chain 134

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3&adnxs_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3Dd8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3%26adnxs_id%3D%24UID HTTP 302
https://ids.ad.gt/api/v1/match?id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3&adnxs_id=5133251339498454286

Request Chain 135

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=b346326c-a292-4f13-a713-36eeedf0aeed&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3

Request Chain 136

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dd8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dd8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=54F3CBD5-8928-41D4-94E7-756E97B22B98&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3 HTTP 302
https://ids.ad.gt/api/v1/g_match?id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3&google_gid=CAESEMRQQUOTGlFpV4XKPhtp6W8&google_cver=1&google_ula=450542624,0

Request Chain 138

https://ids.ad.gt/api/v1/g_hosted?id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZDhmMGM2ZDUtN2JhMy00NDA5LTk1NmYtZGYyZmMzYzBkMmEz

Request Chain 139

https://ids.ad.gt/api/v1/rub?id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3 HTTP 302
https://token.rubiconproject.com/token?pid=50242&puid=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3&gdpr=0

Request Chain 141

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3 HTTP 302
https://ids.ad.gt/api/v1/ppnt_match?uid=6tVmnyDYufR8&ev=1&pid=562316&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3

Request Chain 165

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 166

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

181 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm Show response
www.hngn.com/articles/237247/20210812/ 48 KB
13 KB 257ms
211ms Document
text/html 35.186.240.185
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.240.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 185.240.186.35.bc.googleusercontent.com
Software: nginx / PHP/7.2.34
Resource Hash: b0a173521736f1c1b6d64089e387a9b82427138e545593fc459545c9069444c6

Request headers

:method: GET
:authority: www.hngn.com
:scheme: https
:path: /articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Fri, 13 Aug 2021 05:42:03 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
alt-svc: clear

GET
H2 200 bootstrap-grid.min.css
1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/ 51 KB
5 KB 35ms
8ms Stylesheet
text/css 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/bootstrap-grid.min.css
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5eee2907a397e5475d52c61751bf4862952109df61a476a130dbe4e4a5cfd704

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BA67gjvReQNAA==
x-accel-expires: @1628959718
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"61045526-cc58"
last-modified: Fri, 30 Jul 2021 19:38:14 GMT
server: CDN77-Turbo
x-77-nzt-ray: m1ca7I7wHes=
x-77-cache: HIT
content-type: text/css
x-cache: HIT
x-age: 910405
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 sticky-scroll.css
1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/ 1 KB
578 B 38ms
10ms Stylesheet
text/css 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/sticky-scroll.css
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f51c8c4e7d8401815818dd3a300eb0f07e817b51983a709c4effe203f3371b51

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BCRbpzvDNcNAA==
x-accel-expires: @1628963103
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"610454a1-458"
last-modified: Fri, 30 Jul 2021 19:36:01 GMT
server: CDN77-Turbo
x-77-nzt-ray: FpBAawbhA7o=
x-77-cache: HIT
content-type: text/css
x-cache: HIT
x-age: 907020
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 common.css
1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/ 13 KB
3 KB 38ms
11ms Stylesheet
text/css 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/common.css
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 541777a519518ac6b13c09ecc1842f0ab59ffe1572b342bc87e8e19ebc5e82bd

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BA1pVjvReQNAA==
x-accel-expires: @1628959718
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"61045342-321e"
last-modified: Fri, 30 Jul 2021 19:30:10 GMT
server: CDN77-Turbo
x-77-nzt-ray: TBxVqSEMFcw=
x-77-cache: HIT
content-type: text/css
x-cache: HIT
x-age: 910405
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 subpage.css
1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/ 4 KB
1 KB 39ms
12ms Stylesheet
text/css 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/subpage.css
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d164d9d7d127c0208fe88e68c3c12a3f96ab375aa8ffe5b2114e487b5117e741

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BDeuSvvDNcNAA==
x-accel-expires: @1628963103
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"610453b8-e23"
last-modified: Fri, 30 Jul 2021 19:32:08 GMT
server: CDN77-Turbo
x-77-nzt-ray: KVjnUkhaTWE=
x-77-cache: HIT
content-type: text/css
x-cache: HIT
x-age: 907020
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 common_v056.js Show response
1085610534.rsc.cdn77.org/common/js/common/ 7 KB
3 KB 40ms
13ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1085610534.rsc.cdn77.org/common/js/common/common_v056.js?5xwc2g
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 564909ae57a774bce3a438e2df0cbe3f8794d33acf6715625e87cb06bfa31908

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BAFHz3vReQNAA==
x-accel-expires: @1628959718
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"6104551a-1aeb"
last-modified: Fri, 30 Jul 2021 19:38:02 GMT
server: CDN77-Turbo
x-77-nzt-ray: g+MREcAGETs=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 910405
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 jquery-3.4.0.min.js Show response
1085610534.rsc.cdn77.org/static/common/_v1.0.0/js/ 86 KB
30 KB 46ms
20ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/js/jquery-3.4.0.min.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BBRou3vDNcNAA==
x-accel-expires: @1628963103
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"610454a4-15857"
last-modified: Fri, 30 Jul 2021 19:36:04 GMT
server: CDN77-Turbo
x-77-nzt-ray: K7sAkUtDVHw=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 907020
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 sticky-scroll.js Show response
1085610534.rsc.cdn77.org/static/common/_v1.0.0/js/ 5 KB
1 KB 49ms
22ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/js/sticky-scroll.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a654694c6c72e7d03b87d5668822e38ba10128d48d3fcafef8557c385ebc4911

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BBmkgPvReQNAA==
x-accel-expires: @1628959718
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"610454a1-13f2"
last-modified: Fri, 30 Jul 2021 19:36:01 GMT
server: CDN77-Turbo
x-77-nzt-ray: 5eruuAFqbw4=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 910405
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 scripts.js Show response
1085610534.rsc.cdn77.org/static/common/_v1.0.0/js/ 2 KB
667 B 57ms
31ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/js/scripts.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 225266efa46b4b0ce725ca473a3fd399feda10fea9e6097b27edaeb7bfd06e8f

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BDjRnLvDNcNAA==
x-accel-expires: @1628963103
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"610454a1-6d1"
last-modified: Fri, 30 Jul 2021 19:36:01 GMT
server: CDN77-Turbo
x-77-nzt-ray: PksTs3pLmmE=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 907020
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
1 KB 37ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112059
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 591
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xENpNd%2BJm%2FQBaEjAszvsEWL7nW16vFv7CqhaH7qedA2XpeWk9ePi6h6O9J8VjOQrCUVK1x53Ryefxmtskaiz%2F9dRgqIbMZ1DXh3w5RCPvaC%2FjWqc%2B2tfVwiSTlmB5ZwhViMc3NhCZ2PGkx7UITLjTz3J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67df9e31db2a3258-FRA
expires: Wed, 03 Aug 2022 05:42:03 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
33 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 04:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33621
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 04:37:31 GMT

GET
H2 200 jquery.bxslider.min.js Show response
1085610534.rsc.cdn77.org/static/js/bxslider/ 19 KB
5 KB 14ms
7ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1085610534.rsc.cdn77.org/static/js/bxslider/jquery.bxslider.min.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BAqDCzvDNcNAA==
x-accel-expires: @1628963103
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"61045526-4b9f"
last-modified: Fri, 30 Jul 2021 19:38:14 GMT
server: CDN77-Turbo
x-77-nzt-ray: pO6gePDoQbo=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 907020
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 jquery.lazyload.min.js Show response
1085610534.rsc.cdn77.org/static/js/lazyload/ 3 KB
1 KB 15ms
8ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1085610534.rsc.cdn77.org/static/js/lazyload/jquery.lazyload.min.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 74e585954e99fced036810999783b5d23fd5c10019fc92ad9cca228bc74f98b1

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BDn5vDvDNcNAA==
x-accel-expires: @1628963103
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"610454a1-d36"
last-modified: Fri, 30 Jul 2021 19:36:01 GMT
server: CDN77-Turbo
x-77-nzt-ray: FLua1uuPU/I=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 907020
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 moment.js Show response
1085610534.rsc.cdn77.org/static/js/live_stamp/ 121 KB
28 KB 23ms
16ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1085610534.rsc.cdn77.org/static/js/live_stamp/moment.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 34da66f0997d145341cfb3fc71c794ea32b4c6affa3ff5d9e7e5107170125d1c

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BB81vrvDNcNAA==
x-accel-expires: @1628963103
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"61045342-1e242"
last-modified: Fri, 30 Jul 2021 19:30:10 GMT
server: CDN77-Turbo
x-77-nzt-ray: /IIrECLDWEA=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 907020
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 livestamp.min.js Show response
1085610534.rsc.cdn77.org/static/js/live_stamp/ 1 KB
877 B 24ms
17ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1085610534.rsc.cdn77.org/static/js/live_stamp/livestamp.min.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f2beb92898142c10e2661c03c9d7d6ac4931df2c95fe0ac6b06cda7a4a1b9e02

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BCfzdHvDNcNAA==
x-accel-expires: @1628963103
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"61045342-586"
last-modified: Fri, 30 Jul 2021 19:30:10 GMT
server: CDN77-Turbo
x-77-nzt-ray: 0kdnSqx6r9k=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 907020
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 prebid_sb_2019.js Show response
1085610534.rsc.cdn77.org/common/js/common/ 150 KB
45 KB 54ms
28ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1085610534.rsc.cdn77.org/common/js/common/prebid_sb_2019.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: aa8f4aadaeeedb243de069b890bd59864e538f28f58967ff9fe9754358131105

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BDyayjvDNcNAA==
x-accel-expires: @1628963103
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"610453ac-25708"
last-modified: Fri, 30 Jul 2021 19:31:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: W2v82okcNFw=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 907020
content-encoding: br
x-77-pop: frankfurtDE

GET
H/1.1 200
OK script.js Show response
powerad.ai/ 164 KB
34 KB 388ms
181ms Script
application/javascript 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/script.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 444bccae0d3312cd0e5c679136b1123d3ef2dcb74516b2a23af4e363541346be

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 05:42:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Aug 2021 19:09:00 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"28ea2-17b3177ce77"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H2 200 accenture.jpg
1075914428.rsc.cdn77.org/data/images/full/265459/ 52 KB
52 KB 197ms
181ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/images/full/265459/accenture.jpg?w=594?w=650
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 3a54361ea144443c26b7a04e146516f594c616054c5f87fd650809085323ee55

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BAABcqx
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: 765c6a936ee5ef542c3865568984d251
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: j/k4vJb9q3M=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 hngn.com.1119438.js Show response
jsc.mgid.com/h/n/ 2 KB
1 KB 104ms
55ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/h/n/hngn.com.1119438.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb73e770f7aae88ece7febf7a1aebc1c557439cc74be85c07e86f2cd526c0151

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:03 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1A2H77GNTSN40XP8
last-modified: Wed, 11 Aug 2021 12:20:09 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: B/Ts4ShRF9ye+RAp9CJJJ5kY7HFhr64H1CbzKl/YtRt1mWxBKv/qIJ6GdXZjE2DRPUzK/8WBJ9U=
cf-bgj: minify
server: cloudflare
etag: W/"b671ad590cb043293f8b2d37594dffed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 67df9e32198eedcf-CDG
expires: Fri, 13 Aug 2021 08:42:03 GMT

GET
H2 200 mt-etna-grows-by-100-feet-after-several-months-of-volcanic-activity.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265453/276/183/50/40/ 10 KB
10 KB 29ms
14ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265453/276/183/50/40/mt-etna-grows-by-100-feet-after-several-months-of-volcanic-activity.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 9ed73800827fa7ef04316d5328ac9aaa6c84edb62e0531cca11b087105f4c86e

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BAi5IDvJMQAAA==
x-accel-expires: @1628869511
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: a2754b63c77abe6a892ff85064581de8
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: ZJoqHUQJ9Cs=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 50212
x-77-pop: frankfurtDE

GET
H2 200 oldest-newspaper-dating-back-to-1872-found-inside-a-150-year-old-time-capsule-in-uk.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265458/276/183/50/40/ 17 KB
17 KB 29ms
13ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265458/276/183/50/40/oldest-newspaper-dating-back-to-1872-found-inside-a-150-year-old-time-capsule-in-uk.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: c27990dc99136ff20cc0394a18270e898696fba789d882a03621bd6b201f0f19

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BBwQczv2rIAAA==
x-accel-expires: @1628873937
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: 288489c1e202d839b32060883875b7fb
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: DAg5mZdtVRk=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 45786
x-77-pop: frankfurtDE

