urlscan.io logo urlscan.io
SecurityTrails logo

newsroom.nccgroup.com Open in urlscan Pro
2606:4700::6812:24f  Public Scan

Go To Rescan Add Verdict Report
URL: https://newsroom.nccgroup.com/news/ncc-group-monthly-threat-pulse-april-2023-ransomware-threat-remains-at-high-level-467154
Submission: On May 23 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 24 HTTP transactions. The main IP is 2606:4700::6812:24f, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsroom.nccgroup.com.
TLS certificate: Issued by R3 on April 2nd 2023. Valid for: 3 months.
This is the only time newsroom.nccgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a04:4e42:200... 54113 (FASTLY)
1 2a04:4e42::485 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
24 6
12    2606:4700::6812:24f (United States)

ASN13335 (CLOUDFLARENET, US)
newsroom.nccgroup.com
www.mynewsdesk.com
7    2a04:4e42:200::512 (United States)

ASN54113 (FASTLY, US)
resources.mynewsdesk.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:3031::6815:3f40 (United States)

ASN13335 (CLOUDFLARENET, US)
mnd-track-backend.mynewsdesk.dev
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
18 mynewsdesk.com
www.mynewsdesk.com — Cisco Umbrella Rank: 248495
resources.mynewsdesk.com — Cisco Umbrella Rank: 305567
230 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
46 KB
1 mynewsdesk.dev
mnd-track-backend.mynewsdesk.dev — Cisco Umbrella Rank: 561596
821 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
9 KB
1 nccgroup.com
newsroom.nccgroup.com
11 KB
24 6
Domain Requested by
11 www.mynewsdesk.com newsroom.nccgroup.com
www.mynewsdesk.com
7 resources.mynewsdesk.com newsroom.nccgroup.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.googletagmanager.com newsroom.nccgroup.com
1 mnd-track-backend.mynewsdesk.dev www.mynewsdesk.com
1 cdn.jsdelivr.net newsroom.nccgroup.com
1 newsroom.nccgroup.com
24 7
Subject Issuer Validity Valid
newsroom.nccgroup.com
R3		 2023-04-02 -
2023-07-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-11 -
2024-05-10		 a year crt.sh
s5-san.cloudinary.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-07-19 -
2023-08-20		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.mynewsdesk.dev
E1		 2023-04-24 -
2023-07-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://newsroom.nccgroup.com/news/ncc-group-monthly-threat-pulse-april-2023-ransomware-threat-remains-at-high-level-467154
Frame ID: 48F04A4129ADA8020855AEB25B3C5651
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NCC Group Monthly Threat Pulse – April 2023: Ransomware threat remains at high level | NCC Group Newsroom

Detected technologies

Overall confidence: 100%
Detected patterns
  • /alpine(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

24
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

318 kB
Transfer

507 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ncc-group-monthly-threat-pulse-april-2023-ransomware-threat-remains-at-high-level-467154
newsroom.nccgroup.com/news/ 		34 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsroom.nccgroup.com/news/ncc-group-monthly-threat-pulse-april-2023-ransomware-threat-remains-at-high-level-467154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:24f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99a4d3d87c7bc5b2affece54ba82b845f1eb7c7d344b33db6ee5dac81f192e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
12064
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, public, s-maxage=86400
cf-cache-status
HIT
cf-ray
7cbd253fadc14179-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 23 May 2023 12:01:39 GMT
etag
W/"99a4d3d87c7bc5b2affece54ba82b845"
expires
Wed, 24 May 2023 08:37:10 GMT
link
<https://www.mynewsdesk.com/assets/newsroom2020/application-ffc8d4dc5e33e90f5fbf46cc7bf2f414dcc19b6e99d65d7d3875834eb0587936.css>; rel=preload; as=style; nopush,<https://www.mynewsdesk.com/assets/newsroom2020/cname_newsroom-b2e06991e995e093ffbde22cdaac53f96588c165b4280b9c07d0a4f390262d64.css>; rel=preload; as=style; nopush,<https://www.mynewsdesk.com/assets/newsroom2020/application-f4a8da395b0ff566888bce44ae40bdccc7cd6da9e9427c69eb3b716c2ec6fa61.js>; rel=preload; as=script; nopush,<https://www.mynewsdesk.com/assets/mnd-track-client-20241639ba255ba1028e76f5f2acf6f852ea3fcc02c6240a3044f92fc9d49be8.js>; rel=preload; as=script; nopush,<https://www.mynewsdesk.com/assets/mnd-cookie-consent-a03d8742996ccccbae47b4a1641e2ab875ba68a30fb7327d1b183efa34f35fc2.js>; rel=preload; as=script; nopush
