newsroom.nccgroup.com
Open in
urlscan Pro
2606:4700::6812:e0e
Public Scan
Submitted URL: https://goo.gl/HZ5XMN
Effective URL: https://newsroom.nccgroup.com/
Submission: On March 22 via manual from GB — Scanned from GB
Effective URL: https://newsroom.nccgroup.com/
Submission: On March 22 via manual from GB — Scanned from GB
Summary
This website contacted 12 IPs
in 3 countries
across 12 domains to perform 40 HTTP transactions.
The main IP is 2606:4700::6812:e0e, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is newsroom.nccgroup.com.
TLS certificate: Issued by R3 on February 13th 2022. Valid for: 3 months.
This is the only time newsroom.nccgroup.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on February 13th 2022. Valid for: 3 months.
This is the only time newsroom.nccgroup.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 2a00:1450:400... 2a00:1450:4001:82a::200e | 15169 (GOOGLE) (GOOGLE) | |
| 1 1 | 149.126.77.103 149.126.77.103 | 19551 (INCAPSULA) (INCAPSULA) | |
| 1 5 | 45.60.87.252 45.60.87.252 | 19551 (INCAPSULA) (INCAPSULA) | |
| 3 | 2606:4700::68... 2606:4700::6812:e0e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:809::200a | 15169 (GOOGLE) (GOOGLE) | |
| 6 | 143.204.101.19 143.204.101.19 | 16509 (AMAZON-02) (AMAZON-02) | |
| 12 | 2a04:4e42::512 2a04:4e42::512 | 54113 (FASTLY) (FASTLY) | |
| 4 | 2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665 | 15133 (EDGECAST) (EDGECAST) | |
| 2 | 2a03:2880:f21... 2a03:2880:f21c:80c4:face:b00c:0:43fe | 32934 (FACEBOOK) (FACEBOOK) | |
| 1 | 2606:4700::68... 2606:4700::6810:5914 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:812::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 54.228.42.199 54.228.42.199 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:831::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 40 | 12 |
1
149.126.77.103
(Frankfurt am Main, Germany)
ASN19551 (INCAPSULA, US)
PTR: 149.126.77.103.ip.incapdns.net
ASN19551 (INCAPSULA, US)
PTR: 149.126.77.103.ip.incapdns.net
| www.nccgroup.trust |
6
143.204.101.19
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-19.fra50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-19.fra50.r.cloudfront.net
| d9qz450atvita.cloudfront.net |
2
2a03:2880:f21c:80c4:face:b00c:0:43fe
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| scontent.cdninstagram.com |
1
54.228.42.199
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-42-199.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-42-199.eu-west-1.compute.amazonaws.com
| mnd-track-backend.herokuapp.com |
2
2a00:1450:4001:831::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| ssl.google-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 12 |
mynewsdesk.com
resources.mynewsdesk.com — Cisco Umbrella Rank: 429528 |
179 KB |
| 8 |
nccgroup.com
1 redirects
www.nccgroup.com — Cisco Umbrella Rank: 394884 newsroom.nccgroup.com |
52 KB |
| 6 |
cloudfront.net
d9qz450atvita.cloudfront.net |
14 KB |
| 4 |
twimg.com
pbs.twimg.com — Cisco Umbrella Rank: 615 |
378 KB |
| 3 |
gstatic.com
fonts.gstatic.com |
90 KB |
| 2 |
google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 243 |
17 KB |
| 2 |
cdninstagram.com
scontent.cdninstagram.com — Cisco Umbrella Rank: 1361 |
110 KB |
| 1 |
herokuapp.com
mnd-track-backend.herokuapp.com — Cisco Umbrella Rank: 627041 |
689 B |
| 1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403 |
9 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 |
1 KB |
| 1 |
nccgroup.trust
1 redirects
www.nccgroup.trust |
285 B |
| 1 |
goo.gl
1 redirects
goo.gl — Cisco Umbrella Rank: 7207 |
955 B |
| 40 | 12 |
| Domain | Requested by | |
|---|---|---|
| 12 | resources.mynewsdesk.com |
newsroom.nccgroup.com
|
| 6 | d9qz450atvita.cloudfront.net |
d9qz450atvita.cloudfront.net
|
| 5 | www.nccgroup.com |
1 redirects
www.nccgroup.com
|
| 4 | pbs.twimg.com |
newsroom.nccgroup.com
|
| 3 | fonts.gstatic.com |
fonts.googleapis.com
|
| 3 | newsroom.nccgroup.com |
www.nccgroup.com
newsroom.nccgroup.com |
| 2 | ssl.google-analytics.com |
newsroom.nccgroup.com
|
| 2 | scontent.cdninstagram.com |
newsroom.nccgroup.com
|
