urlscan.io logo urlscan.io
SecurityTrails logo

blogs.quickheal.com Open in urlscan Pro
120.29.198.247  Public Scan

Go To Rescan Add Verdict Report
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Submission: On February 22 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 69 HTTP transactions. The main IP is 120.29.198.247, located in India and belongs to BITGRAVITY, US. The main domain is blogs.quickheal.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on April 19th 2022. Valid for: a year.
This is the only time blogs.quickheal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

59    120.29.198.247 (India)

ASN40009 (BITGRAVITY, US)
PTR: pc-gslb.nrt1.bitgravity.com
blogs.quickheal.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    2a00:1450:400d:80c::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Apex Domain
Subdomains		 Transfer
59 quickheal.com
blogs.quickheal.com
729 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 735
syndication.twitter.com — Cisco Umbrella Rank: 1007
132 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 768
70 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 196
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
43 KB
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1758
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
69 8
Domain Requested by
59 blogs.quickheal.com 1 redirects blogs.quickheal.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 platform.twitter.com blogs.quickheal.com
platform.twitter.com
2 maxcdn.bootstrapcdn.com blogs.quickheal.com
maxcdn.bootstrapcdn.com
1 syndication.twitter.com platform.twitter.com
1 cdnjs.cloudflare.com blogs.quickheal.com
1 www.googletagmanager.com blogs.quickheal.com
1 secure.gravatar.com blogs.quickheal.com
1 fonts.googleapis.com blogs.quickheal.com
69 9
Subject Issuer Validity Valid
*.quickheal.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-04-19 -
2023-05-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Frame ID: 8C27BE72EF98574AB22B9FAE4216D08D
Requests: 72 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fblogs.quickheal.com
Frame ID: 2BD2E591872510EF444CB50ED0D88AA2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Your Office Document is at Risk - XLL, A New Attack Vector

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

69
Requests

99 %
HTTPS

78 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

998 kB
Transfer

2606 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://blogs.quickheal.com/wp-json/wordpress-popular-posts/v1/popular-posts HTTP 301
  • https://blogs.quickheal.com/