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-runtime
0.098695
application-ffc8d4dc5e33e90f5fbf46cc7bf2f414dcc19b6e99d65d7d3875834eb0587936.css
www.mynewsdesk.com/assets/newsroom2020/ 		41 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mynewsdesk.com/assets/newsroom2020/application-ffc8d4dc5e33e90f5fbf46cc7bf2f414dcc19b6e99d65d7d3875834eb0587936.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:24f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f4118031fbfa431264adc41fc587add5397ac5652bdddfd310f11d986e97666
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://newsroom.nccgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 May 2023 08:07:20 GMT
server
cloudflare
age
359
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31556952
cf-ray
7cbd2542ee28251a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cname_newsroom-b2e06991e995e093ffbde22cdaac53f96588c165b4280b9c07d0a4f390262d64.css
www.mynewsdesk.com/assets/newsroom2020/ 		53 B
124 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mynewsdesk.com/assets/newsroom2020/cname_newsroom-b2e06991e995e093ffbde22cdaac53f96588c165b4280b9c07d0a4f390262d64.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:24f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12965d83a8c756ea5710ad3954157ecf83e2ea0ef21d9eb893a4aa3ace254f92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://newsroom.nccgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
via
1.1 vegur
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 02 Dec 2020 10:48:07 GMT
server
cloudflare
cf-cache-status
HIT
age
7425809
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31556952
cf-ray
7cbd2542ee33251a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
application-f4a8da395b0ff566888bce44ae40bdccc7cd6da9e9427c69eb3b716c2ec6fa61.js
www.mynewsdesk.com/assets/newsroom2020/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mynewsdesk.com/assets/newsroom2020/application-f4a8da395b0ff566888bce44ae40bdccc7cd6da9e9427c69eb3b716c2ec6fa61.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:24f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd5d4c82c1de5a5dad73b743d29696f5cc36ea3ac035db79ea19d662a267f013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://newsroom.nccgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
via
1.1 vegur
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 07 Jun 2022 13:19:55 GMT
server
cloudflare
cf-cache-status
HIT
age
7425824
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952
cf-ray
7cbd2542ee3a251a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mnd-track-client-20241639ba255ba1028e76f5f2acf6f852ea3fcc02c6240a3044f92fc9d49be8.js
www.mynewsdesk.com/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mynewsdesk.com/assets/mnd-track-client-20241639ba255ba1028e76f5f2acf6f852ea3fcc02c6240a3044f92fc9d49be8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:24f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8276a16ac70effc87a8e5ad4b8519e9409242e8c74179bf1c2b25260a6b484
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://newsroom.nccgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
via
1.1 vegur
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 25 Feb 2023 19:25:42 GMT
server
cloudflare
cf-cache-status
HIT
age
7421778
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952
cf-ray
7cbd2542ee3c251a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mnd-cookie-consent-a03d8742996ccccbae47b4a1641e2ab875ba68a30fb7327d1b183efa34f35fc2.js
www.mynewsdesk.com/assets/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mynewsdesk.com/assets/mnd-cookie-consent-a03d8742996ccccbae47b4a1641e2ab875ba68a30fb7327d1b183efa34f35fc2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:24f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10ede5ab2e63e3fd8c728a5ee92ba69849e893fe6d2cec775fe263ed9876efe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://newsroom.nccgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