GET
H2 200 worlds-largest-real-life-dragon-fossil-unearthed-in-australia-researchers-predict-flying-reptile-lived-over-150-years-ago.png
1075914428.rsc.cdn77.org/data/thumbs/full/265443/276/183/50/40/ 80 KB
81 KB 30ms
15ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265443/276/183/50/40/worlds-largest-real-life-dragon-fossil-unearthed-in-australia-researchers-predict-flying-reptile-lived-over-150-years-ago.png
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: f6f3c8d1d62021b2f453582189435424efc7d160910c0bdf2daac2377153d1c5

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BAhvvPvYAMAAA==
x-accel-expires: @1628918859
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: 7531e866e5802c6937429b023bfd75b1
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: Ts+rBA1PUag=
x-77-cache: HIT
content-type: png
cache-control: max-age=86400, public
x-cache: HIT
x-age: 864
x-77-pop: frankfurtDE

GET
H2 200 archeologists-discover-an-ancient-pompeii-snack-bar-that-served-food-to-tourists-2-000-years-ago-like-today-s-vacation-destinations.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265433/276/183/50/40/ 24 KB
24 KB 27ms
12ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265433/276/183/50/40/archeologists-discover-an-ancient-pompeii-snack-bar-that-served-food-to-tourists-2-000-years-ago-like-today-s-vacation-destinations.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: b05c910ffc2eeee612f1af465cdb868a41116c6bd9245513f4253d15e4c333fc

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BBavvXvYAMAAA==
x-accel-expires: @1628918859
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: d568cc9c28d6b7a8d4294c9080a55441
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: kpLGHevhKhk=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 864
x-77-pop: frankfurtDE

GET
H2 200 known-as-the-smallest-premature-infant-weighing-a-like-an-apple-survived-13-tedious-months.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265409/276/183/50/40/ 16 KB
16 KB 20ms
20ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265409/276/183/50/40/known-as-the-smallest-premature-infant-weighing-a-like-an-apple-survived-13-tedious-months.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 7ea00d16ccc3055b3254bc2d481db8fa8b0a143fe2988b36cabe9ca4f4709883

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BBd6AzvLqIAAA==
x-accel-expires: @1628878205
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: 9e000ebc3a6b57339675a7232a44948c
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: fkROr0JjkEQ=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 41518
x-77-pop: frankfurtDE

GET
H2 200 the-secret-of-stonehenge-that-made-it-last-for-5-000-years-in-pristine-condition.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265353/276/183/50/40/ 14 KB
14 KB 7ms
6ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265353/276/183/50/40/the-secret-of-stonehenge-that-made-it-last-for-5-000-years-in-pristine-condition.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: bcae1ecc3fc0fc918f83e6a301a918f9186ae0ad0496873a7bac0fd592cc12bf

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BBFQJ3vrzMBAA==
x-accel-expires: @1628840956
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: 8190490f479b0bda90a5e0579eee6d7a
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: QpgpPy/dg9A=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 78767
x-77-pop: frankfurtDE

GET
H2 200 ancient-cave-lions-roamed-siberia-in-the-ice-age.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265357/276/183/50/40/ 27 KB
27 KB 7ms
6ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265357/276/183/50/40/ancient-cave-lions-roamed-siberia-in-the-ice-age.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 506c1a22a2efae73199727ea986a8f29c1e887356eb5c4668fe9174341f94a3c

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BDrZ13vrzMBAA==
x-accel-expires: @1628840956
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: 1cf17f58a157d8390a5c9002339f940d
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 2ZYCZls+QoA=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 78767
x-77-pop: frankfurtDE

GET
H2 200 ancient-roman-armory-in-spain-discovered-dating-back-to-100-b-c-in-son-catlar-spain.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265321/276/183/50/40/ 26 KB
27 KB 7ms
7ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265321/276/183/50/40/ancient-roman-armory-in-spain-discovered-dating-back-to-100-b-c-in-son-catlar-spain.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: cd0085b00403c0d308a7e6a1a2555cb2d23d96e87bbb41bd0d38dd718c5f15bd

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BCrVHTvrjMBAA==
x-accel-expires: @1628840957
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: 0a5c0b09714ac1acd325ac4e2f833ceb
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: B3UGFP6efOU=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 78766
x-77-pop: frankfurtDE

GET
H2 200 why-britney-spears-father-abruptly-decides-to-step-down-as-daughters-60-million-estate-conservator.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265479/276/183/50/40/ 21 KB
21 KB 117ms
117ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265479/276/183/50/40/why-britney-spears-father-abruptly-decides-to-step-down-as-daughters-60-million-estate-conservator.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 31ca0f584a83492b0797f0146550c21d7e2fdea2062cf02db9a7cf77ae39107f

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BCdn0Wx
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: cf7f1696282552c42650c2e69cf60d31
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: mVaWbYy5M5c=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 meghan-markles-dad-brands-her-liar-claims-she-has-changed-since-meeting-prince-harry.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265473/276/183/50/40/ 7 KB
8 KB 8ms
6ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265473/276/183/50/40/meghan-markles-dad-brands-her-liar-claims-she-has-changed-since-meeting-prince-harry.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 47844f010ce9707a006ee179348d21477b4f12e2ec15aec31f82d2ad40fd89e5

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BDuMAbvgg4AAA==
x-accel-expires: @1628916009
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: eb3008b6549ac70a69bbd2ba854b9dc1
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: dnxcYkPDOGU=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 3714
x-77-pop: frankfurtDE

GET
H2 200 multiple-fatalities-in-plymouth-shooting.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265472/276/183/50/40/ 14 KB
14 KB 8ms
6ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265472/276/183/50/40/multiple-fatalities-in-plymouth-shooting.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 0da149f7a156c3a204ef0d3c34e41201cf02b5d0b1072d6381646ba7ec66d9e8

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BA0++jvYAMAAA==
x-accel-expires: @1628918859
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: 87778d5001b4b1e3b766735ae745a7f0
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: LiWm51exraQ=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 864
x-77-pop: frankfurtDE

GET
H2 200 afghan-forces.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265468/276/183/50/40/ 21 KB
21 KB 8ms
6ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265468/276/183/50/40/afghan-forces.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: e95f2fe4f20e6df3b4701e32e13818b51452a02d05e393bc50efd7d32ec32b45

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BA9okjvYAMAAA==
x-accel-expires: @1628918859
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: 17ca9f82d3c4e5dd7077acbebd673073
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 46vEPSdQ/8k=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 864
x-77-pop: frankfurtDE

GET
H2 200 house-committee-on-foreign-affairs-holds-hearing-on-afghanistan-withdrawal.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265476/276/183/50/40/ 11 KB
11 KB 8ms
7ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265476/276/183/50/40/house-committee-on-foreign-affairs-holds-hearing-on-afghanistan-withdrawal.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: eb9b0b08b74e5f2096c0ebe7fad41a6f5fa93d7ebbaf5777eaf46ddfa5d6ea92

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BD1npjvehYAAA==
x-accel-expires: @1628913969
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: c941299c4981ed10f35347c72248bb94
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: d+83EtlkIJI=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 5754
x-77-pop: frankfurtDE

GET
H2 200 2-000-extra-stimulus-checks.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265371/276/183/50/40/ 13 KB
13 KB 27ms
24ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265371/276/183/50/40/2-000-extra-stimulus-checks.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 2bb65dbcedb15bf4be093fb5fdb95634d22536ec018777bacd0dbe29dd4fcdc5

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BAPb8DvXSMBAA==
x-accel-expires: @1628845134
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: e7914197d78dbf9e413fd4cfcb82396b
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: ekH2+riKJnQ=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 74589
x-77-pop: frankfurtDE

GET
H2 200 cash.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265448/276/183/50/40/ 17 KB
17 KB 28ms
24ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265448/276/183/50/40/cash.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: dcc317ac090d5b2586aadfd60c838f5ebf16647ac3c59ff4a5b5d9c76a633652

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BDV8E7vYAMAAA==
x-accel-expires: @1628918859
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: 07f706d85246f45a6d125e2e64366b20
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: VhbL1UrE8AQ=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 864
x-77-pop: frankfurtDE

GET
H2 200 fourth-stimulus-checks-economists-senators-are-among-supporters-of-2-000-monthly-payments-will-they-affect-the-decision-making.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265385/276/183/50/40/ 17 KB
17 KB 27ms
25ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265385/276/183/50/40/fourth-stimulus-checks-economists-senators-are-among-supporters-of-2-000-monthly-payments-will-they-affect-the-decision-making.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: bdc525823431a6a65bbcc9adee65d5310e2bf2d8b6c2017b66176fc651f0f780

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BBS4cnvZVABAA==
x-accel-expires: @1628833606
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: 2044a7b9ee6b91d39ddca9c6b3e49963
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: BpSYAs65P0c=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 86117
x-77-pop: frankfurtDE

GET
H2 200 unemployment-tax-refund-when-and-who-will-receive-the-average-1-600-surprise-payment-from-the-irs.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265396/276/183/50/40/ 14 KB
15 KB 27ms
26ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265396/276/183/50/40/unemployment-tax-refund-when-and-who-will-receive-the-average-1-600-surprise-payment-from-the-irs.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: a7a4a846490929f0ce497177a9881dd47db8774328a681d3e764c6cb029a96a2

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BCVfYvvZVABAA==
x-accel-expires: @1628833606
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: 2e8380aa75be3a7374c721ff71c71fd9
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: gR9vEwXsq8I=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 86117
x-77-pop: frankfurtDE

GET
H2 200 when-will-the-surprise-stimulus-check-worth-8-000-arrive-and-who-will-get-paid.jpg
1075914428.rsc.cdn77.org/data/thumbs/full/265419/276/183/50/40/ 28 KB
29 KB 9ms
6ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1075914428.rsc.cdn77.org/data/thumbs/full/265419/276/183/50/40/when-will-the-surprise-stimulus-check-worth-8-000-arrive-and-who-will-get-paid.jpg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 06a0cddd4322939662fb5d6bd7d96f2bf97fe4dae288b1ed7ef2771fa2b54f76

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BDJZXLvYAMAAA==
x-accel-expires: @1628918859
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: ca0fa9055dbf8e330ed8538fe333c928
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: P96E43O6DRs=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 864
x-77-pop: frankfurtDE

GET
H3-29

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

14ms
6ms

Script
text/javascript

2a03:2880:f21c:81e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 06:50:54 GMT
content-encoding: br
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-length: 4824
priority: u=3,i

Redirect headers

date: Fri, 13 Aug 2021 05:42:03 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: ash
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control: max-age=21600
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-29 200 badge.gif
static.getclicky.com/media/links/ 241 B
630 B 37ms
25ms Image
image/gif 2606:4700::6810:dd1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.getclicky.com/media/links/badge.gif
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:03 GMT
cf-cache-status: HIT
age: 118371
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 241
last-modified: Wed, 13 Apr 2016 00:13:35 GMT
server: cloudflare
etag: "570d8f2f-f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 67df9e320a714333-FRA
x-proxy-cache: HIT
expires: Fri, 20 Aug 2021 05:42:03 GMT

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 57ms
31ms Script
text/javascript 2606:4700::6810:dd1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0db02fa8ce349e5c3629825f3cb63deed4803ba6b383f81eb2a882be89e4e07

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:03 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 118372
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 20 Aug 2021 05:42:03 GMT
cache-control: public, max-age=604800
cf-ray: 67df9e31ca062b22-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-proxy-cache: HIT

GET
H2 200 counter_ssl.js Show response
1085610534.rsc.cdn77.org/common/js/stat/ 743 B
593 B 6ms
6ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1085610534.rsc.cdn77.org/common/js/stat/counter_ssl.js?v=11
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 08895426c0d9a9330b4b4988d244fb0f964082f78b8a929db01792481c508e49

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BBUqTPvra8NAA==
x-accel-expires: @1628973182
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"61045426-2e7"
last-modified: Fri, 30 Jul 2021 19:33:58 GMT
server: CDN77-Turbo
x-77-nzt-ray: oWgpp44JBcs=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 896941
content-encoding: br
x-77-pop: frankfurtDE

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 372 KB
109 KB 212ms
135ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a5af03a5bdb55c279a8a39ace4f489409ea5e705deb7cd714a402d1613f2b91c

