www.nccgroup.trust Open in urlscan Pro
149.126.77.103 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
Submission: On May 15 via api (May 15th 2020, 9:51:22 am UTC) from US

Summary HTTP 45 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 45 HTTP transactions. The main IP is 149.126.77.103, located in Frankfurt am Main, Germany and belongs to INCAPSULA, US. The main domain is www.nccgroup.trust.
TLS certificate: Issued by Entrust Certification Authority - L1K on December 18th 2019. Valid for: 2 years.

This is the only time www.nccgroup.trust was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	149.126.77.103 149.126.77.103	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
1	34.195.112.7 34.195.112.7	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
45	9

33 149.126.77.103 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.103.ip.incapdns.net

www.nccgroup.trust	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

nccgroup.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.112.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-112-7.compute-1.amazonaws.com

addtocalendar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	nccgroup.trust www.nccgroup.trust	2 MB
2	disqus.com nccgroup.disqus.com disqus.com Failed	22 KB
1	twitter.com syndication.twitter.com	10 KB
1	addtocalendar.com addtocalendar.com	3 KB
1	google-analytics.com ssl.google-analytics.com	17 KB
1	gstatic.com www.gstatic.com	122 KB
1	google.com www.google.com	561 B
0	disquscdn.com Failed c.disquscdn.com Failed
45	8

	Domain	Requested by
33	www.nccgroup.trust	www.nccgroup.trust
1	disqus.com	nccgroup.disqus.com
1	syndication.twitter.com	www.nccgroup.trust
1	addtocalendar.com	www.nccgroup.trust
1	nccgroup.disqus.com	www.nccgroup.trust
1	ssl.google-analytics.com	www.nccgroup.trust
1	www.gstatic.com	www.google.com
1	www.google.com	www.nccgroup.trust
0	c.disquscdn.com Failed	nccgroup.disqus.com
45	9

This site contains links to these domains. Also see Links.

Domain
fortconsult.net
portal.nccgroup.com
view.nccgroup.com
www.escrowlive.trust
cyberstore.nccgroup.com
research.nccgroup.com
newsroom.nccgroup.com
nccgroup.wd3.myworkdayjobs.com
msdn.microsoft.com
blog.chromium.org
blogs.technet.microsoft.com
twitter.com
www.fireeye.com
github.com
technet.microsoft.com
t.co
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.nccgroup.trust Entrust Certification Authority - L1K	`2019-12-18` - `2021-11-25`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
addtocalendar.com Amazon	`2019-11-03` - `2020-12-03`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
Frame ID: 2C7907E807C5D918BD3F56A6A22D53A9
Requests: 44 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=nccgroup&t_u=https%3A%2F%2Fwww.nccgroup.trust%2Fuk%2Fabout-us%2Fnewsroom-and-events%2Fblogs%2F2017%2Faugust%2Fsmuggling-hta-files-in-internet-exploreredge%2F&t_d=Smuggling%20HTA%20files%20in%20Internet%20Explorer%2FEdge&t_t=Smuggling%20HTA%20files%20in%20Internet%20Explorer%2FEdge&s_o=default
Frame ID: 47148E142ACA1BDBF0545F0BFC0A7EAF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

45
Requests

89 %
HTTPS

38 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

2719 kB
Transfer

4005 kB
Size

4
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: http://fortconsult.net/
Title: FortConsult (DK)

Search URL Search Domain Scan URL

URL: https://portal.nccgroup.com/
Title: Managed Services Client Login

Search URL Search Domain Scan URL

URL: https://view.nccgroup.com/
Title: View Portal

Search URL Search Domain Scan URL

URL: https://www.escrowlive.trust/
Title: Escrow Live Login

Search URL Search Domain Scan URL

URL: https://cyberstore.nccgroup.com/
Title: Online Cyberstore

Search URL Search Domain Scan URL

URL: https://research.nccgroup.com/
Title: Technical Blog

Search URL Search Domain Scan URL

URL: https://newsroom.nccgroup.com/
Title: Newsroom (Ext. Website)

Search URL Search Domain Scan URL

URL: https://nccgroup.wd3.myworkdayjobs.com/NCC_Group
Title: Current Vacancies (Ext. website)

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/library/ms536471(VS.85).aspx
Title: https://msdn.microsoft.com/en-us/library/ms536471(VS.85).aspx

Search URL Search Domain Scan URL

URL: https://blog.chromium.org/2017/07/so-long-and-thanks-for-all-flash.html?m=1
Title: https://blog.chromium.org/2017/07/so-long-and-thanks-for-all-flash.html?m=1

Search URL Search Domain Scan URL

URL: https://blogs.technet.microsoft.com/mmpc/2016/03/22/new-feature-in-office-2016-can-block-macros-and-help-prevent-infection/
Title: https://blogs.technet.microsoft.com/mmpc/2016/03/22/new-feature-in-office-2016-can-block-macros-and-help-prevent-infection/

Search URL Search Domain Scan URL

URL: https://twitter.com/enigma0x3/status/888443907595526144
Title: https://twitter.com/enigma0x3/status/888443907595526144

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199-hta-handler.html
Title: https://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199-hta-handler.html

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/library/hh779016(v=vs.85).aspx
Title: https://msdn.microsoft.com/en-us/library/hh779016(v=vs.85).aspx

Search URL Search Domain Scan URL

URL: https://github.com/beefproject/beef
Title: https://github.com/beefproject/beef

Search URL Search Domain Scan URL

URL: https://github.com/nccgroup/WebFEET
Title: https://github.com/nccgroup/WebFEET