via
1.1 vegur
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 07 Jun 2022 13:19:55 GMT
server
cloudflare
cf-cache-status
HIT
age
7425064
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952
cf-ray
7cbd2542ee41251a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
www.mynewsdesk.com/google_fonts/ 		4 KB
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mynewsdesk.com/google_fonts/css?display=swap&family=Lato:wght@900&family=PT+Sans:wght@400;700&family=Lato:wght@400
Requested by
Host: newsroom.nccgroup.com
URL: https://newsroom.nccgroup.com/news/ncc-group-monthly-threat-pulse-april-2023-ransomware-threat-remains-at-high-level-467154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:24f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54e14a3c0c9ba49e1f17c98f70d0adbfe0208cfc09b15c349fe6336d32416e5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://newsroom.nccgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
content-encoding
br
age
14619891
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
5a1a46f2-d467-4de5-94d3-e36e72657989
x-runtime
0.044928
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"54e14a3c0c9ba49e1f17c98f70d0adbf"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31556952, public
heroku-release
v14068, 26de82c717d0a1f26199c87da95bc9aaf8c4a067, 2022-04-26T11:10:05Z
cf-ray
7cbd2542ee37251a-LHR
jnmqwbtktdvgbzl57ovj
resources.mynewsdesk.com/image/upload/c_limit,dpr_auto,f_auto,q_auto:good,w_600/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.mynewsdesk.com/image/upload/c_limit,dpr_auto,f_auto,q_auto:good,w_600/jnmqwbtktdvgbzl57ovj
Requested by
Host: newsroom.nccgroup.com
URL: https://newsroom.nccgroup.com/news/ncc-group-monthly-threat-pulse-april-2023-ransomware-threat-remains-at-high-level-467154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::512 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
b5a8af506cf102532ae809cb92996a2c86998a3d93990f39e9ff90c0161125d0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://newsroom.nccgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-fastly;mitm=p;dur=2;cpu=0;start=2023-05-23T12:01:40.306Z;desc=hit,rtt;dur=24
content-length
2237
last-modified
Thu, 09 Feb 2023 09:47:28 GMT
server
Cloudinary
etag
"77c646a3098c595c51d951c447f8850e"
vary
Accept,User-Agent,DPR,Sec-CH-DPR
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
pwwnno3qf4wxulmf6yjk
resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,dpr_auto,f_auto,g_auto,q_auto:good,w_1782/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,dpr_auto,f_auto,g_auto,q_auto:good,w_1782/pwwnno3qf4wxulmf6yjk
Requested by
Host: newsroom.nccgroup.com
URL: https://newsroom.nccgroup.com/news/ncc-group-monthly-threat-pulse-april-2023-ransomware-threat-remains-at-high-level-467154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::512 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
79ebed6c4a3450686d30e0dda32f7c71d9b10cc1dfb5234bb73eb42d9dada9fc
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://newsroom.nccgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-fastly;mitm=p;dur=2;cpu=0;start=2023-05-23T12:01:40.306Z;desc=hit,rtt;dur=24
content-length
55655
last-modified
Mon, 22 May 2023 19:36:44 GMT
server
Cloudinary
etag
"2e4b24ea25b8720047fec07ab8daea50"
vary
Accept,User-Agent,DPR,Sec-CH-DPR
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
y8gfniptd3b8sl5cdall
resources.mynewsdesk.com/image/upload/c_fill,dpr_auto,f_auto,g_auto,h_250,q_auto:good,w_250/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.mynewsdesk.com/image/upload/c_fill,dpr_auto,f_auto,g_auto,h_250,q_auto:good,w_250/y8gfniptd3b8sl5cdall
Requested by
Host: newsroom.nccgroup.com
URL: https://newsroom.nccgroup.com/news/ncc-group-monthly-threat-pulse-april-2023-ransomware-threat-remains-at-high-level-467154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::512 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