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 05:42:04 GMT
Content-Encoding: gzip
x-amz-request-id: XC20QKGQ931BF7X8
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: Ws/r25B7ikgXgNEAFIPyC49BeoxDMJ0NGXXK3BYEF6FAF7ScllAGhuVkOCZa1cvOFps30DoXI2Y=
Last-Modified: Thu, 12 Aug 2021 16:55:48 GMT
Server: AmazonS3
ETag: "c4af65485bc5bd857ddd7016be41f7c1"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 400 css2
fonts.googleapis.com/ 0
0 16ms
16ms Stylesheet
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400,700&display=swap
Requested by: Host: 1085610534.rsc.cdn77.org
URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/common.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://1085610534.rsc.cdn77.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 request.js Show response
script.anura.io/ 47 KB
47 KB 174ms
66ms Script
application/javascript 18.169.27.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2238638024&source=hngn&campaign=headlines%2Farticles&exid=anura_hngn_1564932387497&callback=_anuraResFun&894735601126

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.27.96 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-27-96.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a8431292de65c7b919c5e515000b0cfc815a6e734a55931bf8c2187148fb6eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:03 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
x-content-type-options: nosniff
expires: Sun, 28 Dec 1980 18:57:00 EST
server: nginx
content-type: application/javascript; charset=utf-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 72 KB
25 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a261facc3c25a98741ca34eb156b218628d3e4aff9e5e93a7a27a90a5a49acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "957 / 938 of 1000 / last-modified: 1628806397"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25250
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:42:03 GMT

GET
H2 200 rGYJ8VIIjZo Show response
www.youtube.com/embed/ Frame 3C8A 55 KB
24 KB 75ms
48ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/rGYJ8VIIjZo

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d42d096781661ab599cda276c4efcc1cffb37a6d680eebd2e9b2728834b97d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/rGYJ8VIIjZo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hngn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hngn.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 13 Aug 2021 05:42:03 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=xlG-A7GbM_0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=Fo103-xe1Q8; Domain=.youtube.com; Expires=Wed, 09-Feb-2022 05:42:03 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+438; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 logo.png
1085610534.rsc.cdn77.org/static/common/_v1.0.0/images/ 4 KB
5 KB 20ms
17ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/images/logo.png
Requested by: Host: 1085610534.rsc.cdn77.org
URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/common.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecbc53228bc074755adc8c53f2c8a7fc4167273c1aad7f718420a16715bd61d9

Request headers

Referer: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BDV5NvvsrQNAA==
x-accel-expires: @1628971897
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: "610453b8-1162"
last-modified: Fri, 30 Jul 2021 19:32:08 GMT
server: CDN77-Turbo
x-77-nzt-ray: 2CZE/ysSZn4=
x-77-cache: HIT
content-type: image/png
x-cache: HIT
x-age: 898226
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 4450

GET
H2 200 social_facebook2.svg
1085610534.rsc.cdn77.org/static/common/_v1.0.0/images/ 292 B
481 B 21ms
18ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/images/social_facebook2.svg
Requested by: Host: 1085610534.rsc.cdn77.org
URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/common.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7ea092aec1729726d18a39b68a1e922904bff37a6e959b758294f686242f22f3

Request headers

Referer: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BB8gJ/vsrQNAA==
x-accel-expires: @1628971897
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"61045526-124"
last-modified: Fri, 30 Jul 2021 19:38:14 GMT
server: CDN77-Turbo
x-77-nzt-ray: QQSdugGlJxQ=
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 898226
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 social_twitter2.svg
1085610534.rsc.cdn77.org/static/common/_v1.0.0/images/ 765 B
703 B 21ms
19ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/images/social_twitter2.svg
Requested by: Host: 1085610534.rsc.cdn77.org
URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/common.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: be0ebf1949614b24e0537b586c50dddaccfd8e99b40d5c5c861a87d97ce3b5d7

Request headers

Referer: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BAL+HLvsrQNAA==
x-accel-expires: @1628971897
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"61045429-2fd"
last-modified: Fri, 30 Jul 2021 19:34:01 GMT
server: CDN77-Turbo
x-77-nzt-ray: UFcWXvrAl0Q=
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 898226
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 search.svg
1085610534.rsc.cdn77.org/static/common/_v1.0.0/images/ 300 B
464 B 20ms
19ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/images/search.svg
Requested by: Host: 1085610534.rsc.cdn77.org
URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/common.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: befd962e67684637d385b83fb363c2b0af4d41936263b8bec9e8bbd4b9fc270c

Request headers

Referer: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BAjqtPvsncNAA==
x-accel-expires: @1628987513
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"61045525-12c"
last-modified: Fri, 30 Jul 2021 19:38:13 GMT
server: CDN77-Turbo
x-77-nzt-ray: Bvull3v32HY=
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 882610
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 clock.svg
1085610534.rsc.cdn77.org/static/common/_v1.0.0/images/ 299 B
462 B 19ms
18ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/images/clock.svg
Requested by: Host: 1085610534.rsc.cdn77.org
URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/common.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 90d2e7f48cf6ba02e758f0eb92c762cd6923e099c0b2460befdd1fc70280c693

Request headers

Referer: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BBIhQfvsrQNAA==
x-accel-expires: @1628971897
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"61045429-12b"
last-modified: Fri, 30 Jul 2021 19:34:01 GMT
server: CDN77-Turbo
x-77-nzt-ray: tj+YA8Uu7Ac=
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 898226
content-encoding: br
x-77-pop: frankfurtDE

GET Akkurat-Regular.woff
1085610534.rsc.cdn77.org/static/common/_v1.0.0/fonts/ 0
0

GET Akkurat-Regular.ttf
1085610534.rsc.cdn77.org/static/common/_v1.0.0/fonts/ 0
0

GET
H2 200 newsletter.gif
1085610534.rsc.cdn77.org/static/common/_v1.0.0/images/ 2 KB
2 KB 16ms
16ms Image
image/gif 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/images/newsletter.gif
Requested by: Host: 1085610534.rsc.cdn77.org
URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/subpage.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: da44a3c570cfe1d463f5c11930ad06ddd6dd1dbe2404d7696114c5c258ba3d17

Request headers

Referer: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/subpage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BD0r6nvrK8NAA==
x-accel-expires: @1628973183
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: "61045429-643"
last-modified: Fri, 30 Jul 2021 19:34:01 GMT
server: CDN77-Turbo
x-77-nzt-ray: IXtvl9dEuEA=
x-77-cache: HIT
content-type: image/gif
x-cache: HIT
x-age: 896940
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 1603

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 405ms
35ms Script
application/javascript 91.228.74.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.226 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 20 Aug 2021 05:42:04 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 94ms
30ms Script
application/javascript 54.192.219.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-96.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:28:49 GMT
via: 1.1 0d8fb9ea76ca48d1884fa97507d30086.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 795
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: MRS52-P2
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: tO_PGplgAzrsjiThTgvxwjegdjp4Ol7hoUUqIBfXPbe7Vk9JJlHTaQ==

GET
H2 200 counter_gif.gif
stat.hngn.com/stat/ 180 B
180 B 419ms
127ms Image
image/gif 35.186.220.80
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.hngn.com/stat/counter_gif.gif?article_id=237247&w=1600&h=1200&ref=
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.220.186.35.bc.googleusercontent.com
Software: nginx/1.14.2 / PHP/7.2.18
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
via: 1.1 google
content-type: image/gif
server: nginx/1.14.2
x-powered-by: PHP/7.2.18
alt-svc: clear
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-33231537-1

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9909bc825a53a676499636dca3a5c8d1bb6305549fbd4b161df08ae20b13c151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40874
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Aug 2021 05:42:03 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 38ms
13ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: Dp0TOsNvV7P6XdRVKtVyShYN3N85CEFksm4zN9EoCJKyIeL9BMlmWCUqqVAlDyKgwfMC3FZDTxuy5eg6IuPk3Q==
x-fb-trip-id: 1709462857
x-frame-options: DENY
date: Fri, 13 Aug 2021 05:42:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 social_feed2.svg
1085610534.rsc.cdn77.org/static/common/_v1.0.0/images/ 771 B
731 B 12ms
11ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/images/social_feed2.svg
Requested by: Host: 1085610534.rsc.cdn77.org
URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/common.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d59672e1613b36638ddaef6143bb25aafe8abf856d090f9c2b0744b058acd429

Request headers

Referer: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/css/common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BDgkwfvsrQNAA==
x-accel-expires: @1628971897
date: Fri, 13 Aug 2021 05:42:03 GMT
via: 1.1 google
etag: W/"61045429-303"
last-modified: Fri, 30 Jul 2021 19:34:01 GMT
server: CDN77-Turbo
x-77-nzt-ray: cshEcPS3c/g=
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 898226
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 measure.min.js Show response
asset.pagefair.com/ 2 B
330 B 384ms
19ms Script
application/javascript 94.31.29.248
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.pagefair.com/measure.min.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.248 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.248.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
last-modified: Tue, 11 Feb 2020 22:50:25 GMT
server: NetDNA-cache/2.2
x-amz-request-id: WPHYW9CAB5X02M21
etag: "7bc0ee636b3b83484fc3b9348863bd22"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2
x-amz-id-2: /MxZsOfmjS/I15Tu6j8nfAaztvrC4JtBNcdmBo9AsDA7T8LbbZK40vUIVP5jvpJoFDAHjtqp0Vc=
expires: Sat, 14 Aug 2021 05:42:04 GMT

GET
H2 200 ads.min.js Show response
asset.pagefair.net/ 0
349 B 383ms
19ms Script
application/x-javascript 108.161.188.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.pagefair.net/ads.min.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.128 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: gzip
last-modified: Fri, 09 Mar 2018 17:19:02 GMT
server: NetDNA-cache/2.2
x-amz-request-id: F05GPYNH5F6SRC4E
etag: "263dfc0b0e2e32b880781aa6f238a031"
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=7200
accept-ranges: bytes
content-length: 31
x-amz-id-2: BjdTmICyRJ5kJgqxkGHt0eI3HeQcfDI4pD4b0K9ZVbnJkuoFY5crNXPwKln/ARQNS4UIOIt/fYM=

GET
H3-29 200 hngn.com.1119438.es6.js Show response
jsc.mgid.com/h/n/ 230 KB
65 KB 83ms
57ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/h/n/hngn.com.1119438.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/n/hngn.com.1119438.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e43a92be629fc3c4067bf49aaaec9cca4e7968cf62ddf83848af0e823772bfc1

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1A2TKJENYM503JS3
last-modified: Wed, 11 Aug 2021 12:20:09 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: Xpcco0DrZH67bhhGPdsrk4beSKXOqfNfK2l/irrImUu4/2z78HuLejDQc6mU7ElPLGZdc9jafSc=
cf-bgj: minify
server: cloudflare
etag: W/"8cdc2c288780e87b8657472251b855f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 67df9e32cb590487-CDG
expires: Fri, 13 Aug 2021 08:42:03 GMT

GET
H2 200 pubads_impl_2021080901.js Show response
securepubads.g.doubleclick.net/gpt/ 330 KB
115 KB 41ms
40ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

ee42c91f297eb0f204bf184600c3194d54e6908830639db14e37b5b158ea0ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 08:37:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117636
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:42:03 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 106 B
749 B 104ms
37ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.hngn.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

3954209d5509a9b83746f5cdbc2c8aad7e5d5bdf955ee15a4a76290cdbe95c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:42:04 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/50e823fc/ Frame 3C8A 328 KB
45 KB 20ms
6ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rGYJ8VIIjZo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9995890adfe6c6d117c0774fa1a895fc5588115ff7712b1838e059aaf6f5953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/rGYJ8VIIjZo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 54105
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46094
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:40:18 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/50e823fc/www-embed-player.vflset/ Frame 3C8A 193 KB
64 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rGYJ8VIIjZo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd45d78a8d809985739cee4bd27276157a2b7e7dc4068156a22fa922b6ee00bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/rGYJ8VIIjZo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65204
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 14:40:18 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 3C8A 2 MB
494 KB 26ms
12ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rGYJ8VIIjZo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091d0d2297eafd7c4f3cf2a5b009e3ac9830ea24780ac19b6be083176c6e870a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/rGYJ8VIIjZo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53926
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 505743
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:43:17 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/50e823fc/fetch-polyfill.vflset/ Frame 3C8A 8 KB
3 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rGYJ8VIIjZo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/rGYJ8VIIjZo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 54105
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:40:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3C8A 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rGYJ8VIIjZo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 288882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 21:27:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33231537-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 329
date: Fri, 13 Aug 2021 05:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 13 Aug 2021 07:36:34 GMT

GET
H3-29 200 2710269859043146 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 50ms
50ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2710269859043146?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

992a8d27078387adf7e5bcd9de7e4fb60b9c3fe5e84808e4e561240a83e434e7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: bmgAIY2pd+9COiCR2nvhdk+/65D5iny+Y40rBo+hb0YIX66BAtI5Y0p2sMY7+E2KJRc2xmBTOkst6HS9/RkI5A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 13 Aug 2021 05:42:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=14401431&ns__t=1628833323987&ns_c=UTF-8&cv=3.5&c8=Global%20Consulting%20Group%20Accenture%20Confirms%20Being%20Hit%20by%20a%20Cyber%20Attack%20%7C%20HNGN%...
https://sb.scorecardresearch.com/b2?c1=2&c2=14401431&ns__t=1628833323987&ns_c=UTF-8&cv=3.5&c8=Global%20Consulting%20Group%20Accenture%20Confirms%20Being%20Hit%20by%20a%20Cyber%20Attack%20%7C%20HNGN...