Search URL Search Domain Scan URL

URL: https://github.com/nccgroup/demiguise
Title: https://github.com/nccgroup/demiguise

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-gb/library/bb457006.aspx
Title: https://technet.microsoft.com/en-gb/library/bb457006.aspx

Search URL Search Domain Scan URL

URL: https://twitter.com/share

Search URL Search Domain Scan URL

URL: https://twitter.com/NCCGroupplc
Title: @NCCGroupplc

Search URL Search Domain Scan URL

URL: https://twitter.com/ollieatnccgroup
Title: @ollieatnccgroup

Search URL Search Domain Scan URL

URL: https://t.co/DxiUcYPyjL
Title: https://bit.ly/35UmgD3

Search URL Search Domain Scan URL

URL: https://t.co/cThuzdz2Hi
Title: https://www.techuk.org/insights/opportunities/item/17425-cyber-training-and-skills-content-repository …

Search URL Search Domain Scan URL

URL: https://twitter.com/techUK
Title: @techUK

Search URL Search Domain Scan URL

URL: https://twitter.com/DCMS
Title: @DCMS

Search URL Search Domain Scan URL

URL: https://twitter.com/hashtag/upskill?src=hash
Title: #upskill

Search URL Search Domain Scan URL

URL: https://twitter.com/hashtag/cybersecurity?src=hash
Title: #cybersecurity

Search URL Search Domain Scan URL

URL: https://twitter.com/hashtag/Infosec?src=hash
Title: #Infosec

Search URL Search Domain Scan URL

URL: https://twitter.com/hashtag/opportunity?src=hash
Title: #opportunity

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/NCC-Group-Plc/187368644638970
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ncc-group
Title: LinkedIn

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/ 70 KB
20 KB 1721ms
1585ms Document
text/html 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

3f79e20a113bf85fba371fed57f518202f351fb3a2931b23cb8c65ce3250fa1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://ssl.google-analytics.com/ https://www.google-analytics.com https://pbs.twimg.com/ https://abs.twimg.com/ https://syndication.twitter.com https://platform.twitter.com; script-src 'self' https://widget.intercom.io/widget/ https://syndication.twitter.com https://js.intercomcdn.com/ cdn.syndication.twimg.com https://logws1309.ati-host.net/ https://cdn.ampproject.org https://apis.google.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/player_api https://ssl.google-analytics.com/ga.js https://static.adinsight.com https://metrics.responsetap.com https://platform.twitter.com https://cdn.syndication.twimg.com https://nccgroup.disqus.com https://a.disquscdn.com https://addtocalendar.com/atc/1.5/atc.min.js 'nonce-nyVnu27op4Ws3ecFWem3bsIHh9FBSOs6i49fZeWfXKmJexAt5oh9H5fOtGp7caayQQ6zlKRKgqN6a0EoF5W+GcohNokhEZFTMXTjsdMU8PWO9jWdst0sHwahgbURL1pBbLhz0RIXlzCZfYbsnL08YJk4+FQLqfzhixspMKWH7FQ='; style-src 'self' https://platform.twitter.com https://a.disquscdn.com 'unsafe-inline'; object-src 'self'; media-src 'self' https://syndication.twitter.com https://js.intercomcdn.com/ https://abs.twimg.com/ https://referrer.disqus.com/ https://platform.twitter.com https://a.disquscdn.com https://pbs.twimg.com; frame-src 'self' https://polaris.brighterir.com/ https://www.facebook.com/ https://player.vimeo.com/ https://www.mynewsdesk.com/ https://www.google.com/recaptcha/ https://www.youtube.com/embed/ https://www.google.com/maps/ https://platform.twitter.com https://syndication.twitter.com https://disqus.com/; connect-src 'self' https://www.google-analytics.com/ wss://nexus-websocket-a.intercom.io/ wss://nexus-websocket-b.intercom.io/ https://nexus-websocket-a.intercom.io/ https://nexus-websocket-b.intercom.io/ https://api-iam.intercom.io/ https://stats.g.doubleclick.net/ https://www.google.com/ ; font-src 'self' https://js.intercomcdn.com/fonts/ ; img-src 'self' data: https://placehold.it/ https://downloads.intercomcdn.com/ https://js.intercomcdn.com/ https://static.intercomassets.com/ https://logws1309.ati-host.net/ https://www.google.co.uk https://www.google.com https://stats.g.doubleclick.net https://ssl.gstatic.com/ https://www.google-analytics.com https://o.twimg.com/ https://syndication.twitter.com https://abs.twimg.com https://pbs.twimg.com/ https://ssl.google-analytics.com/ ;
Public-Key-Pins	max-age=604800; strict;
Strict-Transport-Security	max-age=10368000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.nccgroup.trust
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=vj0s2oh2dtt0j03m4ccyirdm; path=/; secure; HttpOnly NCC_Consent=unconfirmed; expires=Sat, 15-May-2021 09:50:59 GMT; path=/; secure visid_incap_349502=pDwdmVmfQIKIVbhug+sYiAJmvl4AAAAAQUIPAAAAAACjCkGXwj1uDCnZPl2ssGZg; expires=Fri, 14 May 2021 13:20:00 GMT; HttpOnly; path=/; Domain=.nccgroup.trust; Secure; SameSite=None incap_ses_770_349502=X50oZHdtZTLlCPBRE5ivCgRmvl4AAAAAXvGMuS4x6nJ5JtiyehPTcA==; path=/; Domain=.nccgroup.trust; Secure; SameSite=None ___utmvmczuMwKP=aDxipngrBRN; path=/; Max-Age=900; Secure; SameSite=None ___utmvaczuMwKP=gWKaTBQ; path=/; Max-Age=900; Secure; SameSite=None ___utmvbczuMwKP=OZo XCrOzalE: ntw; path=/; Max-Age=900; Secure; SameSite=None
Content-Security-Policy: default-src 'self' https://ssl.google-analytics.com/ https://www.google-analytics.com https://pbs.twimg.com/ https://abs.twimg.com/ https://syndication.twitter.com https://platform.twitter.com; script-src 'self' https://widget.intercom.io/widget/ https://syndication.twitter.com https://js.intercomcdn.com/ cdn.syndication.twimg.com https://logws1309.ati-host.net/ https://cdn.ampproject.org https://apis.google.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/player_api https://ssl.google-analytics.com/ga.js https://static.adinsight.com https://metrics.responsetap.com https://platform.twitter.com https://cdn.syndication.twimg.com https://nccgroup.disqus.com https://a.disquscdn.com https://addtocalendar.com/atc/1.5/atc.min.js 'nonce-nyVnu27op4Ws3ecFWem3bsIHh9FBSOs6i49fZeWfXKmJexAt5oh9H5fOtGp7caayQQ6zlKRKgqN6a0EoF5W+GcohNokhEZFTMXTjsdMU8PWO9jWdst0sHwahgbURL1pBbLhz0RIXlzCZfYbsnL08YJk4+FQLqfzhixspMKWH7FQ='; style-src 'self' https://platform.twitter.com https://a.disquscdn.com 'unsafe-inline'; object-src 'self'; media-src 'self' https://syndication.twitter.com https://js.intercomcdn.com/ https://abs.twimg.com/ https://referrer.disqus.com/ https://platform.twitter.com https://a.disquscdn.com https://pbs.twimg.com; frame-src 'self' https://polaris.brighterir.com/ https://www.facebook.com/ https://player.vimeo.com/ https://www.mynewsdesk.com/ https://www.google.com/recaptcha/ https://www.youtube.com/embed/ https://www.google.com/maps/ https://platform.twitter.com https://syndication.twitter.com https://disqus.com/; connect-src 'self' https://www.google-analytics.com/ wss://nexus-websocket-a.intercom.io/ wss://nexus-websocket-b.intercom.io/ https://nexus-websocket-a.intercom.io/ https://nexus-websocket-b.intercom.io/ https://api-iam.intercom.io/ https://stats.g.doubleclick.net/ https://www.google.com/ ; font-src 'self' https://js.intercomcdn.com/fonts/ ; img-src 'self' data: https://placehold.it/ https://downloads.intercomcdn.com/ https://js.intercomcdn.com/ https://static.intercomassets.com/ https://logws1309.ati-host.net/ https://www.google.co.uk https://www.google.com https://stats.g.doubleclick.net https://ssl.gstatic.com/ https://www.google-analytics.com https://o.twimg.com/ https://syndication.twitter.com https://abs.twimg.com https://pbs.twimg.com/ https://ssl.google-analytics.com/ ;
Strict-Transport-Security: max-age=10368000;includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Public-Key-Pins: max-age=604800; strict;
Date: Fri, 15 May 2020 09:51:00 GMT
X-CDN: Incapsula
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Iinfo: 2-8870352-8870354 NNYN CT(18 55 0) RT(1589536258618 56) q(0 0 1 0) r(15 16) U12