49de3964722614f51b9e3e84723b56e659ba6a5cc4c381f4e2c32923492399ab
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://newsroom.nccgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-fastly;mitm=p;dur=2;cpu=0;start=2023-05-23T12:01:40.314Z;desc=hit,rtt;dur=24
content-length
5866
last-modified
Thu, 09 Feb 2023 09:47:29 GMT
server
Cloudinary
etag
"3b5a48253b93aac55dabea5c419b804b"
vary
Accept,User-Agent,DPR,Sec-CH-DPR
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
pwwnno3qf4wxulmf6yjk
resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,dpr_auto,f_auto,g_auto,q_auto:good,w_746/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,dpr_auto,f_auto,g_auto,q_auto:good,w_746/pwwnno3qf4wxulmf6yjk
Requested by
Host: newsroom.nccgroup.com
URL: https://newsroom.nccgroup.com/news/ncc-group-monthly-threat-pulse-april-2023-ransomware-threat-remains-at-high-level-467154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::512 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
87ff9398d15a6ff2eafa6f229af810a78aa1d5527ef874590559f9c4a269041e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://newsroom.nccgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-fastly;mitm=p;dur=2;cpu=0;start=2023-05-23T12:01:40.306Z;desc=hit,rtt;dur=24
content-length
24391
last-modified
Mon, 22 May 2023 19:36:44 GMT
server
Cloudinary
etag
"cebac029cb24e160a5b0ce18e8ffe497"
vary
Accept,User-Agent,DPR,Sec-CH-DPR
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
pchyeqkiynkrgok9wg5u
resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,dpr_auto,f_auto,g_auto,q_auto:good,w_746/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,dpr_auto,f_auto,g_auto,q_auto:good,w_746/pchyeqkiynkrgok9wg5u
Requested by
Host: newsroom.nccgroup.com
URL: https://newsroom.nccgroup.com/news/ncc-group-monthly-threat-pulse-april-2023-ransomware-threat-remains-at-high-level-467154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::512 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
87ff9398d15a6ff2eafa6f229af810a78aa1d5527ef874590559f9c4a269041e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://newsroom.nccgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-fastly;mitm=p;dur=2;cpu=0;start=2023-05-23T12:01:40.306Z;desc=hit,rtt;dur=24
content-length
24391
last-modified
Tue, 18 Apr 2023 19:59:07 GMT
server
Cloudinary
etag
"cebac029cb24e160a5b0ce18e8ffe497"
vary
Accept,User-Agent,DPR,Sec-CH-DPR
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
kpcpxyixqjvwwwp8kk7o
resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,dpr_auto,f_auto,g_auto,q_auto:good,w_746/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,dpr_auto,f_auto,g_auto,q_auto:good,w_746/kpcpxyixqjvwwwp8kk7o
Requested by
Host: newsroom.nccgroup.com
URL: https://newsroom.nccgroup.com/news/ncc-group-monthly-threat-pulse-april-2023-ransomware-threat-remains-at-high-level-467154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::512 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
4764ac742766b5ed23114f6573dbce2509f61ec095d1b2119eab994057c0938e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://newsroom.nccgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-fastly;mitm=p;dur=2;cpu=0;start=2023-05-23T12:01:40.314Z;desc=hit,rtt;dur=24
content-length
26826
last-modified
Mon, 27 Mar 2023 21:37:27 GMT
server
Cloudinary
etag
"235583977843389703fccc82316cf7d7"
vary
Accept,User-Agent,DPR,Sec-CH-DPR
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
o4wleamnaihpv1emu58y
resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,dpr_auto,f_auto,g_auto,q_auto:good,w_746/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,dpr_auto,f_auto,g_auto,q_auto:good,w_746/o4wleamnaihpv1emu58y
Requested by
Host: newsroom.nccgroup.com
URL: https://newsroom.nccgroup.com/news/ncc-group-monthly-threat-pulse-april-2023-ransomware-threat-remains-at-high-level-467154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::512 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