64 B
329 B

69ms
69ms

Image
image/gif

54.192.219.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=14401431&ns__t=1628833323987&ns_c=UTF-8&cv=3.5&c8=Global%20Consulting%20Group%20Accenture%20Confirms%20Being%20Hit%20by%20a%20Cyber%20Attack%20%7C%20HNGN%20-%20Headlines%20%26%20Global%20News&c7=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&c9=
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-96.mrs52.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
via: 1.1 0d8fb9ea76ca48d1884fa97507d30086.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: dj4iSz6YNQQngziCKL71hlM072NKcH6WmQqfetlbW7Io_cdfZH_L8Q==

Redirect headers

date: Fri, 13 Aug 2021 05:42:04 GMT
via: 1.1 0d8fb9ea76ca48d1884fa97507d30086.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=14401431&ns__t=1628833323987&ns_c=UTF-8&cv=3.5&c8=Global%20Consulting%20Group%20Accenture%20Confirms%20Being%20Hit%20by%20a%20Cyber%20Attack%20%7C%20HNGN%20-%20Headlines%20%26%20Global%20News&c7=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&c9=
content-length: 394
x-amz-cf-id: dXm29T1YwhedhC-JFw423xwEtE6jMEuivutjbko-oxkQRx-jCyV6Rg==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1477237514&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&ul=en-us&de=UTF-8&dt=Global%20Consulting%20Group%20Accenture%20Confirms%20Being%20Hit%20by%20a%20Cyber%20Attack%20%7C%20HNGN%20-%20Headlines%20%26%20Global%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAAC~&jid=1419478056&gjid=363667762&cid=1094091952.1628833324&tid=UA-33231537-1&_gid=469830687.1628833324&_r=1&gtm=2ou8b0&z=1346889839

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hngn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1477237514&t=event&_s=2&dl=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&ul=en-us&de=UTF-8&dt=Global%20Consulting%20Group%20Accenture%20Confirms%20Being%20Hit%20by%20a%20Cyber%20Attack%20%7C%20HNGN%20-%20Headlines%20%26%20Global%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=article&ea=article3&_u=4GBAAUABAAAAAC~&jid=&gjid=&cid=1094091952.1628833324&tid=UA-33231537-1&_gid=469830687.1628833324&gtm=2ou8b0&cd1=Neil%20Pelayre&cd2=News&cd3=Headlines&cd4=article&cd5=&cd6=237247&z=164770575

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 04:45:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3387
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 3C8A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

36ms
34ms

XHR
application/json

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rGYJ8VIIjZo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86150004b71bc71c4b7ce86e66ca89b3ddd82ae4b2641d329a9abf307c3b7c23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 13 Aug 2021 05:42:04 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 3C8A 29 B
522 B 26ms
5ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:40:37 GMT
x-content-type-options: nosniff
age: 87
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Aug 2021 05:55:37 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 3C8A 95 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b0febca2d4760da3faefbc01776bb09e424d642978f1e808917da3a43cb026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/rGYJ8VIIjZo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53927
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29765
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:43:17 GMT

GET
H2 200 vJ8tIrz-gTB0vokfxcLZt2_KaJ_dmdc0dMZBJXrrXQg.js Show response
www.google.com/js/th/ Frame 3C8A 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/vJ8tIrz-gTB0vokfxcLZt2_KaJ_dmdc0dMZBJXrrXQg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9f2d22bcfe813074be891fc5c2d9b76fca689fdd99d73474c641257aeb5d08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 06:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13206
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:30:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 06:12:10 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 3C8A 25 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb0d709906ae03ee405aa0270235921ba881289489b042c0ec25365fc03e83a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/rGYJ8VIIjZo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53624
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7489
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:48:20 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 20ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2710269859043146&ev=PageView&dl=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&rl=&if=false&ts=1628833324173&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628833324172.1739025055&it=1628833323953&coo=false&rqm=GET

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 13 Aug 2021 05:42:04 GMT

GET
H2 200 showads.js Show response
ads.anura.io/ 0
296 B 144ms
30ms XHR
application/javascript 52.84.45.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.anura.io/showads.js?329102738769
Requested by: Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2238638024&source=hngn&campaign=headlines%2Farticles&exid=anura_hngn_1564932387497&callback=_anuraResFun&894735601126
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.45.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-45-52.mrs52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 10:28:05 GMT
via: 1.1 57f18a988739f5feaf34dc974846ac6d.cloudfront.net (CloudFront)
server: nginx
age: 69239
access-control-allow-methods: GET
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-pop: MRS52-P1
x-amz-cf-id: hHWZo0-Z0IzIcMEAzGm3Foh1wWq1Ns6ZGYxT7a8_Yd6BzAse7BYrsQ==

GET
DATA 200
OK truncated
/ Frame 3C8A 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRkGOEZdclV7JIw7ttiyf9f98bXn7G808ln8amF=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 3C8A 3 KB
3 KB 26ms
6ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRkGOEZdclV7JIw7ttiyf9f98bXn7G808ln8amF=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rGYJ8VIIjZo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

782caa9c7fad1fd7517f5ea91464fa1d00dcde1f9792b5c5738d6a2662298faa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 04:35:27 GMT
x-content-type-options: nosniff
age: 3997
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2634
x-xss-protection: 0
server: fife
etag: "v7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 06 Jul 2021 22:57:02 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/rGYJ8VIIjZo/ Frame 3C8A 105 KB
106 KB 37ms
16ms Image
image/webp 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/rGYJ8VIIjZo/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rGYJ8VIIjZo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24da6388c1d5a42b0fc96d4bc5c5a7a186967d410140e18ffa1c92e59f2af1c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
vary: Origin
server: sffe
x-content-type-options: nosniff
age: 0
etag: "1628727487"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
content-type: image/webp
cache-control: public, max-age=300
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107978
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:47:04 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 115 B
538 B 301ms
100ms Script
text/javascript 18.213.12.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.12.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-12-146.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 122
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 307ms
101ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 13 Aug 2021 05:42:04 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H2 200 pbjs_wrapper.v1.0.js Show response
hb.brainlyads.com/ Frame 4432 24 KB
8 KB 304ms
98ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

4fa133245f5eb628f213649100cfc52f3a657aa301f6ce72ae8d4adc206d1095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 13:11:43 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"61127b0f-61ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 14 Aug 2021 05:42:04 GMT

GET
H/1.1 200
OK / Show response
powerad.ai/pubPls/ 2 KB
2 KB 298ms
101ms XHR
text/html 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 8ba58b8f0f223700339eee7cb6b7bb41fe1e19d33c15e412d25fdc21eebe597e

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 05:42:04 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"9a2-I9c4GoXMvESn+OG6Eni48GkKCFo"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.hngn.com
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 3C8A 4 KB
2 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:42:04 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 3C8A 0
9 B 6ms
5ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?PGQ-BQ
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/rGYJ8VIIjZo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 rules-p-Kz9nWn42M9CXh.js Show response
rules.quantcount.com/ 2 B
352 B 58ms
30ms Script
application/javascript 2600:9000:2104:de00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Kz9nWn42M9CXh.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 04:54:15 GMT
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
server: AmazonS3
age: 2869
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: AMS1-C1
content-length: 2
x-amz-cf-id: IvdXwd8itIKxfWhoF90b-1tGHgxPh2-xKbrbdwuAcu1DJPd5OxAn9w==

GET
H2 200 pixel;r=1620904336;rf=0;a=p-Kz9nWn42M9CXh;url=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm;uh=48f4cfcf8ddc;uht=0...
pixel.quantserve.com/ 35 B
371 B 38ms
36ms Image
image/gif 91.228.74.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1620904336;rf=0;a=p-Kz9nWn42M9CXh;url=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm;uh=48f4cfcf8ddc;uht=0;fpan=1;fpa=P0-713177482-1628833324439;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=hngn.com;je=0;sr=1600x1200x24;dst=1;et=1628833324439;tzo=-120;ogl=type.article%2Curl.https%3A%2F%2Fwww%252Ehngn%252Ecom%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-%2Csite_name.HNGN%20-%20Headlines%20%26%20Global%20News%2Cimage.https%3A%2F%2F1075914428%252Ersc%252Ecdn77%252Eorg%2Fdata%2Fimages%2Ffull%2F265459%2Faccenture%252Ejpg%2Ctitle.Global%20Consulting%20Group%20Accenture%20Confirms%20Being%20Hit%20by%20a%20Cyber%20Attack%2Cdescription.Accenture%252C%20a%20global%20consulting%20company%252C%20revealed%20on%20Wednesday%20that%20it%20had%20been%20t

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.226 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
281 B 118ms
117ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1628833324498255972741&uniqId=16316&childs=1121480&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&lu=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&sessionId=6116062c-15968&pageView=1&pvid=17b3e081dd285e221bf&site=703698&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/n/hngn.com.1119438.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67df9e362c80edcf-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 39ms
37ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 1582
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: B9201827F81D32DC
x-amz-id-2: oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 67df9e364c9cedcf-CDG
expires: Sat, 14 Aug 2021 05:42:04 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
813 B 47ms
45ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 4472
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 67df9e364c9eedcf-CDG
expires: Sat, 14 Aug 2021 05:42:04 GMT

POST
H2 200 response.json Show response
script.anura.io/ 75 B
425 B 130ms
74ms XHR
application/json 18.169.27.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2238638024&source=hngn&campaign=headlines%2Farticles&exid=anura_hngn_1564932387497&callback=_anuraResFun&894735601126

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.27.96 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-27-96.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

299314890466749022e6906a76ce2dd43967fa4327bfc1914fe01dccc170f3e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H/1.1 200 Hc6PdfQeAi.js Show response
pixel.zprk.io/v5/pixeljs/ 3 KB
3 KB 681ms
168ms Script
text/plain 3.1.182.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.1.182.12 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-1-182-12.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 05:42:04 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 2753
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Content-Type: text/plain;charset=UTF-8

GET
H2 200 251 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 573ms
199ms Script
application/javascript 44.227.231.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&ref=
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.227.231.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-227-231-197.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 5439e76190ad3b5578c54ee0c8c413bc54516126943aa52eab0acd3038518d2f

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:05 GMT
server: nginx/1.18.0
content-length: 3252
content-type: application/javascript

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 101ms
100ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 13 Aug 2021 05:42:04 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 4432 169 KB
55 KB 123ms
38ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5b912a789556a9204298fda6cad09ad6cbf255e6efe8cb75f96d4dba640b025b

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 07:54:25 GMT
server: Apache/2.2.15 (CentOS)
etag: "10a1110-2a203-5c2316fa15c01"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=48361
accept-ranges: bytes
content-type: text/javascript
content-length: 55286
expires: Fri, 13 Aug 2021 19:08:05 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
18 B 15ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryg4Sphzz6ctBH94DI

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 13 Aug 2021 05:42:04 GMT
content-type: text/plain
access-control-allow-origin: https://www.hngn.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 prebid.js Show response
hb.brainlyads.com/ Frame 4432 454 KB
140 KB 103ms
102ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

97ee0fae588810acc50b48264a5010384d0f821e5867580b84175d736afbef20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 12:25:54 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"610a8752-71792"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 14 Aug 2021 05:42:04 GMT

POST
H2 200 result.json Show response
script.anura.io/ 41 B
396 B 47ms
47ms XHR
application/json 18.169.27.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/result.json

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.27.96 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-27-96.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 72ms
24ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hngn.com%2F&domain=www.hngn.com&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.hngn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.hngn.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1385
date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4432
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hngn.com%2F&domain=www.hngn.com&cw=1
https://mug.criteo.com/sid?cpp=EZOELHxNRzA4Zkdib3hjdU1ZalJlVTJ2anVxNXVDUjlwYWlTMDFNU1MwZkdJV1NkWjFNNU5NdFJCR1czZ096NnlCQ2JNRjhZNmlSdGVaQzVEK2t4ZjYyL0NYcTgzcGRwK2RDWERJeGdDdHNSaFdDRHRrditOMGtyY29YSj...