GET
H/1.1 200
OK styles.css
www.nccgroup.trust/Static/css/ 361 KB
59 KB 64ms
55ms Stylesheet
text/css 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nccgroup.trust/Static/css/styles.css

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

bcd96013124076241151b4ff6b2eb4013bf1193f7aeba528cbaf3f95632c38da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Nov 2019 11:46:58 GMT
X-CDN: Incapsula
Etag: "4168e3a86a3d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-Iinfo: 2-8870352-0 0CNN RT(1589536258618 1689) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=16414, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 59523
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 14:24:34 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 674 B
561 B 17ms
16ms Script
text/javascript 2a00:1450:4001:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8276117bcc362352b6d3a5f09093ad1955601fbe77fc4f11cb823df7ecdbc8f4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 446
x-xss-protection: 1; mode=block
expires: Fri, 15 May 2020 09:51:00 GMT

GET
H/1.1 200
OK scripts.js Show response
www.nccgroup.trust/Static/js/ 539 KB
155 KB 156ms
54ms Script
application/x-javascript 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nccgroup.trust/Static/js/scripts.js

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

25084a51f9e4afbad0819a4cc76e772f2c17a93f2b1bf8f808df61a18313f211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Sep 2019 09:48:50 GMT
X-CDN: Incapsula
Etag: "5a581b1fcf63d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
X-Iinfo: 2-8870352-0 0CNN RT(1589536258618 1782) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=13430, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 157895
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 13:34:50 GMT

GET
H/1.1 200
OK newsfilter.js Show response
www.nccgroup.trust/Static/js/ 1 KB
2 KB 159ms
53ms Script
application/x-javascript 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nccgroup.trust/Static/js/newsfilter.js

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

b95c33b49e7417c3b1548c947758acb3855f5fd3831d020e601e71351045f704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Nov 2018 19:42:09 GMT
X-CDN: Incapsula
Etag: "92a9984ad281d41:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
X-Iinfo: 3-12383416-0 0CNN RT(1589536260351 54) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=26409, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 694
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 17:11:09 GMT