aefa1b50a329f4b49bb6b109cfead59b29b6a1894680facea54bd69ecb3504e7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://newsroom.nccgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-fastly;mitm=p;dur=2;cpu=1;start=2023-05-23T12:01:40.367Z;desc=hit,rtt;dur=24
content-length
26897
last-modified
Mon, 27 Feb 2023 07:56:48 GMT
server
Cloudinary
etag
"33eb4cb2c9f552b65d9ee8a4354c33ad"
vary
Accept,User-Agent,DPR,Sec-CH-DPR
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
alpine.min.js
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.x.x/dist/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.x.x/dist/alpine.min.js
Requested by
Host: newsroom.nccgroup.com
URL: https://newsroom.nccgroup.com/news/ncc-group-monthly-threat-pulse-april-2023-ransomware-threat-remains-at-high-level-467154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dfbc6f14aa1ece087d34da8e25c9bc329b4a6d3757f87748ca4b5319c8a01d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsroom.nccgroup.com/
Origin
https://newsroom.nccgroup.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 23 May 2023 12:01:40 GMT
x-content-type-options
nosniff
content-encoding
br
age
42525
x-jsd-version
2.8.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9050
x-served-by
cache-fra-eddf8230038-FRA, cache-man4129-MAN
x-jsd-version-type
version
etag
W/"6969-PYk6WU7wXAXPX7qrRZSTVytMicQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
transparent-placeholder-8933871985c5372fa0e6e184bee9b637214dee80c5401b270516dd0a7d65fa75.png
www.mynewsdesk.com/assets/newsroom2020/ 		131 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mynewsdesk.com/assets/newsroom2020/transparent-placeholder-8933871985c5372fa0e6e184bee9b637214dee80c5401b270516dd0a7d65fa75.png
Requested by
Host: www.mynewsdesk.com
URL: https://www.mynewsdesk.com/assets/newsroom2020/application-ffc8d4dc5e33e90f5fbf46cc7bf2f414dcc19b6e99d65d7d3875834eb0587936.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:24f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c2379af00560af316b31d8c476cc89fc21326f70bafd300ec0729b62004f6e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.mynewsdesk.com/assets/newsroom2020/application-ffc8d4dc5e33e90f5fbf46cc7bf2f414dcc19b6e99d65d7d3875834eb0587936.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
age
7421778
cf-polished
origSize=159
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
131
cf-bgj
imgq:100,h2pri
last-modified
Mon, 31 Jan 2022 09:59:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
accept-ranges
bytes
cf-ray
7cbd2543d803251a-LHR
font
www.mynewsdesk.com/google_fonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mynewsdesk.com/google_fonts/font?path=/s/lato/v22/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: www.mynewsdesk.com
URL: https://www.mynewsdesk.com/google_fonts/css?display=swap&family=Lato:wght@900&family=PT+Sans:wght@400;700&family=Lato:wght@400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:24f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6adcfb38e24014d6ea4953f870f2397de4d4f7b917ac526302049d857c60f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.mynewsdesk.com/google_fonts/css?display=swap&family=Lato:wght@900&family=PT+Sans:wght@400;700&family=Lato:wght@400
Origin
https://newsroom.nccgroup.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
age
98689
content-transfer-encoding
binary
content-disposition
attachment; filename="S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2"; filename*=UTF-8''S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
a785225e-9cac-483a-9e6e-4d0c454000d9
x-runtime
0.013541
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 26 Jan 2022 19:18:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556952, public
heroku-release
v14068, 26de82c717d0a1f26199c87da95bc9aaf8c4a067, 2022-04-26T11:10:05Z
cf-ray
7cbd25441871251a-LHR
font
www.mynewsdesk.com/google_fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mynewsdesk.com/google_fonts/font?path=/s/lato/v22/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.mynewsdesk.com