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/ 		77 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
02a8fdaf3955daa57acf108697ebf7ded7a5d7c88495f4be94d16682732643db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 04:12:12 GMT
link
<https://blogs.quickheal.com/wp-json/>; rel="https://api.w.org/" <https://blogs.quickheal.com/wp-json/wp/v2/posts/91481>; rel="alternate"; type="application/json" <https://blogs.quickheal.com/?p=91481>; rel=shortlink
myheader
mshy.
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
referrer-policy
no-referrer-when-downgrade
server
v/6.5.0/6.5.18/vp3nrt1-www
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-cache
MISS,vp3nrt1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN, SAMEORIGIN ALLOW-FROM https://blogs.quickheal.com
x-pingback
https://blogs.quickheal.com/xmlrpc.php
x-tata-request-id
26579c2bbd02eaae1fb78351ec2699c3 26579c2bbd02eaae1fb78351ec2699c3
x-version
2
x-xss-protection
1; mode=block
external.css
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/ 		515 B
951 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
0b38fb5c436f55c30b976f7d46509bcb32c2653e5065b1e33253e1e1bc7c9de2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174319
x-tata-request-id
74e42c93c6c81fabdf4f69fcc2396639, 74e42c93c6c81fabdf4f69fcc2396639
x-cache
HIT,vp3nrt1
content-length
195
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"203-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
main.min.css
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/ 		310 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/main.min.css
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
946c135b26cea56f2b3867bd23d45c75eb81f65cb6a6213706ae326a4138f179
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174487
x-tata-request-id
a2469b08ed5d695a33e099bc8267dbf8, a2469b08ed5d695a33e099bc8267dbf8
x-cache
HIT,vp3nrt1
content-length
48014
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Apr 2021 12:06:57 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"4d61f-5bf89001eda40"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
style.min.css
blogs.quickheal.com/wp-includes/css/dist/block-library/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174319
x-tata-request-id
1fa84a0024f8ac0b7e51d82b811e3456, 1fa84a0024f8ac0b7e51d82b811e3456
x-cache
HIT,vp3nrt1
content-length
7906
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 21 Oct 2020 12:56:44 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"d293-5b22de1231b00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
multicolor-subscribe-widget.css
blogs.quickheal.com/wp-content/plugins/wp-multicolor-subscribe-widget/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/plugins/wp-multicolor-subscribe-widget/multicolor-subscribe-widget.css?ver=5.5.1
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
1bcee1b4d83dac08181855b025b990b8ed2653996d066ef2ac79cd947f5d268e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174319
x-tata-request-id
cc14b9d1f553243571bf7c093f96afa9, cc14b9d1f553243571bf7c093f96afa9
x-cache
HIT,vp3nrt1
content-length
450
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"435-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
wpp.css
blogs.quickheal.com/wp-content/themes/mh_cicero/ 		937 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/wpp.css?ver=5.2.4
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
ec9e533468bbc524beb33f6306a8ac0d4c928d4d91608d4fa01e778715c30087
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174487
x-tata-request-id
f04f6a43411091ed333521bdd97d5600, f04f6a43411091ed333521bdd97d5600
x-cache
HIT,vp3nrt1
content-length
474
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"3a9-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 04:12:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601, 617, 617
age
1818091
cdn-cachedat
2021-08-02 19:09:15
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a20f8f9fd039c143ec88748f1e9f7c9f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
79d4e1d5f85837d7-FRA
cdn-requestpullsuccess
True
style.css
blogs.quickheal.com/wp-content/themes/mh_cicero/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/style.css?ver=1.0.77
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
10b9897038db24ada365f99e6e9a8cfc026306b8905d4fefeed4bf5599ccc6f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174319
x-tata-request-id
90c6b3e6bee80318c64099014c9c9842, 90c6b3e6bee80318c64099014c9c9842
x-cache
HIT,vp3nrt1
content-length
2471
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 30 Apr 2021 14:34:40 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"243d-5c13183106000"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Prata|Open+Sans:300,400,400italic,600,700
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c626f64856192160e6d3b0dfa71f31ed0bfacc72bc36c96ab6821a2bd6b62bd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Feb 2023 04:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 04:12:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Feb 2023 04:12:13 GMT
sassy-social-share-public.css
blogs.quickheal.com/wp-content/plugins/sassy-social-share/public/css/ 		34 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.13
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
182cab990c2118fcdb18feab5115335e4eb4bc0b38bb30a36c4e73c92b080ea4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174319
x-tata-request-id
0d714660594809db374aa3c76a8b8fbf, 0d714660594809db374aa3c76a8b8fbf
x-cache
HIT,vp3nrt1
content-length
9666
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 21 Oct 2020 12:39:04 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"87d9-5b22da1f4ca00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
sassy-social-share-svg.css
blogs.quickheal.com/wp-content/plugins/sassy-social-share/admin/css/ 		109 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.13
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
7369eb7217705e08010dbd6c0ed5433f75e66391ff6f365372381b658b1f1da9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174487
x-tata-request-id
3e54607b0f65af31422fd2b2a161ee2b, 3e54607b0f65af31422fd2b2a161ee2b