GET
H/1.1 200
OK uk.png
www.nccgroup.trust/Static/img/flags/ 1 KB
2 KB 53ms
53ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/flags/uk.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

f2da2c56885d882ab313a4e055afd522de5fb9ba2188a300894392224ed29f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "7bb130c52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 2-8870352-0 0CNN RT(1589536258618 1879) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=14588, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 1084
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 13:54:08 GMT

GET
H/1.1 200
OK us.png
www.nccgroup.trust/Static/img/flags/ 647 B
1 KB 58ms
55ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/flags/us.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

49a769464fdbed9171134de4b86bc66eb9fce901d54dad51ede76bdf4993d6a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "61ff30c52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 2-8870352-0 0CNN RT(1589536258618 2031) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=18085, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 647
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 14:52:25 GMT

GET
H/1.1 200
OK de.png
www.nccgroup.trust/Static/img/flags/ 154 B
656 B 56ms
54ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/flags/de.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

9a26a63ca1194f3f7b197b8a9dfacf409bcbfb075dc272b2b2331d99ea72fe44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "aa1530c52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 3-12383416-0 0CNN RT(1589536260351 298) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=17928, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 154
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 14:49:48 GMT

GET
H/1.1 200
OK ch.png
www.nccgroup.trust/Static/img/flags/ 363 B
865 B 57ms
54ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/flags/ch.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

db80b69f673da275a2bb3c45e5dfa93e4fcb7d1a9da5e7907c6d6c708d0d2029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "b3ee2fc52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 6-12299225-0 0CNN RT(1589536260351 298) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=18085, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 363
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 14:52:25 GMT

GET
H/1.1 200
OK nl.png
www.nccgroup.trust/Static/img/flags/ 269 B
772 B 56ms
54ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/flags/nl.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

a7414bfaeadd14f999b3f02a0d1070f3b6e05542cb7cbe1c1a36614fe48f3bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "836330c52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 14-38872646-0 0CNN RT(1589536260351 298) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=14587, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 269
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 13:54:07 GMT

GET
H/1.1 200
OK au.png
www.nccgroup.trust/Static/img/flags/ 1 KB
2 KB 112ms
53ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/flags/au.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

5328eea382c5b4960de0b29558c5a996195e99c64dad206826ff5badc3e7a773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "bec72fc52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 14-38872646-0 0CNN RT(1589536260351 355) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=18085, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 1059
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 14:52:25 GMT

GET
H/1.1 200
OK sg.png
www.nccgroup.trust/Static/img/flags/ 502 B
1004 B 113ms
54ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/flags/sg.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

e22dc131ebe1ff555c4a89a955dd5280d7ccd4e9dd8030b3797e85aa3bc1b7e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "798a30c52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 6-12299225-0 0CNN RT(1589536260351 355) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=14587, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 502
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 13:54:07 GMT

GET
H/1.1 200
OK fortconsult.net.png
www.nccgroup.trust/Static/img/flags/ 126 B
628 B 57ms
56ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/flags/fortconsult.net.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

3f416198bd3caf13a549635f4322a599fe7143f13d2dc03d1503e73ca85869d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "836330c52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 2-8870352-0 0CNN RT(1589536258618 2090) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=14588, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 126
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 13:54:08 GMT

GET
H/1.1 200
OK ae.png
www.nccgroup.trust/Static/img/flags/ 468 B
970 B 110ms
53ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/flags/ae.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

71fa51ab9f0664850f3820847b4d7c2b3693300f0215f401e4dd4f34f3a35fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "bda02fc52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 2-8870352-0 0CNN RT(1589536258618 2144) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=14588, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 468
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 13:54:08 GMT

GET
H/1.1 200
OK jp.png
www.nccgroup.trust/Static/img/flags/ 360 B
862 B 163ms
59ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/flags/jp.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

6fdaf2df37080231e7b5d67937fe04f3d908ff89edfa8f4c791a6f1b818f7b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 15 Nov 2019 11:54:36 GMT
X-CDN: Incapsula
Etag: "026b173ab9bd51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 12-14296635-0 0CNN RT(1589536260702 108) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=17928, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 360
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 14:49:48 GMT

GET
H/1.1 200
OK generate-hta.gif
www.nccgroup.trust/globalassets/newsroom/uk/blog/images/2017/07/smuggling-hta-files-gifs/ 158 KB
158 KB 77ms
76ms Image
image/gif 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/globalassets/newsroom/uk/blog/images/2017/07/smuggling-hta-files-gifs/generate-hta.gif

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

52011ac7351dabb5e7de6c7b6df6e2fed5d95c94a82ae0f1ac2594eca43c9beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 08 Aug 2017 08:22:31 GMT
X-CDN: Incapsula
Etag: "1D3101F7B0804B0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
X-Iinfo: 14-38872738-38870711 2VNN RT(1589536260701 109) q(0 0 0 -1) r(0 0) U18
Cache-Control: max-age=43200, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 161304
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 21:51:01 GMT

GET
H/1.1 200
OK pop_calc.gif
www.nccgroup.trust/globalassets/newsroom/uk/blog/images/2017/07/smuggling-hta-files-gifs/ 567 KB
568 KB 76ms
75ms Image
image/gif 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/globalassets/newsroom/uk/blog/images/2017/07/smuggling-hta-files-gifs/pop_calc.gif