342 B
604 B

67ms
25ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=EZOELHxNRzA4Zkdib3hjdU1ZalJlVTJ2anVxNXVDUjlwYWlTMDFNU1MwZkdJV1NkWjFNNU5NdFJCR1czZ096NnlCQ2JNRjhZNmlSdGVaQzVEK2t4ZjYyL0NYcTgzcGRwK2RDWERJeGdDdHNSaFdDRHRrditOMGtyY29YSjB2WnRSS0E2a1lNMnNOSUREV0VGRWlzd0ZOdGVJTXBXWW03ZlJmOEkzdXRoWGJQSHlMMm5ESEFrMERwLzdnNWdJM3RzNDN1RDdNUUoxcWJRUlF6bE9kN2xaTXNKMHVwNjZybmVHVXZFSWlpbVJvRDlWL3FvPXw&cppv=2

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ee41f081315835d648cf8ef29adc9535fd4c330efda231cf4d6eb1bd36a8f99c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 13 Aug 2021 05:42:04 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2054
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 13 Aug 2021 05:42:04 GMT
location: https://mug.criteo.com/sid?cpp=EZOELHxNRzA4Zkdib3hjdU1ZalJlVTJ2anVxNXVDUjlwYWlTMDFNU1MwZkdJV1NkWjFNNU5NdFJCR1czZ096NnlCQ2JNRjhZNmlSdGVaQzVEK2t4ZjYyL0NYcTgzcGRwK2RDWERJeGdDdHNSaFdDRHRrditOMGtyY29YSjB2WnRSS0E2a1lNMnNOSUREV0VGRWlzd0ZOdGVJTXBXWW03ZlJmOEkzdXRoWGJQSHlMMm5ESEFrMERwLzdnNWdJM3RzNDN1RDdNUUoxcWJRUlF6bE9kN2xaTXNKMHVwNjZybmVHVXZFSWlpbVJvRDlWL3FvPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hngn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1632
content-length: 482
expires: 0

GET
H2 200 1 Show response
servicer.mgid.com/1119438/ 4 KB
2 KB 91ms
90ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1119438/1?pv=5&cbuster=1628833324797600110484&uniqId=16316&childs=1121480&niet=4g&nisd=false&jsv=es6&w=792&h=498&p3_w=256&p3_h=209&maxw_3=256&maxh_3=209&cols=3&ref=&cxurl=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&lu=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&sessionId=6116062c-15968&pageView=1&pvid=17b3e081dd285e221bf&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/n/hngn.com.1119438.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79714685ebe3683c2fbfa85d71c32064a5532c237231f59b1148230cc745928c

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67df9e380dddedcf-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hngn.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hngn.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 87 KB
14 KB 434ms
433ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4089345260301033&correlator=508130936381064&output=ldjh&impl=fifs&eid=31062030%2C31062142%2C31062234%2C20211866%2C31062181%2C31062297&vrg=2021080901&ptt=17&sc=1&sfv=1-0-38&ecs=20210813&iu_parts=21697271410%2Chngn%2Cheadlines%2Carticles&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C400x300%2C300x250%7C300x600%7C160x600%7C300x1050%2C1x1%2C1x1&ists=3&prev_scp=pos%3Dtop%7Cpos%3Dright1%7Cpos%3Dright2%7Cpos%3Doop1%7Cpos%3Doop2&eri=1&cust_params=article_id%3D237247%26NoPassAN%3DN&cookie_enabled=1&bc=31&abxe=1&lmt=1628833324&dt=1628833324811&dlt=1628833323706&idt=325&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C1085%2C1085%2C0%2C0&adys=-9%2C946%2C1608%2C3593%2C3593&adks=2102878497%2C1795627850%2C4264698447%2C238343253%2C238343254&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C300x-1%7C300x-1%7C1600x0%7C1600x0&msz=0x-1%7C300x-1%7C300x-1%7C1600x0%7C1600x0&ga_vid=1094091952.1628833324&ga_sid=1628833325&ga_hid=1477237514&ga_fc=false&fws=2%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&btvi=-1%7C0%7C1%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

a923dee6dd0303aa8f28d85256b9f0e6297617ac333b93921fdfdc15b08a55a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14285
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hngn.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
acc68a85681925c9e63ec85f76021991.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9E52 6 KB
3 KB 61ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://acc68a85681925c9e63ec85f76021991.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: acc68a85681925c9e63ec85f76021991.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hngn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hngn.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 13 Aug 2021 05:42:04 GMT
expires: Sat, 13 Aug 2022 05:42:04 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp
s-img.mgid.com/g/8193537/492x277/0x168x510x340/ 41 KB
42 KB 129ms
81ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193537/492x277/0x168x510x340/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp?v=1628833324-ckC58jEHg1iPa7zY09jwJRCp5Bui3JB4udyNVGBat5g
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f144441391ff81772d6f60ba9138e81f0a78f76739f2d123aa6d09cca8920f66

Request headers

Origin: https://www.hngn.com
Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:33:43 GMT
x-mg-request-uuid: f0761a0e-712d-42a8-a867-7feaaf039fbd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67df9e38ff73405b-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 42384
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTAtMTEvMTAxOTI0LzJiNTlhYjQ1M2I3YTIxYjI3YTQwZGZlYWZhNTUxYWQ4LmpwZWc_dD0xNTA3NzM0ODcwMjM4.webp
s-img.mgid.com/g/8193510/492x277/0x0x753x502/ 10 KB
10 KB 142ms
95ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193510/492x277/0x0x753x502/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTAtMTEvMTAxOTI0LzJiNTlhYjQ1M2I3YTIxYjI3YTQwZGZlYWZhNTUxYWQ4LmpwZWc_dD0xNTA3NzM0ODcwMjM4.webp?v=1628833324-lKlVpgMgsl3DOnrFediyITk6j1-SrvKq-S9ks2MutBw
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8acb4ea1f7e562e5072a0f74dfa7d0b3aaf3dfc3e35020ebd80862e034294726

Request headers

Origin: https://www.hngn.com
Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:43:24 GMT
x-mg-request-uuid: e494915f-5a0f-45c1-a075-39175c791e9e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67df9e38ff75405b-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9916
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp
s-img.mgid.com/g/8164901/492x277/0x65x849x566/ 13 KB
13 KB 120ms
73ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164901/492x277/0x65x849x566/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp?v=1628833324-NOfi2L09LtpSUGSQTVMdiFJ-Fdd-Gh0ICDy01leZs10
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3ee1cdc7144e4539afae36a7be015b7d83711f150f767eff5fd896d92060aa2

Request headers

Origin: https://www.hngn.com
Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:23:22 GMT
x-mg-request-uuid: 2d6cb2ae-6921-4e53-b6ba-0e97f926bdd0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67df9e38ff76405b-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12968
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTAxOTI0L2YwOGJiYTYyZTZiNTczY2MzZThhMzY1ZTUyMjU2ZWQ0LmpwZWc.webp
s-img.mgid.com/g/8164910/492x277/0x9x612x408/ 14 KB
14 KB 93ms
47ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164910/492x277/0x9x612x408/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTAxOTI0L2YwOGJiYTYyZTZiNTczY2MzZThhMzY1ZTUyMjU2ZWQ0LmpwZWc.webp?v=1628833324-gIP7piGpmCZ2Dd5CYUaFYWAGSKgWFtMDk1OMXjUtnuY
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c0ef80323054aab1bee05be3c407fff2d06ca00783e1790a3ee9efaec3d3ef

Request headers

Origin: https://www.hngn.com
Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:20:32 GMT
x-mg-request-uuid: cc7fbc20-bd74-4fb3-9fbf-d3408f0b8988
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67df9e38ff79405b-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14052
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.mgid.com/g/8164883/492x277/0x0x492x328/ 11 KB
11 KB 89ms
43ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164883/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1628833324-mOksf8K2Tc3ey8DKj6WUgFvnJKNqBxB9W1MmQF4THBo
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a4439966cf3114fcfbe92d56d21b21810b5f3a0f138032a7e665113f2c754a7

Request headers

Origin: https://www.hngn.com
Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:21:57 GMT
x-mg-request-uuid: 55e55985-f461-468b-9d6f-ba38b4c01ae8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67df9e38ff7b405b-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10766
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2IyMTJiNDkzOTg5YTgxYjAxMTg4YjQxNGRlNGY1MmE5LmpwZWc.webp
s-img.mgid.com/g/8164905/492x277/0x0x903x602/ 13 KB
13 KB 113ms
66ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164905/492x277/0x0x903x602/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2IyMTJiNDkzOTg5YTgxYjAxMTg4YjQxNGRlNGY1MmE5LmpwZWc.webp?v=1628833324-CqOZ5l0Qvde4ZbpcF_zaGN9_ZK5H87o5k2YAssu19Gs
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 859e2ed82fc916a849e3d830d54aab50105850e0bf65d5214aebf5d3f9b4b6d9

Request headers

Origin: https://www.hngn.com
Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:04 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:20:22 GMT
x-mg-request-uuid: 3495991c-987b-4d5d-97de-491271bc152a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67df9e38ff7e405b-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13046
server: cloudflare

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 143ms
22ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 973
date: Fri, 13 Aug 2021 05:42:04 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
867 B 86ms
85ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1628833324941573357732
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/n/hngn.com.1119438.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 053f126c55d6d9b27cfce9d5f86bd9357524278463a035f6c3ca70b8fb728994

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: cd8c83b1-4e53-4065-a6b8-78f83dbebbb1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67df9e38fe5aedcf-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 1328 19 B
164 B 79ms
79ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1628833324953677859029
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/n/hngn.com.1119438.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 540f20f4-84e5-4425-814c-4101c7a8769d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67df9e38fe66edcf-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 204 b
sb.scorecardresearch.com/ 0
338 B 51ms
51ms Image
text/plain 54.192.219.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1628833325002&ns_c=UTF-8&cv=3.5&c8=Global%20Consulting%20Group%20Accenture%20Confirms%20Being%20Hit%20by%20a%20Cyber%20Attack%20%7C%20HNGN%20-%20Headlines%20%26%20Global%20News&c7=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&c9=
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-96.mrs52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:05 GMT
via: 1.1 0d8fb9ea76ca48d1884fa97507d30086.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: wvuEXH8O5II8SkoPnYTx09C5OJKZ6eIFUSapz9PCr3UzcPeEAf9vUg==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 64BB 1 KB
880 B 78ms
24ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=658327
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1628833324941573357732
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.hngn.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hngn.com/

Response headers

Server: VertaMedia 1.0
Date: Fri, 13 Aug 2021 05:42:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 600
Access-Control-Allow-Origin: https://www.hngn.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 74E6
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

87ms
28ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1628833324941573357732
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.hngn.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hngn.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 13 Aug 2021 05:42:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Fri, 13 Aug 2021 05:42:05 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
413 B 139ms
88ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l7c4Netpq4Gm
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67df9e39cee63318-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=G5k4Qh2g1jI0kai3as0z&pi=mgid&tc=1

43 B
506 B

74ms
74ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=G5k4Qh2g1jI0kai3as0z&pi=mgid&tc=1
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: aa031757-abcd-4bda-84cf-90935425fb37
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67df9e3a48a20487-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=G5k4Qh2g1jI0kai3as0z&pi=mgid&tc=1
pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT, Fri, 13 Aug 2021 05:42:05 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l7c4Netpq4Gm
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l7c4Netpq4Gm
https://ce.lijit.com/merge?pid=26&3pid=28c21cb3-0978-485a-85d3-6811eec1749a
https://ce.lijit.com/merge?pid=26&3pid=28c21cb3-0978-485a-85d3-6811eec1749a&dnr=1

0
433 B

39ms
38ms

Image
text/plain

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=26&3pid=28c21cb3-0978-485a-85d3-6811eec1749a&dnr=1
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 05:42:05 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 05:42:05 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=26&3pid=28c21cb3-0978-485a-85d3-6811eec1749a&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=c3b2433b-4b3e-4c6c-8870-26b35e22eb97