| 1 | mnd-track-backend.herokuapp.com |
d9qz450atvita.cloudfront.net
|
| 1 | cdn.jsdelivr.net |
newsroom.nccgroup.com
|
| 1 | fonts.googleapis.com | |
| 1 | www.nccgroup.trust | 1 redirects |
| 1 | goo.gl | 1 redirects |
| 40 | 13 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.mynewsdesk.com |
| twitter.com |
| www.instagram.com |
| research.nccgroup.com |
| www.nccgroup.com |
| www.nccgroupplc.com |
| cyberstore.nccgroup.com |
| www.nccgroup.trust |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.nccgroup.com Entrust Certification Authority - L1K |
2021-07-29 - 2022-07-29 |
a year | crt.sh |
| newsroom.nccgroup.com R3 |
2022-02-13 - 2022-05-14 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-02-28 - 2022-05-23 |
3 months | crt.sh |
| *.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
| assets.1215diamonds.com GlobalSign Atlas R3 DV TLS CA 2020 |
2021-04-26 - 2022-05-28 |
a year | crt.sh |
| *.twimg.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-20 - 2022-10-19 |
a year | crt.sh |
| *.instagram.com DigiCert SHA2 High Assurance Server CA |
2021-12-29 - 2022-03-29 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-03 - 2022-07-02 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2022-02-28 - 2022-05-23 |
3 months | crt.sh |
| *.herokuapp.com Amazon |
2021-06-01 - 2022-06-30 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-03-17 - 2022-06-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://newsroom.nccgroup.com/
Frame ID: 854182CD5CA1FC038D8670AE083DF7EE
Requests: 40 HTTP requests in this frame
Screenshot
Page Title
NCC Group Newsroom | NCC Group exists to make the world safer and more secure | MynewsdeskPage URL History Show full URLs
-
https://goo.gl/HZ5XMN
HTTP 302
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-a... HTTP 301
https://www.nccgroup.com/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-a... Page URL
-
https://www.nccgroup.com/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-a...
HTTP 301
https://newsroom.nccgroup.com/ Page URL
Detected technologies
Alpine.js
(JavaScript frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /alpine(?:\.min)?\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Imperva
(Security)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /_Incapsula_Resource
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
22 Outgoing links
These are links going to different origins than the main page.
URL: https://www.mynewsdesk.com/
Title: No
Title: No
Search URL Search Domain Scan URL
URL: https://twitter.com/@NCCGroupplc/statuses/1504770640313733121
Title: We wish everyone a very happy Holi! https://t.co/VJR9YY0wvX @NCCGroupplc
Title: We wish everyone a very happy Holi! https://t.co/VJR9YY0wvX @NCCGroupplc
Search URL Search Domain Scan URL
URL: https://www.instagram.com/p/CbPfJ5dMApY/
Title: We loved catching up with Nick to talk about his switch from working in recruiting to cyber security as part of our new blog series #MySwitch2Cyber. Find out more about his experience on our newsroom, via the link in our bio. #TeamNCC #CareersInCyber #EthicalHacking #PenTesting #CyberSecurity lifeatnccgroup
Title: We loved catching up with Nick to talk about his switch from working in recruiting to cyber security as part of our new blog series #MySwitch2Cyber. Find out more about his experience on our newsroom, via the link in our bio. #TeamNCC #CareersInCyber #EthicalHacking #PenTesting #CyberSecurity lifeatnccgroup
Search URL Search Domain Scan URL
URL: https://research.nccgroup.com/2022/03/16/tool-release-scoutsuite-5-11-0/
Title: We’re proud to announce the release of a new version of our open-source, multi-cloud auditing tool ScoutSuite (on Github)! The most significant improvements and features added include: Core Improved CLI options, test coverage and some dependencies AWS Added new findings for multiple services Bug fixes Added ARNs for all resources Azure Added new findings Bug … Continue reading Tool Release – ScoutSuite 5.11.0 → Tool Release – ScoutSuite 5.11.0