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

ab341ee7c687f2a073777c0332d5edc5af4eed3cf07b231d6f187f1c05c57f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 08 Aug 2017 08:22:31 GMT
X-CDN: Incapsula
Etag: "1D3101F7B0F30A0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
X-Iinfo: 14-38872646-38870356 2VNN RT(1589536260351 465) q(0 0 0 -1) r(0 0) U18
Cache-Control: max-age=43201, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 580741
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 21:51:01 GMT

GET
H/1.1 200
OK srp.gif
www.nccgroup.trust/globalassets/newsroom/uk/blog/images/2017/07/smuggling-hta-files-gifs/ 797 KB
798 KB 79ms
78ms Image
image/gif 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/globalassets/newsroom/uk/blog/images/2017/07/smuggling-hta-files-gifs/srp.gif

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

472e4e3b25281f6bb3f4f728dec6c4361818422bc4f25248f02c9cda5ff4d237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 08 Aug 2017 08:22:31 GMT
X-CDN: Incapsula
Etag: "1D3101F7AF232C0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
X-Iinfo: 6-12299225-12297181 2VNN RT(1589536260351 466) q(0 0 0 -1) r(0 0) U18
Cache-Control: max-age=43201, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 816565
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 21:51:01 GMT

GET
H/1.1 200
OK extension_handler_overwrite.gif
www.nccgroup.trust/globalassets/newsroom/uk/blog/images/2017/07/smuggling-hta-files-gifs/ 648 KB
649 KB 77ms
77ms Image
image/gif 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/globalassets/newsroom/uk/blog/images/2017/07/smuggling-hta-files-gifs/extension_handler_overwrite.gif

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

7ab8d56af3ceac3d5429aa7f80680f340043191ef0e1d1a49e80a328e5e0b75c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 08 Aug 2017 08:22:31 GMT
X-CDN: Incapsula
Etag: "1D3101F7B165C90"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
X-Iinfo: 2-8870352-8870024 2VNN RT(1589536258618 2199) q(0 0 0 -1) r(0 0) U18
Cache-Control: max-age=43201, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 663990
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 21:51:01 GMT

GET
H/1.1 200
OK social-twitter.gif
www.nccgroup.trust/static/img/ 2 KB
2 KB 55ms
54ms Image
image/gif 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/static/img/social-twitter.gif

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

6d0e70e0aa408ba3da062a342100ea68bdf8c18660e567813885c36f50033bb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "d902ec52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
X-Iinfo: 3-12383416-12381525 2CNN RT(1589536260351 469) q(0 0 0 -1) r(0 0)
Cache-Control: max-age=29770, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 1878
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 18:07:10 GMT

GET
H/1.1 200
OK social-facebook.gif
www.nccgroup.trust/static/img/ 2 KB
2 KB 54ms
54ms Image
image/gif 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/static/img/social-facebook.gif

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

36dc7869011147481b0fb8b8ab78cc222eb1e9332a10fff889552a4f8b1192a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "51a62dc52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
X-Iinfo: 12-14296635-0 0CNN RT(1589536260702 168) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=6199, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 1664
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 11:34:19 GMT

GET
H/1.1 200
OK social-gplus.gif
www.nccgroup.trust/static/img/ 1 KB
2 KB 54ms
54ms Image
image/gif 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/static/img/social-gplus.gif

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

b44dab49054df1c2e9ffedcdf77cdcb58b042797e915ef8b9da47a07d822d5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "43cd2dc52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
X-Iinfo: 3-12383416-12382963 2CNN RT(1589536260351 523) q(0 0 0 -1) r(0 0)
Cache-Control: max-age=29769, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 1432
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 18:07:09 GMT

GET
H/1.1 200
OK social-linkedin.gif
www.nccgroup.trust/static/img/ 1 KB
2 KB 58ms
57ms Image
image/gif 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/static/img/social-linkedin.gif

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

9c176b0f0b47230ebdfb1b0897172a213110f9aae3d5db2a1607d9b2dc530463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "e692ec52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
X-Iinfo: 12-14296635-14289460 2CNN RT(1589536260702 225) q(0 0 0 -1) r(0 0)
Cache-Control: max-age=29770, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 1446
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 18:07:10 GMT

GET
H/1.1 200
OK news.js Show response
www.nccgroup.trust/Static/js/ 778 B
830 B 54ms
54ms Script
application/x-javascript 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nccgroup.trust/Static/js/news.js

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

89bfeb9ea50df6f7c707b08b22a1b957a5fc8dce0e6eb26dadf8a09f5b564f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Nov 2018 19:42:09 GMT
X-CDN: Incapsula
Etag: "2bfb974ad281d41:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
X-Iinfo: 3-12383416-0 0CNN RT(1589536260351 108) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=27560, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 289
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 17:30:20 GMT

GET
H/1.1 200
OK _Incapsula_Resource Show response
www.nccgroup.trust/ 124 KB
18 KB 62ms
61ms Script
application/javascript 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nccgroup.trust/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=902082093

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

63e29b7a991bf59fe298bce979c25d9f1b9f7419624b360d8d66c48893956832

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 18009
Content-Type: application/javascript

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/JPZ52lNx97aD96bjM7KaA0bo/ 299 KB
122 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/JPZ52lNx97aD96bjM7KaA0bo/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5330600f68293b69db933eba611413ffaa46ad7c992116b06933c620d7a3c43c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 21:43:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 May 2020 19:09:25 GMT
server: sffe
age: 302850
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124431
x-xss-protection: 0
expires: Tue, 11 May 2021 21:43:31 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/Static/js/scripts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 4925
date: Fri, 15 May 2020 08:28:56 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 15 May 2020 10:28:56 GMT