URL: https://www.mynewsdesk.com/google_fonts/css?display=swap&family=Lato:wght@900&family=PT+Sans:wght@400;700&family=Lato:wght@400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:24f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.mynewsdesk.com/google_fonts/css?display=swap&family=Lato:wght@900&family=PT+Sans:wght@400;700&family=Lato:wght@400
Origin
https://newsroom.nccgroup.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
12015
content-transfer-encoding
binary
content-disposition
attachment; filename="S6uyw4BMUTPHjx4wXiWtFCc.woff2"; filename*=UTF-8''S6uyw4BMUTPHjx4wXiWtFCc.woff2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-runtime
0.081301
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 26 Jan 2022 19:14:07 GMT
server
cloudflare
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556952, public
cf-ray
7cbd25441878251a-LHR
font
www.mynewsdesk.com/google_fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mynewsdesk.com/google_fonts/font?path=/s/ptsans/v16/jizaRExUiTo99u79D0KExcOPIDU.woff2
Requested by
Host: www.mynewsdesk.com
URL: https://www.mynewsdesk.com/google_fonts/css?display=swap&family=Lato:wght@900&family=PT+Sans:wght@400;700&family=Lato:wght@400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:24f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ce74486e1edf5e3a7f3d0235aff5fd17b7fa0c7832648ab170a516bb1b804a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.mynewsdesk.com/google_fonts/css?display=swap&family=Lato:wght@900&family=PT+Sans:wght@400;700&family=Lato:wght@400
Origin
https://newsroom.nccgroup.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
age
98689
content-transfer-encoding
binary
content-disposition
attachment; filename="jizaRExUiTo99u79D0KExcOPIDU.woff2"; filename*=UTF-8''jizaRExUiTo99u79D0KExcOPIDU.woff2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
ef49156c-73f8-4fe4-9bed-9a6c3b7bd16f
x-runtime
0.011638
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 26 Jan 2022 18:57:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556952, public
heroku-release
v14068, 26de82c717d0a1f26199c87da95bc9aaf8c4a067, 2022-04-26T11:10:05Z
cf-ray
7cbd2544187f251a-LHR
font
www.mynewsdesk.com/google_fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mynewsdesk.com/google_fonts/font?path=/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
Requested by
Host: www.mynewsdesk.com
URL: https://www.mynewsdesk.com/google_fonts/css?display=swap&family=Lato:wght@900&family=PT+Sans:wght@400;700&family=Lato:wght@400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:24f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6e8aec7ccc3eb5c11b1b26ddb6d10bffafd6c57f9841e8c8d2a7a869ff696d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.mynewsdesk.com/google_fonts/css?display=swap&family=Lato:wght@900&family=PT+Sans:wght@400;700&family=Lato:wght@400
Origin
https://newsroom.nccgroup.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
12015
content-transfer-encoding
binary
content-disposition
attachment; filename="jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2"; filename*=UTF-8''jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-runtime
0.045545
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 26 Jan 2022 18:57:54 GMT
server
cloudflare
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556952, public
cf-ray
7cbd2544187c251a-LHR
track
mnd-track-backend.mynewsdesk.dev/ 		0
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mnd-track-backend.mynewsdesk.dev/track
Requested by
Host: www.mynewsdesk.com
URL: https://www.mynewsdesk.com/assets/mnd-track-client-20241639ba255ba1028e76f5f2acf6f852ea3fcc02c6240a3044f92fc9d49be8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3f40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsroom.nccgroup.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryV3eUEWqEWIgFZ8wl

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html;charset=utf-8
access-control-allow-origin
https://newsroom.nccgroup.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6sgSZBXdR5gV8uyafDg5yjEHDfLb3R1KGfVDvtPWZNs3sy6mBDqdfM%2Fr5MSe3bL6xdHHd8%2B57XMQpoBS9SlGwLmw1B6ujWiuJAZxMQLQzwy3vbXoyn0LGkrP0sNlQbk52sZJOcRbwEj%2FgNgpRmFvPjZ5zJdBolJhCowQdQJ%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