Title: We’re proud to announce the release of a new version of our open-source, multi-cloud auditing tool ScoutSuite (on Github)! The most significant improvements and features added include: Core Improved CLI options, test coverage and some dependencies AWS Added new findings for multiple services Bug fixes Added ARNs for all resources Azure Added new findings Bug … Continue reading Tool Release – ScoutSuite 5.11.0 → Tool Release – ScoutSuite 5.11.0
Search URL Search Domain Scan URL
URL: https://research.nccgroup.com/2022/03/15/technical-advisory-apple-macos-xar-arbitrary-file-write-cve-2022-22582/
Title: Summary In October 2021, Apple released a fix for CVE-2021-30833. This was an arbitrary file-write vulnerability in the xar utility and was due to improper handling of path separation (forward-slash) characters when processing files contained within directory symlinks. Whilst analysing the patch for CVE-2021-30833, an additional vulnerability was identified which could allow for arbitrary file-write … Continue reading Technical Advisory – Apple macOS XAR – Arbitrary File Write (CVE-2022-22582) → Technical Advisory – Apple macOS XAR – Arbitrary File Write (CVE-2022-22582)
Title: Summary In October 2021, Apple released a fix for CVE-2021-30833. This was an arbitrary file-write vulnerability in the xar utility and was due to improper handling of path separation (forward-slash) characters when processing files contained within directory symlinks. Whilst analysing the patch for CVE-2021-30833, an additional vulnerability was identified which could allow for arbitrary file-write … Continue reading Technical Advisory – Apple macOS XAR – Arbitrary File Write (CVE-2022-22582) → Technical Advisory – Apple macOS XAR – Arbitrary File Write (CVE-2022-22582)
Search URL Search Domain Scan URL
URL: https://twitter.com/@NCCGroupplc/statuses/1503765067929640963
Title: Sharing our thoughts on the resilience and security challenges of central bank digital currencies (CBDCs) and recent developments and guidance coming from the Group of Seven (G7) and the White House. https://t.co/TfJNX4gT7M @NCCGroupplc
Title: Sharing our thoughts on the resilience and security challenges of central bank digital currencies (CBDCs) and recent developments and guidance coming from the Group of Seven (G7) and the White House. https://t.co/TfJNX4gT7M @NCCGroupplc
Search URL Search Domain Scan URL
URL: https://twitter.com/@NCCGroupplc/statuses/1501884609621024779
Title: What would happen if we could connect our brains to the internet? Find out more about the potential risks and benefits of #BCIs in our latest #whitepaper: https://t.co/ifT823stVr. #BrainComputerInterfaces https://t.co/UxISq8QZ7I @NCCGroupplc
Title: What would happen if we could connect our brains to the internet? Find out more about the potential risks and benefits of #BCIs in our latest #whitepaper: https://t.co/ifT823stVr. #BrainComputerInterfaces https://t.co/UxISq8QZ7I @NCCGroupplc
Search URL Search Domain Scan URL
URL: https://research.nccgroup.com/2022/03/10/microsoft-announces-the-wmic-command-is-being-retired-long-live-powershell/
Title: Category: Detection and Threat Hunting What is WMIC? The Windows Management Instrumentation (WMI) Command-Line Utility (WMIC) is a command-line utility that allows users to perform WMI operations from a command prompt. WMI is an interface providing a variety of Windows management functions. Applications and WMI scripts can be deployed to automate administrative tasks on remote … Continue reading Microsoft announces the WMIC command is being retired, Long Live PowerShell → Microsoft announces the WMIC command is being retired, Long Live PowerShell
Title: Category: Detection and Threat Hunting What is WMIC? The Windows Management Instrumentation (WMI) Command-Line Utility (WMIC) is a command-line utility that allows users to perform WMI operations from a command prompt. WMI is an interface providing a variety of Windows management functions. Applications and WMI scripts can be deployed to automate administrative tasks on remote … Continue reading Microsoft announces the WMIC command is being retired, Long Live PowerShell → Microsoft announces the WMIC command is being retired, Long Live PowerShell