43 B
554 B

79ms
78ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=c3b2433b-4b3e-4c6c-8870-26b35e22eb97
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9f0d7cd3-ab89-41d9-be55-3c9e76946b14
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67df9e3ddabb0487-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=c3b2433b-4b3e-4c6c-8870-26b35e22eb97
date: Fri, 13 Aug 2021 05:42:05 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
496 B 135ms
83ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l7c4Netpq4Gm
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67df9e39da5939ed-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=b346326c-a292-4f13-a713-36eeedf0aeed&ttl=1631425325

43 B
506 B

79ms
79ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=b346326c-a292-4f13-a713-36eeedf0aeed&ttl=1631425325
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: a22f214f-c938-4064-bb1f-6908b40edc81
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67df9e3a68b60487-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=b346326c-a292-4f13-a713-36eeedf0aeed&ttl=1631425325
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l7c4Netpq4Gm
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=

0
239 B

140ms
37ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 05:42:05 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=1eb4debb-919a-4744-b7d4-5048fc0d372b
https://x.bidswitch.net/sync?dsp_id=340&user_id=308275c8-4914-451b-91c5-4403514af507&expires=10&ssp=mgid&bsw_param=1eb4debb-919a-4744-b7d4-5048fc0d372b
https://cm.mgid.com/m?cdsp=433145&c=28c21cb3-0978-485a-85d3-6811eec1749a&gdpr=&gdpr_consent=&us_privacy=

43 B
523 B

76ms
76ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=28c21cb3-0978-485a-85d3-6811eec1749a&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 32da75f9-45e3-4ed5-b068-25cb9b7d0593
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67df9e3bb9b30487-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=28c21cb3-0978-485a-85d3-6811eec1749a&gdpr=&gdpr_consent=&us_privacy=
date: Fri, 13 Aug 2021 05:42:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDdjNE5ldHBxNEdt&muidn=l7c4Netpq4Gm
https://cm.mgid.com/google?muidn=l7c4Netpq4Gm&google_ula={guid},5&google_gid=CAESEKa19Y2F5Ox8PcRvHH91XTc&google_cver=1

0
369 B

82ms
82ms

Image
text/plain

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l7c4Netpq4Gm&google_ula={guid},5&google_gid=CAESEKa19Y2F5Ox8PcRvHH91XTc&google_cver=1
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67df9e3b09320487-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l7c4Netpq4Gm&google_ula={guid},5&google_gid=CAESEKa19Y2F5Ox8PcRvHH91XTc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

m
cm.mgid.com/ Frame 64BB
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
https://cm.mgid.com/m?cdsp=617666&c=72f47439964628b2

43 B
538 B

75ms
75ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617666&c=72f47439964628b2
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=658327
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 5fc67eec-e9b6-4ce7-a0ac-8c42c7f3f409
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67df9e3cfa5c0487-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

Location: https://cm.mgid.com/m?cdsp=617666&c=72f47439964628b2
Date: Fri, 13 Aug 2021 05:42:04 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 558ms
183ms Script
application/javascript 44.236.74.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.74.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-74-78.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:05 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 19:40:08 GMT
server: nginx/1.18.0
etag: W/"1628797208.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Fri, 13 Aug 2021 17:42:05 GMT

GET
H2 200 251 Show response
p.ad.gt/api/v1/p/ 25 KB
8 KB 558ms
186ms Script
application/javascript 34.208.245.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/251
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.245.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-245-208.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8027119f899b59c2af3b0ccb2c7d1323fb3891a1235ab54309fe5337b92cd1c6

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:05 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 19:38:44 GMT
server: nginx/1.18.0
etag: W/"1628797124.0-26098-2710964840"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Fri, 13 Aug 2021 17:42:05 GMT

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3&adnxs_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3Dd8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3%26adnxs_id%3D%24UID
https://ids.ad.gt/api/v1/match?id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3&adnxs_id=5133251339498454286

43 B
566 B

545ms
342ms

Image
image/gif

52.43.149.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3&adnxs_id=5133251339498454286
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.149.174 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-149-174.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:05 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 13 Aug 2021 17:42:05 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 05:42:05 GMT
X-Proxy-Origin: 82.102.18.235; 82.102.18.235; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3bd610cb-ca31-4a33-b168-dc203aac03f2
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3&adnxs_id=5133251339498454286
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3
https://ids.ad.gt/api/v1/t_match?tdid=b346326c-a292-4f13-a713-36eeedf0aeed&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3

43 B
569 B

568ms
195ms

Image
image/gif

52.43.149.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=b346326c-a292-4f13-a713-36eeedf0aeed&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.149.174 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-149-174.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:05 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 13 Aug 2021 17:42:05 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=b346326c-a292-4f13-a713-36eeedf0aeed&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dd8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dd8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3
https://ids.ad.gt/api/v1/pbm_match?pbm=54F3CBD5-8928-41D4-94E7-756E97B22B98&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3

43 B
573 B

382ms
199ms

Image
image/gif

52.43.149.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=54F3CBD5-8928-41D4-94E7-756E97B22B98&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.149.174 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-149-174.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:05 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 13 Aug 2021 17:42:05 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=54F3CBD5-8928-41D4-94E7-756E97B22B98&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3
date: Fri, 13 Aug 2021 05:42:05 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3
https://ids.ad.gt/api/v1/g_match?id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3&google_gid=CAESEMRQQUOTGlFpV4XKPhtp6W8&google_cver=1&google_ula=450542624,0

43 B
572 B

469ms
199ms

Image
image/gif

52.43.149.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3&google_gid=CAESEMRQQUOTGlFpV4XKPhtp6W8&google_cver=1&google_ula=450542624,0
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.149.174 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-149-174.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:05 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 13 Aug 2021 17:42:05 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3&google_gid=CAESEMRQQUOTGlFpV4XKPhtp6W8&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZDhmMGM2ZDUtN2JhMy00NDA5LTk1NmYtZGYyZmMzYzBkMmEz

170 B
188 B

77ms
39ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZDhmMGM2ZDUtN2JhMy00NDA5LTk1NmYtZGYyZmMzYzBkMmEz

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZDhmMGM2ZDUtN2JhMy00NDA5LTk1NmYtZGYyZmMzYzBkMmEz
date: Fri, 13 Aug 2021 05:42:05 GMT
server: nginx/1.18.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H/1.1

204
No Content

token
token.rubiconproject.com/
Redirect Chain

https://ids.ad.gt/api/v1/rub?id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3
https://token.rubiconproject.com/token?pid=50242&puid=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3&gdpr=0

0
214 B

35ms
34ms

Image
text/plain

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3&gdpr=0
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://token.rubiconproject.com/token?pid=50242&puid=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3&gdpr=0
date: Fri, 13 Aug 2021 05:42:05 GMT
server: nginx/1.18.0
content-length: 417
content-type: text/html; charset=utf-8

GET
H2 200 cm
trc.taboola.com/sg/audigent/1/ 43 B
229 B 29ms
15ms Image
image/gif 2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3Dd8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 13 Aug 2021 05:42:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628833325.348411,VS0,VE9
x-served-by: cache-fra19133-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

ppnt_match
ids.ad.gt/api/v1/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3
https://ids.ad.gt/api/v1/ppnt_match?uid=6tVmnyDYufR8&ev=1&pid=562316&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3

43 B
466 B

261ms
260ms

Image
image/gif

52.43.149.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ppnt_match?uid=6tVmnyDYufR8&ev=1&pid=562316&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.149.174 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-149-174.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:05 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 13 Aug 2021 17:42:05 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://ids.ad.gt/api/v1/ppnt_match?uid=6tVmnyDYufR8&ev=1&pid=562316&id=d8f0c6d5-7ba3-4409-956f-df2fc3c0d2a3
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-84459f4bbf-mxbgh
expires: -1

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 74E6 31 KB
10 KB 32ms
32ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b0a7438fc8cab82d754146a72ab30a81c3edece242c9e72effdea4128bd212e1

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 05:42:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17586
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9360
Expires: Fri, 13 Aug 2021 10:35:11 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame 6A4D 188 KB
55 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Fri, 13 Aug 2021 02:47:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 02:47:46 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 6A4D 13 KB
5 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Fri, 13 Aug 2021 02:47:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 02:47:46 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 6A4D 87 KB
27 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Fri, 13 Aug 2021 02:47:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 02:47:46 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 6A4D 4 KB
2 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Fri, 13 Aug 2021 02:47:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 02:47:46 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 6A4D 40 KB
13 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10458
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Fri, 13 Aug 2021 02:47:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 02:47:47 GMT

GET
DATA 200
OK truncated
/ Frame 6A4D 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e62cbee7dde661bf5724f4eebbb6344a54adae4e6678514d3a28237fd026fbfa

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 16421090754967596429
tpc.googlesyndication.com/simgad/ Frame 6A4D 76 KB
76 KB 8ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16421090754967596429?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmi8ZO-pHwmXFhPOSoRYKxTTI1g9w

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

354055a9e3ce542167aea5e40f0e1b21fed8a1f54bccd4d94351d88b5da7f6b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:37:08 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 06:56:48 GMT
server: sffe
age: 439497
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77581
x-xss-protection: 0
expires: Mon, 08 Aug 2022 03:37:08 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6A4D 2 KB
3 KB 18ms
17ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 15:34:33 GMT
x-content-type-options: nosniff
server: cafe
age: 50852
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 13 Aug 2021 15:34:33 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6A4D 295 B
568 B 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 12:37:33 GMT
x-content-type-options: nosniff
server: cafe
age: 61472
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 13 Aug 2021 12:37:33 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 6A4D 0
0 25ms
24ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPOnXA9PYgsZLOnwhXVyRWkmzmn3Hf1L8CCENOhvvM93V4lhHflLQ1dlhjbIq5JVzlBGDc
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6A4D 0
0 43ms
42ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFL_mLAYWYemHNo_f7gPPnImQD6yfya1ky6ORkJUO_9GivcABEAEg3vWGhAFg-4GAgIgKoAGD7v_tAsgBAqkC2OHc4rxQfz7gAgCoAwHIAwiqBM0CT9Bfjzupv8zf7acarwU_1rsInbvBOGK9NLE-f1JQdoN042hwjw0rvyI-R1hchHuHMM9Da7oujzPeDAEX3yhAE-FEziwWkJZS1I8vt_6qC4ngg3GzL2VeQgrjCp9SU7NmBgBYFRqZzYEUBhHbQinZNQG_6MY1KedDCj4_EOKpiC7XJTHHG9TtjQlYH7pp5ziufvQIlJ8K4NcqUB6h4vh4gg0CFa0iNrH1sHO9MUxPOiOqjD9603vUc7ZG5wHhrIBJU4Fnz_uH0wcQEphdhERfIlZaitSanJdEzSAEziEt2_cC_tsvBVWR0RWZdz9_30-WYu1P180M2EE6ySW4CuqubY8YuK6vtFOElc3-0cdPw5hpoltodkObg0p-AFZfk5yEqF1gnwifhyjti3mJLHSpVo0J9A8WBPu8ncrcWDr4JaNxirf8tjH3Zz807RqnwAS677OU3wPgBAGSBQQIBBgBkgUECAUYBKAGAoAH5ZGAkgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQyK8S0ggJCIDhgHAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTQ5NzE5NDk0MDM2MDI1MDkYvpVs&sigh=Rl-N2MO-2Z0
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 74E6 284 B
536 B 134ms
36ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame 0B0F 188 KB
54 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Fri, 13 Aug 2021 02:47:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 02:47:46 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 0B0F 13 KB
5 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Fri, 13 Aug 2021 02:47:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 02:47:46 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 0B0F 87 KB
27 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Fri, 13 Aug 2021 02:47:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 02:47:46 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 0B0F 4 KB
2 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Fri, 13 Aug 2021 02:47:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 02:47:46 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 0B0F 40 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10458
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Fri, 13 Aug 2021 02:47:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 02:47:47 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0B0F 2 KB
2 KB 15ms
13ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 8567
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 14 Aug 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0B0F 295 B
319 B 15ms
13ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Aug 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 59664
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 13 Aug 2021 13:07:41 GMT

GET
DATA 200
OK truncated
/ Frame 0B0F 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1681030fcef528431dabd5ba6538f1a4c3a5834f5d5d7969d3de2f8aeb06f0f

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 15873578358372837456
tpc.googlesyndication.com/daca_images/simgad/ Frame 0B0F 108 KB
108 KB 15ms
12ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15873578358372837456

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cf8633b09ee6fe9121f9a0ff731a45eea9316029917d709e62e5280fc28b893