GET
H/1.1 200
OK selector-arrows.png
www.nccgroup.trust/Static/img/ 178 B
680 B 84ms
53ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/selector-arrows.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

cdc877245014a5c27157929ca4636979ad7057564e05aaad85bc7c196fb75137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/Static/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "821529c52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 6-12299225-0 0CNN RT(1589536260351 410) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=14588, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 178
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 13:54:08 GMT

GET
H/1.1 200
OK search-icon.svg
www.nccgroup.trust/Static/img/ 630 B
898 B 79ms
53ms Image
image/svg+xml 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/search-icon.svg

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

f037520c3611756bd1caf1d489bfaa3d74d3737e0f9254615b85d2966405c069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/Static/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "c75228c52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
X-Iinfo: 12-14296635-0 0CNN RT(1589536260702 53) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=14588, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 368
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 13:54:08 GMT

GET
H/1.1 200
OK ncc-logo.png
www.nccgroup.trust/Static/img/ 3 KB
3 KB 79ms
54ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/ncc-logo.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

c65b9391645fca55f2e0d0ce37d8baaa58f4e12a343aa01df236137c33572066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/Static/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "4d5826c52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 14-38872738-0 0CNN RT(1589536260701 54) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=14588, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 2893
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 13:54:08 GMT

GET
H/1.1 200
OK rss-icon.png
www.nccgroup.trust/Static/img/ 443 B
950 B 85ms
54ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/rss-icon.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

07b09390d17f9111c54560c05663bb8581f09a13709fe41391044d29d69ff06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/Static/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "cc2b28c52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 14-38872646-38872584 2CNN RT(1589536260351 410) q(0 0 0 -1) r(0 0)
Cache-Control: max-age=29770, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 443
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 18:07:10 GMT

GET
H/1.1 200
OK footer-fb.png
www.nccgroup.trust/Static/img/ 592 B
1 KB 55ms
54ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/footer-fb.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

f06f25899bb1c884ad9e4b89601aadb32fac3efbf108a71aedaad622ee6d2da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/Static/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:27 GMT
X-CDN: Incapsula
Etag: "b973bc42e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 2-8870352-0 0CNN RT(1589536258618 2341) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=14588, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 592
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 13:54:08 GMT

GET
H/1.1 200
OK footer-twitter.png
www.nccgroup.trust/Static/img/ 1 KB
2 KB 56ms
56ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/footer-twitter.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

b001d450e3d22f48e169e106c415efeeaa3d7fe01bf23a4c31d4c3980c8515c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/Static/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "70151bc52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 12-14296635-0 0CNN RT(1589536260702 284) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=14588, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 1066
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 13:54:08 GMT

GET
H/1.1 200
OK footer-linkedin.png
www.nccgroup.trust/Static/img/ 813 B
1 KB 54ms
54ms Image
image/png 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nccgroup.trust/Static/img/footer-linkedin.png

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

4d56cebd2fb3b5d07e9f4f41b9b898f522b39ce930bfd7cec63caa0a33dcb519

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/Static/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Sep 2019 08:08:29 GMT
X-CDN: Incapsula
Etag: "7561ac52e62d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Iinfo: 14-38872738-0 0CNN RT(1589536260701 288) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=14588, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 813
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 13:54:08 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.nccgroup.trust/Static/fonts/ 55 KB
56 KB 103ms
54ms Font
application/font-woff2 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nccgroup.trust/Static/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.nccgroup.trust/Static/css/styles.css
Origin: https://www.nccgroup.trust

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Nov 2018 19:42:09 GMT
X-CDN: Incapsula
Etag: "acda7e4ad281d41:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2
X-Iinfo: 3-12383416-0 0CNN RT(1589536260351 355) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=14588, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 56780
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 13:54:08 GMT

GET
H/1.1 200
OK widgets.js Show response
www.nccgroup.trust/Static/js/vendor/ 104 KB
34 KB 58ms
57ms Script
application/x-javascript 149.126.77.103
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nccgroup.trust/Static/js/vendor/widgets.js

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/Static/js/scripts.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.103 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.103.ip.incapdns.net

Software

Resource Hash

c0f2dc7cfa27b42d417b36a68fbff8218a38d5a11940e9e26103855d4266c663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Nov 2018 19:42:09 GMT
X-CDN: Incapsula
Etag: "9b4ac24ad281d41:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
X-Iinfo: 3-12383416-0 0CNN RT(1589536260351 647) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=15523, public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 34167
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 May 2020 14:09:43 GMT

GET
H/1.1 200
OK embed.js Show response
nccgroup.disqus.com/ 66 KB
22 KB 450ms
329ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nccgroup.disqus.com/embed.js

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/Static/js/scripts.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

181d5fb0d3f9d263ca5447e68d846f2f343b60a4f06555c6daf82ffed5091eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:01 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 22110

GET
H/1.1 200
OK atc.min.js Show response
addtocalendar.com/atc/1.5/ 5 KB
3 KB 1132ms
257ms Script
text/javascript 34.195.112.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://addtocalendar.com/atc/1.5/atc.min.js
Requested by: Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/Static/js/scripts.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.112.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-112-7.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4a5670d5cd304172362d8d5fa9725ae990c9af3c821d2a265be0f56a84f6810e

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 09:51:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Sep 2019 14:28:18 GMT
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 2215

GET
H2 200 profile Show response
syndication.twitter.com/timeline/ 145 KB
10 KB 225ms
224ms Script
application/javascript 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/timeline/profile?callback=__twttrf.callback&dnt=false&screen_name=NCCGroupplc&suppress_response_codes=true&lang=en&rnd=0.7628746611928192