Search URL Search Domain Scan URL
URL: https://twitter.com/@NCCGroupplc/statuses/1501158015273246725
Title: Happy #InternationalWomensDay! We’re celebrating across the World, bringing colleagues together physically and virtually to reconnect. To find out more about what we're doing this #IWD, click here: https://t.co/URvNEMT7xH. #IWD2022 #BreakTheBias https://t.co/aHKIPJHx5S @NCCGroupplc
Title: Happy #InternationalWomensDay! We’re celebrating across the World, bringing colleagues together physically and virtually to reconnect. To find out more about what we're doing this #IWD, click here: https://t.co/URvNEMT7xH. #IWD2022 #BreakTheBias https://t.co/aHKIPJHx5S @NCCGroupplc
Search URL Search Domain Scan URL
URL: https://www.instagram.com/p/CasCQA3saFr/
Title: We’re closing out a great week with a bit of fun, and what better way to do it than with our our latest #PetOfNCCGroup, Haribo? Not only does he have a brilliant name, but he’s also the most chill, fluffy feline being his friend Gabriel has ever seen. Not to be outdone by our other fabulous pets and their wonderful eccentricities, he is very particular, and will only drink from streams of water. So you can expect to find him in a sink - no really, we have a picture to prove it. #WhoSaidCatsDidntLikeWater? #CatsOfInstagram #WorkingFromHomePerks #Purr-ks? #ThisJokeStillIsntFunny #IsIt 🐈 lifeatnccgroup
Title: We’re closing out a great week with a bit of fun, and what better way to do it than with our our latest #PetOfNCCGroup, Haribo? Not only does he have a brilliant name, but he’s also the most chill, fluffy feline being his friend Gabriel has ever seen. Not to be outdone by our other fabulous pets and their wonderful eccentricities, he is very particular, and will only drink from streams of water. So you can expect to find him in a sink - no really, we have a picture to prove it. #WhoSaidCatsDidntLikeWater? #CatsOfInstagram #WorkingFromHomePerks #Purr-ks? #ThisJokeStillIsntFunny #IsIt 🐈 lifeatnccgroup
Search URL Search Domain Scan URL
URL: https://research.nccgroup.com/2022/03/03/sharkbot-a-new-generation-android-banking-trojan-being-distributed-on-google-play-store/
Title: Authors: Alberto Segura, Malware analyst Rolf Govers, Malware analyst & Forensic IT Expert NCC Group, as well as many other researchers noticed a rise in Android malware last year, especially Android banking malware. Within the Threat Intelligence team of NCC Group we’re looking closely to several of these malware families to provide valuable information to … Continue reading SharkBot: a “new” generation Android banking Trojan being distributed on Google Play Store → SharkBot: a “new” generation Android banking Trojan being distributed on Google Play Store
Title: Authors: Alberto Segura, Malware analyst Rolf Govers, Malware analyst & Forensic IT Expert NCC Group, as well as many other researchers noticed a rise in Android malware last year, especially Android banking malware. Within the Threat Intelligence team of NCC Group we’re looking closely to several of these malware families to provide valuable information to … Continue reading SharkBot: a “new” generation Android banking Trojan being distributed on Google Play Store → SharkBot: a “new” generation Android banking Trojan being distributed on Google Play Store
Search URL Search Domain Scan URL
URL: https://twitter.com/@NCCGroupplc/statuses/1499388391447834626
Title: We wholeheartedly support the Scottish Government’s plans to launch a new co-ordination centre to tackle cyber threats. Find out more on our newsroom: https://t.co/jS6AnoyydV https://t.co/6N3iZeMTwh @NCCGroupplc
Title: We wholeheartedly support the Scottish Government’s plans to launch a new co-ordination centre to tackle cyber threats. Find out more on our newsroom: https://t.co/jS6AnoyydV https://t.co/6N3iZeMTwh @NCCGroupplc
Search URL Search Domain Scan URL
URL: https://twitter.com/@NCCGroupplc/statuses/1499069642136076291
Title: RT @NCCGroupCareers: Our @foxit team had the pleasure of meeting many talented university students at the career fair hosted at Grolsch Foo… @NCCGroupplc