x-cache
HIT,vp3nrt1
content-length
34664
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 21 Oct 2020 12:38:59 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"1b41d-5b22da1a87ec0"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
jquery-3.6.0.min.js
blogs.quickheal.com/wp-content/plugins/jquery-updater/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/plugins/jquery-updater/js/jquery-3.6.0.min.js?ver=3.6.0
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174319
x-tata-request-id
865c273ca872e9da69e9447b5845669b, 865c273ca872e9da69e9447b5845669b
x-cache
HIT,vp3nrt1
content-length
30947
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 10 May 2021 19:29:45 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"15d9d-5c1feccc6fc40"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
jquery-migrate-3.3.2.min.js
blogs.quickheal.com/wp-content/plugins/jquery-updater/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/plugins/jquery-updater/js/jquery-migrate-3.3.2.min.js?ver=3.3.2
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
f7e248392cea6eed6651423f5b9a4adafec5b15921a2f16ec54e1012be0aaee5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174319
x-tata-request-id
70a46d0b7da22fec070758dceedb7fdd, 70a46d0b7da22fec070758dceedb7fdd
x-cache
HIT,vp3nrt1
content-length
4170
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 10 May 2021 19:29:45 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"2bd8-5c1feccc6fc40"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
wpp.min.js
blogs.quickheal.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.2.4
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174319
x-tata-request-id
c431c040e84b52fe878a541ad773e9ed, c431c040e84b52fe878a541ad773e9ed
x-cache
HIT,vp3nrt1
content-length
1215
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 21 Oct 2020 12:45:08 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"a3a-5b22db7a6fd00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
scripts.js
blogs.quickheal.com/wp-content/themes/mh_cicero/js/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/js/scripts.js?ver=5.5.1
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
0219ff363240ec5b1a233d052229e68f241343660952c20e4898b1fe6637d19a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Fri, 17 Feb 2023 20:03:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
376099
x-tata-request-id
d99665dda3dd557c017bca905ea663ee, d99665dda3dd557c017bca905ea663ee
x-cache
HIT,vp3nrt1
content-length
11711
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"8e9b-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
logo.png
blogs.quickheal.com/wp-content/uploads/2016/08/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.quickheal.com/wp-content/uploads/2016/08/logo.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
0a06df48db68818d909fef4ca1f9940344aa038f4a474e38c39ba873e83e47b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 09:43:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
152948
x-tata-request-id
35f96a15290ef23b543da3f2dc9dd49c, 35f96a15290ef23b543da3f2dc9dd49c
x-cache
HIT,vp3nrt1
content-length
22703
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Jun 2020 12:00:36 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"58af-5a94bec522100"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
anjali_blog-70x70.png
blogs.quickheal.com/wp-content/uploads/2019/10/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.quickheal.com/wp-content/uploads/2019/10/anjali_blog-70x70.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
b39dca9292d5fbdb87b109ae221af807248e56e027fb17f9de9f0563c55af2db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Tue, 21 Feb 2023 01:09:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
142620
x-tata-request-id
80a0b951a317c19068036b1e3039d36b, 80a0b951a317c19068036b1e3039d36b
x-cache
HIT,vp3nrt1
content-length
10939
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 May 2020 17:59:24 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"2abb-5a59f74f2b700"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
bajarang-80x81.jpg
blogs.quickheal.com/wp-content/uploads/2016/04/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.quickheal.com/wp-content/uploads/2016/04/bajarang-80x81.jpg
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
1fef10664a08f7b6e533160c274d4d62f7706aa66cb49c9aea71423509e1cb4c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Tue, 21 Feb 2023 11:13:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
61853
x-tata-request-id
fe51402ac60f08528cec5552fdba229e, fe51402ac60f08528cec5552fdba229e
x-cache
HIT,vp3nrt1
content-length
3008
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 May 2020 13:22:07 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"bc0-5a59b954e3dc0"
x-frame-options
ALLOW-FROM https://blogs.quickheal.com
content-type
image/jpeg
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
347ff7149d6028cad83f525e7e935845
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/347ff7149d6028cad83f525e7e935845?s=80&d=mm&r=g
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 22 Feb 2023 04:12:13 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="347ff7149d6028cad83f525e7e935845.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/347ff7149d6028cad83f525e7e935845?s=80&d=mm&r=g>; rel="canonical"
content-length
1323
expires
Wed, 22 Feb 2023 04:17:13 GMT
Quickheal-logo-80x81.png
blogs.quickheal.com/wp-content/uploads/2020/03/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.quickheal.com/wp-content/uploads/2020/03/Quickheal-logo-80x81.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
227ce490d0f195a8b3e07b28368c16aaaeec5bbd2c5b6d02af976a96c1226994
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Tue, 21 Feb 2023 11:13:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
61852
x-tata-request-id
d466a00f873290ed30cef1b82e5ba64b, d466a00f873290ed30cef1b82e5ba64b
x-cache
HIT,vp3nrt1
content-length
6636
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 May 2020 19:10:02 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"19ec-5a5a0718d7680"