Requested by

Host: www.nccgroup.trust
URL: https://www.nccgroup.trust/Static/js/scripts.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ee6c6f551bbe7c9c7e8e6273fec19164ca3a4014b11955743dd4176dd89c88e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
content-length: 10410
x-xss-protection: 0
x-response-time: 176
last-modified: Fri, 15 May 2020 09:51:01 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 22ee9bddee2d4a251d2c511c3e6f3d1c
timing-allow-origin: *
x-transaction: 0090229e00f1d4aa
expires: Fri, 15 May 2020 09:56:01 GMT

GET lounge.db072b7d11b56c5c060394cab39e75c5.css
c.disquscdn.com/next/embed/styles/ 0
0

GET common.bundle.f9554506a08a1cc2b021f0dfc3f59ebb.js
c.disquscdn.com/next/embed/ 0
0

GET lounge.bundle.d3858dbda732166bc46a5391f5b0b789.js
c.disquscdn.com/next/embed/ 0
0

GET config.js
disqus.com/next/ 0
0

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 4714 0
0 286ms
225ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=nccgroup&t_u=https%3A%2F%2Fwww.nccgroup.trust%2Fuk%2Fabout-us%2Fnewsroom-and-events%2Fblogs%2F2017%2Faugust%2Fsmuggling-hta-files-in-internet-exploreredge%2F&t_d=Smuggling%20HTA%20files%20in%20Internet%20Explorer%2FEdge&t_t=Smuggling%20HTA%20files%20in%20Internet%20Explorer%2FEdge&s_o=default

Requested by

Host: nccgroup.disqus.com
URL: https://nccgroup.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/

Response headers

Connection: keep-alive
Content-Length: 2662
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 13 Aug 2019 07:16:37 GMT
ETag: W/"lounge:view:6049934240.b1d4a92e533d9d3b861c5809c42679d9.2"
Content-Encoding: gzip
Date: Fri, 15 May 2020 09:51:02 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET alfie.f51946af45e0b561c60f768335c9eb79.js
c.disquscdn.com/next/embed/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.db072b7d11b56c5c060394cab39e75c5.css

Domain: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f9554506a08a1cc2b021f0dfc3f59ebb.js

Domain: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.d3858dbda732166bc46a5391f5b0b789.js

Domain: disqus.com
URL: https://disqus.com/next/config.js

Domain: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nccgroup.trust/	1969-12-31 23:59:59	Name: incap_ses_770_349502 Value: X50oZHdtZTLlCPBRE5ivCgRmvl4AAAAAXvGMuS4x6nJ5JtiyehPTcA==
.nccgroup.trust/	1970-01-19 18:16:38	Name: visid_incap_349502 Value: pDwdmVmfQIKIVbhug+sYiAJmvl4AAAAAQUIPAAAAAACjCkGXwj1uDCnZPl2ssGZg
www.nccgroup.trust/	1970-01-19 18:17:52	Name: NCC_Consent Value: unconfirmed
www.nccgroup.trust/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: vj0s2oh2dtt0j03m4ccyirdm