Title: RT @NCCGroupCareers: Our @foxit team had the pleasure of meeting many talented university students at the career fair hosted at Grolsch Foo… @NCCGroupplc
Search URL Search Domain Scan URL
URL: https://www.nccgroup.com/
Title: NCC Group customer website
Title: NCC Group customer website
Search URL Search Domain Scan URL
URL: https://www.nccgroupplc.com/
Title: NCC Group corporate website
Title: NCC Group corporate website
Search URL Search Domain Scan URL
URL: https://cyberstore.nccgroup.com/
Title: NCC Group Cyberstore
Title: NCC Group Cyberstore
Search URL Search Domain Scan URL
URL: http://www.mynewsdesk.com/about/terms-and-conditions/privacy_policy
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: http://www.mynewsdesk.com/about/terms-and-conditions/privacy_policy_contacts
Title: Privacy Policy for Contacts
Title: Privacy Policy for Contacts
Search URL Search Domain Scan URL
URL: http://www.mynewsdesk.com/about/terms-and-conditions/terms_and_conditions
Title: Terms of Use
Title: Terms of Use
Search URL Search Domain Scan URL
URL: https://www.mynewsdesk.com/about/terms-and-conditions/terms_and_conditions
Title: Terms of Use
Title: Terms of Use
Search URL Search Domain Scan URL
URL: https://www.mynewsdesk.com/about/terms-and-conditions/privacy_policy_contacts
Title: Privacy Policy for Contacts
Title: Privacy Policy for Contacts
Search URL Search Domain Scan URL
URL: https://www.nccgroup.trust/uk/about-us/privacy-policy/cookie-policy/
Title: cookie policy
Title: cookie policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://goo.gl/HZ5XMN
HTTP 302
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-an-analysis-of-royalcli-and-royaldns/ HTTP 301
https://www.nccgroup.com/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-an-analysis-of-royalcli-and-royaldns/ Page URL
-
https://www.nccgroup.com/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-an-analysis-of-royalcli-and-royaldns/
HTTP 301
https://newsroom.nccgroup.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://goo.gl/HZ5XMN HTTP 302
- https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-an-analysis-of-royalcli-and-royaldns/ HTTP 301
- https://www.nccgroup.com/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-an-analysis-of-royalcli-and-royaldns/
40 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
www.nccgroup.com/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-an-analysis-of-royalcli-and-royaldns/ Redirect Chain
|
212 B 608 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_Incapsula_Resource
www.nccgroup.com/ |
177 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_Incapsula_Resource
www.nccgroup.com/ |
29 B 57 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
newsroom.nccgroup.com/ Redirect Chain
|
61 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_Incapsula_Resource
www.nccgroup.com/ |
1 B 36 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
_Incapsula_Resource
www.nccgroup.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
application-c5c9c8abc043884619e8ce3a7f0d1b07a1b103f02d75cba01642aa83bee2b17e.css
d9qz450atvita.cloudfront.net/assets/newsroom2020/ |
43 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cname_newsroom-b2e06991e995e093ffbde22cdaac53f96588c165b4280b9c07d0a4f390262d64.css
d9qz450atvita.cloudfront.net/assets/newsroom2020/ |
53 B 590 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
application-2f7863ce871e5d045b38d4598021ab08034fdbc14812a74dad71af9b7e2dbfcd.js
d9qz450atvita.cloudfront.net/assets/newsroom2020/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mnd-track-client-b113caf196b02adbcd62b1063ca23cac03a1d2fe0ce8f674480bf7c346f8126e.js
d9qz450atvita.cloudfront.net/assets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mnd-cookie-consent-23f0acf43f46d4757c1d7a91e08488a98aef039b717d6c15df1e68560c57a092.js
d9qz450atvita.cloudfront.net/assets/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
newsroom.nccgroup.com/cdn-cgi/bm/cv/669835187/ |
35 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jnmqwbtktdvgbzl57ovj.jpg