x-frame-options
SAMEORIGIN
access-control-allow-credentials
false
cf-ray
7cbd2544efcc71c0-LHR
access-control-allow-headers
*, Content-Type, Accept, AUTHORIZATION, Cache-Control
js
www.googletagmanager.com/gtag/ 		117 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-152045166-1
Requested by
Host: newsroom.nccgroup.com
URL: https://newsroom.nccgroup.com/news/ncc-group-monthly-threat-pulse-april-2023-ransomware-threat-remains-at-high-level-467154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ada59367d8753f3744e5fc88e428c6fe045ba29ea0dbf2a3fb76b2e3cd59d05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://newsroom.nccgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:01:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
46609
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 May 2023 12:01:40 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152045166-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://newsroom.nccgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 May 2023 10:35:37 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5163
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 23 May 2023 12:35:37 GMT
collect
www.google-analytics.com/j/ 		1 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&aip=1&a=1411851532&t=pageview&_s=1&dl=https%3A%2F%2Fnewsroom.nccgroup.com%2Fnews%2Fncc-group-monthly-threat-pulse-april-2023-ransomware-threat-remains-at-high-level-467154&ul=en-us&de=UTF-8&dt=NCC%20Group%20Monthly%20Threat%20Pulse%20%E2%80%93%20April%202023%3A%20Ransomware%20threat%20remains%20at%20high%20level%20%7C%20NCC%20Group%20Newsroom&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAQABAAAAACAAI~&jid=1990901424&gjid=776605465&cid=549500160.1684843301&tid=UA-152045166-1&_gid=1923322878.1684843301&_r=1&gtm=457e35h0&z=6702993
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsroom.nccgroup.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 May 2023 12:01:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsroom.nccgroup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| MndTrackClient function| gtag object| dataLayer object| Alpine object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.nccgroup.com/ Name: _ga
Value: GA1.2.549500160.1684843301
.nccgroup.com/ Name: _gid
Value: GA1.2.1923322878.1684843301
.nccgroup.com/ Name: _gat_gtag_UA_152045166_1
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
mnd-track-backend.mynewsdesk.dev
newsroom.nccgroup.com
resources.mynewsdesk.com
www.google-analytics.com
www.googletagmanager.com
www.mynewsdesk.com
2606:4700:3031::6815:3f40
2606:4700::6812:24f
2a00:1450:4001:806::2008
2a00:1450:4001:82f::200e
2a04:4e42:200::512
2a04:4e42::485
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
10ede5ab2e63e3fd8c728a5ee92ba69849e893fe6d2cec775fe263ed9876efe7
12965d83a8c756ea5710ad3954157ecf83e2ea0ef21d9eb893a4aa3ace254f92
1ce74486e1edf5e3a7f3d0235aff5fd17b7fa0c7832648ab170a516bb1b804a8
2f4118031fbfa431264adc41fc587add5397ac5652bdddfd310f11d986e97666
3ada59367d8753f3744e5fc88e428c6fe045ba29ea0dbf2a3fb76b2e3cd59d05
3b8276a16ac70effc87a8e5ad4b8519e9409242e8c74179bf1c2b25260a6b484
4764ac742766b5ed23114f6573dbce2509f61ec095d1b2119eab994057c0938e
49de3964722614f51b9e3e84723b56e659ba6a5cc4c381f4e2c32923492399ab
54e14a3c0c9ba49e1f17c98f70d0adbfe0208cfc09b15c349fe6336d32416e5a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2379af00560af316b31d8c476cc89fc21326f70bafd300ec0729b62004f6e3
79ebed6c4a3450686d30e0dda32f7c71d9b10cc1dfb5234bb73eb42d9dada9fc
7d6adcfb38e24014d6ea4953f870f2397de4d4f7b917ac526302049d857c60f8
87ff9398d15a6ff2eafa6f229af810a78aa1d5527ef874590559f9c4a269041e
99a4d3d87c7bc5b2affece54ba82b845f1eb7c7d344b33db6ee5dac81f192e72
a6e8aec7ccc3eb5c11b1b26ddb6d10bffafd6c57f9841e8c8d2a7a869ff696d5
aefa1b50a329f4b49bb6b109cfead59b29b6a1894680facea54bd69ecb3504e7
b5a8af506cf102532ae809cb92996a2c86998a3d93990f39e9ff90c0161125d0
cd5d4c82c1de5a5dad73b743d29696f5cc36ea3ac035db79ea19d662a267f013
dfbc6f14aa1ece087d34da8e25c9bc329b4a6d3757f87748ca4b5319c8a01d7f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44