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://ssl.google-analytics.com/ https://www.google-analytics.com https://pbs.twimg.com/ https://abs.twimg.com/ https://syndication.twitter.com https://platform.twitter.com; script-src 'self' https://widget.intercom.io/widget/ https://syndication.twitter.com https://js.intercomcdn.com/ cdn.syndication.twimg.com https://logws1309.ati-host.net/ https://cdn.ampproject.org https://apis.google.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/player_api https://ssl.google-analytics.com/ga.js https://static.adinsight.com https://metrics.responsetap.com https://platform.twitter.com https://cdn.syndication.twimg.com https://nccgroup.disqus.com https://a.disquscdn.com https://addtocalendar.com/atc/1.5/atc.min.js 'nonce-nyVnu27op4Ws3ecFWem3bsIHh9FBSOs6i49fZeWfXKmJexAt5oh9H5fOtGp7caayQQ6zlKRKgqN6a0EoF5W+GcohNokhEZFTMXTjsdMU8PWO9jWdst0sHwahgbURL1pBbLhz0RIXlzCZfYbsnL08YJk4+FQLqfzhixspMKWH7FQ='; style-src 'self' https://platform.twitter.com https://a.disquscdn.com 'unsafe-inline'; object-src 'self'; media-src 'self' https://syndication.twitter.com https://js.intercomcdn.com/ https://abs.twimg.com/ https://referrer.disqus.com/ https://platform.twitter.com https://a.disquscdn.com https://pbs.twimg.com; frame-src 'self' https://polaris.brighterir.com/ https://www.facebook.com/ https://player.vimeo.com/ https://www.mynewsdesk.com/ https://www.google.com/recaptcha/ https://www.youtube.com/embed/ https://www.google.com/maps/ https://platform.twitter.com https://syndication.twitter.com https://disqus.com/; connect-src 'self' https://www.google-analytics.com/ wss://nexus-websocket-a.intercom.io/ wss://nexus-websocket-b.intercom.io/ https://nexus-websocket-a.intercom.io/ https://nexus-websocket-b.intercom.io/ https://api-iam.intercom.io/ https://stats.g.doubleclick.net/ https://www.google.com/ ; font-src 'self' https://js.intercomcdn.com/fonts/ ; img-src 'self' data: https://placehold.it/ https://downloads.intercomcdn.com/ https://js.intercomcdn.com/ https://static.intercomassets.com/ https://logws1309.ati-host.net/ https://www.google.co.uk https://www.google.com https://stats.g.doubleclick.net https://ssl.gstatic.com/ https://www.google-analytics.com https://o.twimg.com/ https://syndication.twitter.com https://abs.twimg.com https://pbs.twimg.com/ https://ssl.google-analytics.com/ ;
Public-Key-Pins	max-age=604800; strict;
Strict-Transport-Security	max-age=10368000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addtocalendar.com
c.disquscdn.com
disqus.com
nccgroup.disqus.com
ssl.google-analytics.com
syndication.twitter.com
www.google.com
www.gstatic.com
www.nccgroup.trust
c.disquscdn.com
disqus.com
104.244.42.136
149.126.77.103
151.101.112.134
151.101.192.134
2a00:1450:4001:80b::2008
2a00:1450:4001:81a::2003
2a00:1450:4001:81e::2004
34.195.112.7
07b09390d17f9111c54560c05663bb8581f09a13709fe41391044d29d69ff06b
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
181d5fb0d3f9d263ca5447e68d846f2f343b60a4f06555c6daf82ffed5091eab
25084a51f9e4afbad0819a4cc76e772f2c17a93f2b1bf8f808df61a18313f211
36dc7869011147481b0fb8b8ab78cc222eb1e9332a10fff889552a4f8b1192a3
3f416198bd3caf13a549635f4322a599fe7143f13d2dc03d1503e73ca85869d5
3f79e20a113bf85fba371fed57f518202f351fb3a2931b23cb8c65ce3250fa1a
472e4e3b25281f6bb3f4f728dec6c4361818422bc4f25248f02c9cda5ff4d237
49a769464fdbed9171134de4b86bc66eb9fce901d54dad51ede76bdf4993d6a4
4a5670d5cd304172362d8d5fa9725ae990c9af3c821d2a265be0f56a84f6810e
4d56cebd2fb3b5d07e9f4f41b9b898f522b39ce930bfd7cec63caa0a33dcb519
52011ac7351dabb5e7de6c7b6df6e2fed5d95c94a82ae0f1ac2594eca43c9beb
5328eea382c5b4960de0b29558c5a996195e99c64dad206826ff5badc3e7a773
5330600f68293b69db933eba611413ffaa46ad7c992116b06933c620d7a3c43c
63e29b7a991bf59fe298bce979c25d9f1b9f7419624b360d8d66c48893956832
6d0e70e0aa408ba3da062a342100ea68bdf8c18660e567813885c36f50033bb9
6fdaf2df37080231e7b5d67937fe04f3d908ff89edfa8f4c791a6f1b818f7b3f
71fa51ab9f0664850f3820847b4d7c2b3693300f0215f401e4dd4f34f3a35fd3
7ab8d56af3ceac3d5429aa7f80680f340043191ef0e1d1a49e80a328e5e0b75c
8276117bcc362352b6d3a5f09093ad1955601fbe77fc4f11cb823df7ecdbc8f4
89bfeb9ea50df6f7c707b08b22a1b957a5fc8dce0e6eb26dadf8a09f5b564f65
9a26a63ca1194f3f7b197b8a9dfacf409bcbfb075dc272b2b2331d99ea72fe44
9c176b0f0b47230ebdfb1b0897172a213110f9aae3d5db2a1607d9b2dc530463
a7414bfaeadd14f999b3f02a0d1070f3b6e05542cb7cbe1c1a36614fe48f3bb0
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ab341ee7c687f2a073777c0332d5edc5af4eed3cf07b231d6f187f1c05c57f30
b001d450e3d22f48e169e106c415efeeaa3d7fe01bf23a4c31d4c3980c8515c6
b44dab49054df1c2e9ffedcdf77cdcb58b042797e915ef8b9da47a07d822d5e8
b95c33b49e7417c3b1548c947758acb3855f5fd3831d020e601e71351045f704
bcd96013124076241151b4ff6b2eb4013bf1193f7aeba528cbaf3f95632c38da
c0f2dc7cfa27b42d417b36a68fbff8218a38d5a11940e9e26103855d4266c663
c65b9391645fca55f2e0d0ce37d8baaa58f4e12a343aa01df236137c33572066
cdc877245014a5c27157929ca4636979ad7057564e05aaad85bc7c196fb75137
db80b69f673da275a2bb3c45e5dfa93e4fcb7d1a9da5e7907c6d6c708d0d2029
e22dc131ebe1ff555c4a89a955dd5280d7ccd4e9dd8030b3797e85aa3bc1b7e4
ee6c6f551bbe7c9c7e8e6273fec19164ca3a4014b11955743dd4176dd89c88e5
f037520c3611756bd1caf1d489bfaa3d74d3737e0f9254615b85d2966405c069
f06f25899bb1c884ad9e4b89601aadb32fac3efbf108a71aedaad622ee6d2da3
f2da2c56885d882ab313a4e055afd522de5fb9ba2188a300894392224ed29f88

www.nccgroup.trust Open in urlscan Pro 149.126.77.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

45 Requests

89 %HTTPS

38 %IPv6

8 Domains

9 Subdomains

9 IPs

2 Countries

2719 kBTransfer

4005 kBSize

4 Cookies

31 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nccgroup.trust Open in urlscan Pro
149.126.77.103 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

89 %
HTTPS

38 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

2719 kB
Transfer

4005 kB
Size

4
Cookies

45 HTTP transactions
0 data transactions