resources.mynewsdesk.com/image/upload/t_next_gen_logo_limit_x2/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
i8zcghoglbz9jdheyker.jpg
resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,cs_tinysrgb,dpr_auto,f_auto,g_auto,q_auto,w_859/ |
32 KB 32 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nbywhpwrrpuu5k9hysoe.jpg
resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,cs_tinysrgb,dpr_auto,f_auto,g_auto,q_auto,w_386/ |
5 KB 5 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gycr6us76sqp8utpj5v1.jpg
resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,cs_tinysrgb,dpr_auto,f_auto,g_auto,q_auto,w_386/ |
9 KB 9 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kkldf6wswtupwtpf6ncq.jpg
resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,cs_tinysrgb,dpr_auto,f_auto,g_auto,q_auto,w_386/ |
19 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
egkpg0bw7jzdqyl8fyog.jpg
resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,cs_tinysrgb,dpr_auto,f_auto,g_auto,q_auto,w_386/ |
21 KB 21 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
niyuvp2d4xakglxnupbl.jpg
resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,cs_tinysrgb,dpr_auto,f_auto,g_auto,q_auto,w_386/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rujtvnma1z2rzut2n6wa.jpg
resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,cs_tinysrgb,dpr_auto,f_auto,g_auto,q_auto,w_386/ |
9 KB 9 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wlqf7dqnz5gedna3qsmr.jpg
resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,cs_tinysrgb,dpr_auto,f_auto,g_auto,q_auto,w_386/ |
6 KB 6 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pWoDzZPB8P-tJGPj.jpg
pbs.twimg.com/ext_tw_video_thumb/1504770220631732246/pu/img/ |
50 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
275928041_696689155109013_960743905942723845_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/ |
41 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
B2RpGx0R_Vi027Gz.jpg
pbs.twimg.com/ext_tw_video_thumb/1501884038210068482/pu/img/ |
128 KB 128 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FNUvQo2XsAQWacp.jpg
pbs.twimg.com/media/ |
60 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
275164227_321463260004805_4469623947383931214_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/ |
68 KB 68 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FM7lpddXsAUf897.jpg
pbs.twimg.com/media/ |
139 KB 139 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
y8gfniptd3b8sl5cdall.jpg
resources.mynewsdesk.com/image/upload/t_small_face_square_v2,dpr_2.0/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tfiadz0zcjg2rplvgvkp.jpg
resources.mynewsdesk.com/image/upload/t_small_face_square_v2,dpr_2.0/ |
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dcxui6cmpcd5tf9rqgcd.jpg
resources.mynewsdesk.com/image/upload/t_small_face_square_v2,dpr_2.0/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
alpine.min.js
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.x.x/dist/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
transparent-placeholder-8933871985c5372fa0e6e184bee9b637214dee80c5401b270516dd0a7d65fa75.png
d9qz450atvita.cloudfront.net/assets/newsroom2020/ |
159 B 670 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v16/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
track
mnd-track-backend.herokuapp.com/ |
0 689 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
result
newsroom.nccgroup.com/cdn-cgi/bm/cv/ |
0 487 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
__utm.gif
ssl.google-analytics.com/r/ |
35 B 54 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&aip=1&utmjid=864240073&utmredir=1&utmu=qBQgAAAAAAAAAAAAAAAAAAAE~){kind=link}
%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&aip=1&utmjid=864240073&utmredir=1&utmu=qBQgAAAAAAAAAAAAAAAAAAAE~){kind=link}
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.nccgroup.com
- URL
- https://www.nccgroup.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A1%2Cc%3A59%2Cr%3A481)