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 05:12:48 GMT
x-content-type-options: nosniff
age: 174557
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110855
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 06:17:17 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Aug 2022 05:12:48 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0B0F 0
0 42ms
39ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSW8eLAYWYeqHNo_f7gPPnImQD9rQrrRk_MzQzbMOloLNhYgWEAEg3vWGhAFg-4GAgIgKoAHI_qunAsgBAqkCeW_Z9Ww_gT7gAgCoAwHIAwiqBNECT9CwzkXDU7931O4puCPFJkLR1f9qWI5lYNDbUFzQlQXXbcDUSKbPiIrWJMs7HRtOJeAiQBJ8uCP51C631M_S60sVv1-nofpyqcO7pOp-qEv05_LqxnbCt0Bru3oohF5W6_yvMXTLUxbJZaz5yUQZwe4vtBJDMtreX-D_-PyUEyzQifmFHkruqOeTykPZ4uKM8uvbQJQ8DkbKjeL0BCZEKaNCENgs7ezm22sWS8VP3FFMRalOu8uSM5c7LyvZXGEgxHyiTZKFT8b67dv8tMCcvfzJQBjplEZDWTdsUH1JWVwPU6ucy2fpRO3G7f3QJQn39C3C86XYmPQzZ4eGJugCL2g_liJjuqPJ8IU954IXluydMw_ABlVco6OP2iMp4VEkio7AtM26IC-lXKHBe81qFM2spMl9LKTEIYcl1_-uaE2xvWMruMuuu4I4rLRXPvqQZ8AEzs-C9dcD4AQBkgUECAQYAZIFBAgFGASgBgKAB8mJ9uIBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELCAC9IICQiA4YBwEAEYHYAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi00OTcxOTQ5NDAzNjAyNTA5GL6VbA&sigh=VHml4GLZG4o
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6A4D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
13ms

Image
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 13 Aug 2021 05:42:05 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0B0F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 13 Aug 2021 05:42:05 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 557ms
183ms Script
text/plain 52.89.213.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=2495c822500a9626af6c084ec8cccf2d&url=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.213.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-213-37.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 13 Aug 2021 05:42:06 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3-29 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 255 KB
73 KB 13ms
13ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ca6fb6eb443e9507c02f97b64c85a387fde233a0ada7ccedd6394d43c35ac00

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74897
x-xss-protection: 0
pragma: public
x-fb-debug: uBfTzQyO5hnH+sT5F/7u9aXgGLGmTby6QGrf+xOOztxkb9W7AT1g/qFKlfRAN6bMZKTJTvA7zcpv8It3MTiNyQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 13 Aug 2021 05:42:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 12ms
12ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 04:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3506
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:43:39 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 04:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2731
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:56:34 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.hngn.com%2Farticles%2F237247%2F20210812%2Fglobal-consulting-group-accenture-confirms-being-hit-cyber-attack.htm&rl=&if=false&ts=1628833325775&cd[partner_id]=251&cd[tagger_id]=2495c822500a9626af6c084ec8cccf2d&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628833324172.1739025055&it=1628833323953&coo=false&tm=1&rqm=GET

Requested by

Host: www.hngn.com
URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 13 Aug 2021 05:42:05 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryHq2HHIE010Aq6CXi

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 13 Aug 2021 05:42:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.hngn.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3C8A 28 B
54 B 21ms
21ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/rGYJ8VIIjZo
X-YouTube-Client-Version: 1.20210811.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtGbzEwMy14ZTFROCirjNiIBg%3D%3D
X-YouTube-Ad-Signals: dt=1628833323990&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C792%2C409&vis=1&wgl=true&ca_type=image&bid=ANyPxKquHZh3bXpZxoNmFnREUUNDaHIfQQPIBFPx_lSCac8A3lahsOvMqSLg-TgAzUHJi1dp3tnH2Bd1mUOuEA80TRrCV00RTg

Response headers

date: Fri, 13 Aug 2021 05:42:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:42:06 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 38ms
18ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021080901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9081c48dcb39d288a7b284bf7e591a02a63b000dfbebfcd8ed934acd2150b91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 05:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8429
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:42:06 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 697B 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hngn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hngn.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 13 Aug 2021 03:08:55 GMT
expires: Sat, 13 Aug 2022 03:08:55 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1041 783 B
532 B 16ms
16ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

10b0321a048a819d6f9968b125573c944edf9bed9ba87de4772c80be44f23613

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-scFZdYHZJ21eBRNJPuG98Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hngn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hngn.com/

Response headers

expires: Fri, 13 Aug 2021 05:42:06 GMT
date: Fri, 13 Aug 2021 05:42:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-scFZdYHZJ21eBRNJPuG98Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js Show response
pagead2.googlesyndication.com/bg/ Frame 697B 35 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 16:32:05 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 28ms
28ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021080901&jk=4089345260301033&bg=!ammlaS3NAAbOj6irzo87ACkAdvg8Wo8OXkRsDMkwKWeVxq3E5uTYOTMRhAHnahGKCgoYkwdmjX8qiAIAAAA_UgAAAAdoAQeZAnfJXI-EX-LhUAPzZS8SYAzRruJtN4HEyxlLP2grez8vDvgInIpaNebAWFRsUJ0xJp9P11gr6iCaM1JBOJIVTJH5tYyoW-GEXBnL6vBakgCvkjj1-D7gOuxYyIim5_gwblLKpF3rJw3FqMpaw3nd_bIn5cpj8_S_J9e9WGD_sB644ScY4fFQdjUeBV1CCc29iRiF5E1iWnW6D2Qz8PvAbHBACReav9UIR8yiVWLQo4dtO07yHwJw4mT9uKVJu7TNwY32_qKhDOFpZ1YGfoG6iMkGYQbocufgl36cUxMDXN8HaXK69uIPzkT_qW3FFYmeTa_GfU_QTlqGqgGqLJa8k_hsTEcpVrlqXdct8aP58WgLTiGnaSQO0PUheqHM9r0vchHP4HRN_2nuXZwKhGBF2VuDusnZl3oJsPm7HpRQVgBpQgN-azmGSsYvYh19R2R4Yu1Tst7UVXYkDQ9ZQFOTAS2h9aZKpXcXxSVT6OLgVpsmbMvTdOGnCuwedYv_wf-NIaDLc14oU5AFA-dIFi126p7Gs3xx2oei9saMUWUy9-9upWFUIYcDQMjp25apDN4HKmUs-U7AF6f9u-Vza-vdlHzMAUV5po1krCaKx351Y4Xe-8bcj3KWOe97854tG-xHSbg07vuPzv0ZKhKHpN4uq5DsEXVD1RfBFNUwuLdI2XSTIgnnG4Xr44yfEX0VWArdTIHwtrs8hH0sa5INpS1jZWfqRl5Q2rLbqDeDZbwdsE8bSaOqQKQ37NhoehEbSFNpNyNHQnukewkgnEpLUkxlI0Py5e7WK2rn0LkORwbHArfvo1RoxraZtoSj_3j_ZLL9yNXZMQUDTUJY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame 4432 44 B
326 B 70ms
24ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 13 Aug 2021 05:42:06 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.hngn.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 4432 77 B
825 B 123ms
46ms XHR
application/json 52.18.12.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.12.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-12-237.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: eb5ce0378ba517bdb0343cffb50154f21140f17e71a04bc2bfbdde61db04fdfd

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:42:06 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.hngn.com
cache-control: no-cache
x-server: 10.45.25.40
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 77
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 4432 108 B
659 B 38ms
38ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: ddc931577c4534e562518749632815704f465ea3e2099609ef3538e697a68a18

Request headers

Referer: https://www.hngn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 13 Aug 2021 05:42:06 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hngn.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Sun, 12 Sep 2021 05:42:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 1085610534.rsc.cdn77.org
URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/fonts/Akkurat-Regular.woff

Domain: 1085610534.rsc.cdn77.org
URL: https://1085610534.rsc.cdn77.org/static/common/_v1.0.0/fonts/Akkurat-Regular.ttf

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adtelligent.com/	1970-01-19 21:56:30	Name: vmuid Value: 72f47439964628b2
.hngn.com/	1970-01-20 05:48:49	Name: __gads Value: ID=d9b677016c498ec9:T=1628833324:S=ALNI_MYLZEl8L2S5IPK1k5pmywHOaSgL0g
.youtube.com/	1970-01-20 00:46:25	Name: VISITOR_INFO1_LIVE Value: Fo103-xe1Q8
www.hngn.com/	1970-01-20 05:48:56	Name: cto_bundle Value: 8mghjV9PZGh5c3JBVk1sNjJ2MnM1VFBOQ2hFQzJBcllHaTNmJTJGN2JXZ013bkhWNlNRZ09PVkpHQ3RqZ2VRM05lY3RmWFB5ZlR1blFjTndQbXBKcFZUSVF6RnYzUFJUM2d4YVowcGM3cGE2TSUyQnglMkZmYzEyNXRQWG1pMzVNNlpLSzUxMXBpdA
www.hngn.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C1119438%22%3A%7B%22page%22%3A1%2C%22time%22%3A1628833324902%7D%7D
.hngn.com/	1970-01-19 21:10:25	Name: _pubcid Value: fc4258e1-965c-4e72-b8b5-30dfa58cc9e0
.hngn.com/	1970-01-19 21:10:25	Name: 0671504c615efb6e7d264fa5c254d4de Value: YzlkNzZjNGZlYWYyMDk4ZWFhZThiOGJmMGVjYWRiOTU%3D
www.hngn.com/	1970-01-19 21:10:25	Name: _pbjs_userid_consent_data Value: 3524755945110770
.hngn.com/	1970-01-19 22:36:49	Name: _fbp Value: fb.1.1628833324172.1739025055
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: xlG-A7GbM_0
.hngn.com/	1970-01-19 20:27:13	Name: 32dd9f3f289b604b1bd894476d807aae Value: MQ%3D%3D
www.hngn.com/	1970-01-20 05:48:56	Name: cto_bidid Value: c_5qqF8xdnZRWVRwbVNZZ1JuJTJCSzJVWGc4SlMwREVJWDQ2TzVHMWtNWnYzR0FWMjU0NXVkdHJCcHFxakxhUTlDelRVZ1BtaEY5eW9PbzlUeUNMQjhvbzNQMnZBJTNEJTNE
.hngn.com/	1970-01-19 20:27:13	Name: _gat_gtag_UA_33231537_1 Value: 1
www.hngn.com/articles/237247/20210812	1969-12-31 23:59:59	Name: ntvSession Value: {}
.hngn.com/	1970-01-19 20:28:39	Name: _gid Value: GA1.2.469830687.1628833324
.hngn.com/articles/237247/20210812	1969-12-31 23:59:59	Name: _dlt Value: 1
.hngn.com/	1970-01-20 13:58:25	Name: _ga Value: GA1.2.1094091952.1628833324
.hngn.com/	1970-01-20 05:51:42	Name: __qca Value: P0-713177482-1628833324439
www.hngn.com/	1970-01-19 20:27:34	Name: cfvbt Value: incongruous_browser

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm(Line 583) Message: cfvbt ck:incongruous_browser
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js(Line 6) Message: google_DisableInitialLoad is deprecated and will be removed. Please use googletag.pubads().isInitialLoadDisabled() instead to check if initial load has been disabled.
console-api	debug	URL: https://script.anura.io/request.js?instance=2238638024&source=hngn&campaign=headlines%2Farticles&exid=anura_hngn_1564932387497&callback=_anuraResFun&894735601126(Line 17) Message: [object HTMLImageElement]
console-api	debug	URL: https://script.anura.io/request.js?instance=2238638024&source=hngn&campaign=headlines%2Farticles&exid=anura_hngn_1564932387497&callback=_anuraResFun&894735601126(Line 49) Message:
console-api	log	URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm(Line 101) Message: Anura exid: anura_hngn_1564932387497
console-api	log	URL: https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm(Line 104) Message: Anura : bad
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js(Line 1) Message: fun-hooks: referenced 'checkAdUnitSetup' but it was never created
console-api	warning	URL: https://hb.brainlyads.com/prebid.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	debug	URL: https://jsc.mgid.com/h/n/hngn.com.1119438.es6.js(Line 1) Message: [object HTMLImageElement]
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://www.hngn.com/articles/237247/20210812/global-consulting-group-accenture-confirms-being-hit-cyber-attack.htm
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js(Line 6) Message: [GPT] Div ID passed to googletag.display() does not match any defined slots: article_footer_page_computer_oop1.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1075914428.rsc.cdn77.org
1085610534.rsc.cdn77.org
a.ad.gt
acc68a85681925c9e63ec85f76021991.safeframe.googlesyndication.com
ads.anura.io
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.rlcdn.com
asset.pagefair.com
asset.pagefair.net
aufp.io
bh.contextweb.com
c.mgid.com
cdn.ampproject.org
cdn.mgid.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cm.smadex.com
connect.facebook.net
creativecdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.brainlyads.com
i.ytimg.com
id.crwdcntrl.net
ids.ad.gt
image2.pubmatic.com
jadserve.postrelease.com
jsc.mgid.com
match.adsrvr.org
mug.criteo.com
p.ad.gt
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.zprk.io
pixels.ad.gt
platform.instagram.com
powerad.ai
reporting.powerad.ai
rtb-usw.mfadsrvr.com
rules.quantcount.com
s-img.mgid.com
s.adtelligent.com
s.ntv.io
sb.scorecardresearch.com
script.anura.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
servicer.mgid.com
stat.hngn.com
static.doubleclick.net
static.getclicky.com
sync.adtelligent.com
sync.e-volution.ai
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.hngn.com
www.instagram.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
1085610534.rsc.cdn77.org
104.109.78.125
104.16.221.74
104.19.133.78
104.19.136.78
104.19.217.61
108.161.188.128
109.206.188.82
142.250.184.194
142.250.186.34
143.204.207.15
178.250.0.157
18.169.27.96
18.211.226.152
18.213.12.146
185.184.8.65
185.33.220.244
185.64.190.80
198.148.27.140
2.18.233.180
2.18.234.163
2.19.35.65
216.58.212.162
23.20.158.212
2600:9000:2104:de00:6:44e3:f8c0:93a1
2606:4700::6810:135e
2606:4700::6810:dd1d
2a00:1450:4001:800::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::200a
2a00:1450:4001:811::2006
2a00:1450:4001:812::2002
2a00:1450:4001:812::2016
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a02:2638::1c
2a02:6ea0:c700::10
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81e5:face:b00c:0:4420
2a03:2880:f245:ca:face:b00c:0:43fe
2a04:4e42:3::300
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.1.182.12
34.120.133.55
34.208.245.208
35.158.174.229
35.186.220.80
35.186.240.185
35.212.212.222
44.227.231.197
44.236.74.78
52.18.12.237
52.43.149.174
52.84.45.52
52.89.213.37
54.192.219.96
54.234.151.247
62.149.0.72
69.173.144.138
72.251.249.13
76.223.111.131
91.228.74.226
94.31.29.248
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
053f126c55d6d9b27cfce9d5f86bd9357524278463a035f6c3ca70b8fb728994
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06a0cddd4322939662fb5d6bd7d96f2bf97fe4dae288b1ed7ef2771fa2b54f76
08895426c0d9a9330b4b4988d244fb0f964082f78b8a929db01792481c508e49
091d0d2297eafd7c4f3cf2a5b009e3ac9830ea24780ac19b6be083176c6e870a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0da149f7a156c3a204ef0d3c34e41201cf02b5d0b1072d6381646ba7ec66d9e8
10b0321a048a819d6f9968b125573c944edf9bed9ba87de4772c80be44f23613
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
1a4439966cf3114fcfbe92d56d21b21810b5f3a0f138032a7e665113f2c754a7
225266efa46b4b0ce725ca473a3fd399feda10fea9e6097b27edaeb7bfd06e8f
24da6388c1d5a42b0fc96d4bc5c5a7a186967d410140e18ffa1c92e59f2af1c8
299314890466749022e6906a76ce2dd43967fa4327bfc1914fe01dccc170f3e6
2bb65dbcedb15bf4be093fb5fdb95634d22536ec018777bacd0dbe29dd4fcdc5
3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31ca0f584a83492b0797f0146550c21d7e2fdea2062cf02db9a7cf77ae39107f
34da66f0997d145341cfb3fc71c794ea32b4c6affa3ff5d9e7e5107170125d1c
354055a9e3ce542167aea5e40f0e1b21fed8a1f54bccd4d94351d88b5da7f6b2
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3954209d5509a9b83746f5cdbc2c8aad7e5d5bdf955ee15a4a76290cdbe95c43
3a54361ea144443c26b7a04e146516f594c616054c5f87fd650809085323ee55
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444bccae0d3312cd0e5c679136b1123d3ef2dcb74516b2a23af4e363541346be
47844f010ce9707a006ee179348d21477b4f12e2ec15aec31f82d2ad40fd89e5
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fa133245f5eb628f213649100cfc52f3a657aa301f6ce72ae8d4adc206d1095
506c1a22a2efae73199727ea986a8f29c1e887356eb5c4668fe9174341f94a3c
541777a519518ac6b13c09ecc1842f0ab59ffe1572b342bc87e8e19ebc5e82bd
5439e76190ad3b5578c54ee0c8c413bc54516126943aa52eab0acd3038518d2f
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
564909ae57a774bce3a438e2df0cbe3f8794d33acf6715625e87cb06bfa31908
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b912a789556a9204298fda6cad09ad6cbf255e6efe8cb75f96d4dba640b025b
5eee2907a397e5475d52c61751bf4862952109df61a476a130dbe4e4a5cfd704
5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a261facc3c25a98741ca34eb156b218628d3e4aff9e5e93a7a27a90a5a49acf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf8633b09ee6fe9121f9a0ff731a45eea9316029917d709e62e5280fc28b893
73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
74e585954e99fced036810999783b5d23fd5c10019fc92ad9cca228bc74f98b1
782caa9c7fad1fd7517f5ea91464fa1d00dcde1f9792b5c5738d6a2662298faa
78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed
79714685ebe3683c2fbfa85d71c32064a5532c237231f59b1148230cc745928c
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7ea00d16ccc3055b3254bc2d481db8fa8b0a143fe2988b36cabe9ca4f4709883
7ea092aec1729726d18a39b68a1e922904bff37a6e959b758294f686242f22f3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8027119f899b59c2af3b0ccb2c7d1323fb3891a1235ab54309fe5337b92cd1c6
80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
859e2ed82fc916a849e3d830d54aab50105850e0bf65d5214aebf5d3f9b4b6d9
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
86150004b71bc71c4b7ce86e66ca89b3ddd82ae4b2641d329a9abf307c3b7c23
89b0febca2d4760da3faefbc01776bb09e424d642978f1e808917da3a43cb026
8acb4ea1f7e562e5072a0f74dfa7d0b3aaf3dfc3e35020ebd80862e034294726
8ba58b8f0f223700339eee7cb6b7bb41fe1e19d33c15e412d25fdc21eebe597e
8ca6fb6eb443e9507c02f97b64c85a387fde233a0ada7ccedd6394d43c35ac00
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
90d2e7f48cf6ba02e758f0eb92c762cd6923e099c0b2460befdd1fc70280c693
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
97ee0fae588810acc50b48264a5010384d0f821e5867580b84175d736afbef20
9909bc825a53a676499636dca3a5c8d1bb6305549fbd4b161df08ae20b13c151
992a8d27078387adf7e5bcd9de7e4fb60b9c3fe5e84808e4e561240a83e434e7
9d42d096781661ab599cda276c4efcc1cffb37a6d680eebd2e9b2728834b97d2
9ed73800827fa7ef04316d5328ac9aaa6c84edb62e0531cca11b087105f4c86e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5af03a5bdb55c279a8a39ace4f489409ea5e705deb7cd714a402d1613f2b91c
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a654694c6c72e7d03b87d5668822e38ba10128d48d3fcafef8557c385ebc4911
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7a4a846490929f0ce497177a9881dd47db8774328a681d3e764c6cb029a96a2
a8431292de65c7b919c5e515000b0cfc815a6e734a55931bf8c2187148fb6eec
a923dee6dd0303aa8f28d85256b9f0e6297617ac333b93921fdfdc15b08a55a8
a9995890adfe6c6d117c0774fa1a895fc5588115ff7712b1838e059aaf6f5953
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa8f4aadaeeedb243de069b890bd59864e538f28f58967ff9fe9754358131105
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b05c910ffc2eeee612f1af465cdb868a41116c6bd9245513f4253d15e4c333fc
b0a173521736f1c1b6d64089e387a9b82427138e545593fc459545c9069444c6
b0a7438fc8cab82d754146a72ab30a81c3edece242c9e72effdea4128bd212e1
b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
bc9f2d22bcfe813074be891fc5c2d9b76fca689fdd99d73474c641257aeb5d08
bcae1ecc3fc0fc918f83e6a301a918f9186ae0ad0496873a7bac0fd592cc12bf
bdc525823431a6a65bbcc9adee65d5310e2bf2d8b6c2017b66176fc651f0f780
be0ebf1949614b24e0537b586c50dddaccfd8e99b40d5c5c861a87d97ce3b5d7
befd962e67684637d385b83fb363c2b0af4d41936263b8bec9e8bbd4b9fc270c
c0db02fa8ce349e5c3629825f3cb63deed4803ba6b383f81eb2a882be89e4e07
c27990dc99136ff20cc0394a18270e898696fba789d882a03621bd6b201f0f19
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555
cb0d709906ae03ee405aa0270235921ba881289489b042c0ec25365fc03e83a4
cd0085b00403c0d308a7e6a1a2555cb2d23d96e87bbb41bd0d38dd718c5f15bd
d164d9d7d127c0208fe88e68c3c12a3f96ab375aa8ffe5b2114e487b5117e741
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d59672e1613b36638ddaef6143bb25aafe8abf856d090f9c2b0744b058acd429
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8c0ef80323054aab1bee05be3c407fff2d06ca00783e1790a3ee9efaec3d3ef
da44a3c570cfe1d463f5c11930ad06ddd6dd1dbe2404d7696114c5c258ba3d17
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dcc317ac090d5b2586aadfd60c838f5ebf16647ac3c59ff4a5b5d9c76a633652
dd45d78a8d809985739cee4bd27276157a2b7e7dc4068156a22fa922b6ee00bd
ddc931577c4534e562518749632815704f465ea3e2099609ef3538e697a68a18
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e1681030fcef528431dabd5ba6538f1a4c3a5834f5d5d7969d3de2f8aeb06f0f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43a92be629fc3c4067bf49aaaec9cca4e7968cf62ddf83848af0e823772bfc1
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e62cbee7dde661bf5724f4eebbb6344a54adae4e6678514d3a28237fd026fbfa
e9081c48dcb39d288a7b284bf7e591a02a63b000dfbebfcd8ed934acd2150b91
e95f2fe4f20e6df3b4701e32e13818b51452a02d05e393bc50efd7d32ec32b45
eb5ce0378ba517bdb0343cffb50154f21140f17e71a04bc2bfbdde61db04fdfd
eb9b0b08b74e5f2096c0ebe7fad41a6f5fa93d7ebbaf5777eaf46ddfa5d6ea92
ecbc53228bc074755adc8c53f2c8a7fc4167273c1aad7f718420a16715bd61d9
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee41f081315835d648cf8ef29adc9535fd4c330efda231cf4d6eb1bd36a8f99c
ee42c91f297eb0f204bf184600c3194d54e6908830639db14e37b5b158ea0ee7
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f144441391ff81772d6f60ba9138e81f0a78f76739f2d123aa6d09cca8920f66
f2beb92898142c10e2661c03c9d7d6ac4931df2c95fe0ac6b06cda7a4a1b9e02
f3ee1cdc7144e4539afae36a7be015b7d83711f150f767eff5fd896d92060aa2
f51c8c4e7d8401815818dd3a300eb0f07e817b51983a709c4effe203f3371b51
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f6f3c8d1d62021b2f453582189435424efc7d160910c0bdf2daac2377153d1c5
fb73e770f7aae88ece7febf7a1aebc1c557439cc74be85c07e86f2cd526c0151

www.hngn.com Open in urlscan Pro 35.186.240.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

181 Requests

98 %HTTPS

44 %IPv6

52 Domains

80 Subdomains

67 IPs

8 Countries

2872 kBTransfer

7521 kBSize

19 Cookies

13 Outgoing links

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hngn.com Open in urlscan Pro
35.186.240.185 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

98 %
HTTPS

44 %
IPv6

52
Domains

80
Subdomains

67
IPs

8
Countries

2872 kB
Transfer

7521 kB
Size

19
Cookies

181 HTTP transactions
3 data transactions