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored object| a0_0x433e function| a0_0x3d7e function| MndTrackClient object| _gaq object| __CF$cv$params object| Alpine object| _gat object| gaGlobal11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .nccgroup.com/ | Name: visid_incap_2304533 Value: JjIQp7AeTb2emcx1QhOzMrmZOWIAAAAAQUIPAAAAAAD6SROfnsWCzMQzEgB343TI |
|
| .nccgroup.com/ | Name: incap_ses_246_2304533 Value: c7+EGBxoR2+mutWmQPhpA7mZOWIAAAAAynNhxt4o2IlI3lppttLs/g== |
|
| .www.nccgroup.com/ | Name: ARRAffinity Value: 00bc5ec21489e16bd5d5d76870d46e11a239a77ad41f27db321a457708823d1a |
|
| .www.nccgroup.com/ | Name: ARRAffinitySameSite Value: 00bc5ec21489e16bd5d5d76870d46e11a239a77ad41f27db321a457708823d1a |
|
| .nccgroup.com/ | Name: nlbi_2304533 Value: GMVjDVMdQkNxUFqkwp3kEQAAAADOqAZViIUVThMb2pnmYrQf |
|
| .newsroom.nccgroup.com/ | Name: __cf_bm Value: 6zr39ssFxdUfuo14MrN0AQY1rSmipjpT9AbhZnk8Knk-1647942075-0-AQ+EDfkCynvlBlZDi9OAAQ9kPA4p4s1Sbz2ppGnvjOmzobu4hucABKYUODoU08L/cuKn8NkgW+X7eU66IpQzgOkgP+S/6lMHjMHmGLM/ygcQySGUgCpy/CgoqPeMDVS3JQ== |
|
| .nccgroup.com/ | Name: __utma Value: 95160451.1660680558.1647942075.1647942075.1647942075.1 |
|
| .nccgroup.com/ | Name: __utmc Value: 95160451 |
|
| .nccgroup.com/ | Name: __utmz Value: 95160451.1647942075.1.1.utmcsr=nccgroup.com|utmccn=(referral)|utmcmd=referral|utmcct=/ |
|
| .nccgroup.com/ | Name: __utmt_customer Value: 1 |
|
| .nccgroup.com/ | Name: __utmb Value: 95160451.1.10.1647942075 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
d9qz450atvita.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
goo.gl
mnd-track-backend.herokuapp.com
newsroom.nccgroup.com
pbs.twimg.com
resources.mynewsdesk.com
scontent.cdninstagram.com
ssl.google-analytics.com
www.nccgroup.com
www.nccgroup.trust
www.nccgroup.com
143.204.101.19
149.126.77.103
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700::6810:5914
2606:4700::6812:e0e
2a00:1450:4001:809::200a
2a00:1450:4001:812::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2008
2a03:2880:f21c:80c4:face:b00c:0:43fe
2a04:4e42::512
45.60.87.252
54.228.42.199
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0b072d4dd02f8d9a1e8a436d59c2ece922794df8f5d87914d5ed1bde36970518
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12965d83a8c756ea5710ad3954157ecf83e2ea0ef21d9eb893a4aa3ace254f92
2fe6c6b552a55a18944b2098576b22702243cd1cc40e83c686bf100a09fd057a
38d55268765ff1e2c48b56a507a8928c07628b4441ad9edf5b7331387e8e1113
41f7ed0e957f19e8f337d2ec44bd21dcfa8713597b0d20748a7deb0662e6e80e
48d4043ca45b13275900d035c56a1ed511d376999b2bbdef96ad8169e9fd5d9b
5bc1e235603aa14461fdcad7b794bac984983e472d0f333df75f66bf4bb94e58
68d81aa16aa91edd192505aeba4aacd1e7cd866c61929c2725b8669ebc199029
7de02e003b668d03dec73be3c49a905c9357ae092a29e5147ba006a190302665
83067884e814baff42cec86ba255a1b173c07e871e78b06f605a320ffcbff4dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837bb28fa84b6b097ec48db299e3c75f128a1f9ab339f427ec4eea9cb09eae12
863794e8bba2ae4821b7a14fa4adbef435304d8a49d5aea101542d3ce5374e27
89f91410e3812ecf28242092dd675c69156b321c1b937a64490bc06261c21b9e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a29dcd654c319be9eae3907cfa20f101a6e1e2f30f13c04005155c89953e7ca3
a39badbfad5a7b7b7a00ff7bf38b9e90ddb144da48ba48ca8b8fa390bf60243b
a4c5bc9016dc56b4df1774f6f7b3ff8300948fb36592d49ff4b56d646d878477
a7751eddb0a680631343bacdefddc395c6d298d02a2ff8abf565da46b3d6c7f3
a841b835d76c7ece6d8a521b0704c60d5c78f0317ac412896b6c5772adb95b4b
b0ccc6cc08f0564c17110a4c84bfbe47c2c9760cf23b74de3013fc2f6622108e
b9535b20fcbe7ea58db5f262aac81a00102d3983b3f78608f91e141d5ebafbd8
c4fc4f9e8b431207f49b40f717008feffa601aa3a3b9d0cc02f3ef738f07a1c1
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
ddf0e616b3a6be509d92e5a0bed5fbf8a099fd2b10064cece1b39f3919280d8a
dfbc6f14aa1ece087d34da8e25c9bc329b4a6d3757f87748ca4b5319c8a01d7f
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64bb6a28087f99a51e600cae4f843f867b1246462a503dfe4bf7a8adcc02141
e9918273b6c66608e5bac5bdb306e57160f13f446291558bcd9767bce2176188
ee1e78b4111766a27bc86e0b5c14e0ec9038d67c0a3c85d4246f47a9fc776396
f0bd3311af2ce2e25f34de8913b3d1a073753cbe0b00eef9f354f4f0fef6a35a
ff604ed3a51f849ecb46e040a39c8c31223d8e14dba8b78e44bc7c58dbf9c5e3