x-frame-options
ALLOW-FROM https://blogs.quickheal.com
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
securimage_show.php
blogs.quickheal.com/wp-content/plugins/si-captcha-for-wordpress/captcha/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.quickheal.com/wp-content/plugins/si-captcha-for-wordpress/captcha/securimage_show.php?si_form_id=com&prefix=BZ4LyznAA5zWnBuW
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
ed758ceabbd024ef927acbc7d220d42654a52aa08dbe936e86bd8b4b583d4ab0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
2
date
Wed, 22 Feb 2023 04:12:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
0
x-tata-request-id
279036cf2330d9b5f45428e89273ad7c, 279036cf2330d9b5f45428e89273ad7c
x-cache
MISS,vp3nrt1
content-length
7418
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Feb 2023 04:11:32GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
content-type
image/png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
expires
Mon, 26 Jul 1997 05:00:00 GMT
refresh.png
blogs.quickheal.com/wp-content/plugins/si-captcha-for-wordpress/captcha/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.quickheal.com/wp-content/plugins/si-captcha-for-wordpress/captcha/images/refresh.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
7efa72f5d3878a1f7145d552d8d2186bac3942fce7b3d7e3a51550c3bc9ab3cb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Tue, 21 Feb 2023 11:13:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
61852
x-tata-request-id
bbc423f708ea3f7ad8b49dffe94e95ed, bbc423f708ea3f7ad8b49dffe94e95ed
x-cache
HIT,vp3nrt1
content-length
1106
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"452-59ee973dd3a00"
x-frame-options
ALLOW-FROM https://blogs.quickheal.com
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
popper.min.js
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/js/popper.min.js
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174484
x-tata-request-id
fa87bd1f785b4299fc1183bcdedc1eba, fa87bd1f785b4299fc1183bcdedc1eba
x-cache
HIT,vp3nrt1
content-length
6911
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"4af4-59ee973dd3a00"
x-frame-options
ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
bootstrap.min.js
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/js/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/js/bootstrap.min.js
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174318
x-tata-request-id
6a51198b6f08f282728841472f3f7fc9, 6a51198b6f08f282728841472f3f7fc9
x-cache
HIT,vp3nrt1
content-length
14090
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"c75f-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
jquery.mCustomScrollbar.js
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/js/ 		91 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/js/jquery.mCustomScrollbar.js
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
63fc653edb51bfa3d49559c3a85663887048a0a230b3e4b3f9f51bc8daf9368e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174318
x-tata-request-id
1a331869c60770ee75950d908e95fdaf, 1a331869c60770ee75950d908e95fdaf
x-cache
HIT,vp3nrt1
content-length
22223
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"16b15-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
slick.min.js
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/js/slick.min.js
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174318
x-tata-request-id
0d25e4854b0f3e68051ac75582789fda, 0d25e4854b0f3e68051ac75582789fda
x-cache
HIT,vp3nrt1
content-length
10434
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"a76f-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
ion.rangeSlider.js
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/js/ 		83 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/js/ion.rangeSlider.js
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
9e2ba925b0679c27ec34e25225bb429fc65912f44012cf0e20bdb4de27aec855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174484
x-tata-request-id
5e9ad86aa2692544fae89f2b16d402b1, 5e9ad86aa2692544fae89f2b16d402b1
x-cache
HIT,vp3nrt1
content-length
13229
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"14aa9-59ee973dd3a00"
x-frame-options
ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
custom.js
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/js/ 		50 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/js/custom.js
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
103e38eb9f321279273c34a872d013016b82efc4eb07b2cabc38c051bf66fc7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174318
x-tata-request-id
d6265f30969ffb39cc11a0b9cb9b7b81, d6265f30969ffb39cc11a0b9cb9b7b81
x-cache
HIT,vp3nrt1
content-length
7978
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 10 May 2021 19:58:56 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"c62b-5c1ff35252000"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
si_captcha.js
blogs.quickheal.com/wp-content/plugins/si-captcha-for-wordpress/captcha/ 		685 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/plugins/si-captcha-for-wordpress/captcha/si_captcha.js?ver=1.0
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
c52d8ecaada50da7a9739ca285872b431fad51042eccf398e2c2ecad8013880b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 07:26:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
161147
x-tata-request-id
3d96f0fe9f33df03d4b38c4cf0abcb3e, 3d96f0fe9f33df03d4b38c4cf0abcb3e
x-cache
HIT,vp3nrt1
content-length
380
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"2ad-59ee973dd3a00"
x-frame-options
ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-2934888-6
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e11fd155c9363b07dbe5a13ff4d7b4d116fcf9fe4503d3da26bd1fa7e1e9c3dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 04:12:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44128
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Feb 2023 04:12:13 GMT
slickQuiz.css
blogs.quickheal.com/wp-content/plugins/slickquiz/slickquiz/css/ 		908 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/plugins/slickquiz/slickquiz/css/slickQuiz.css?ver=5.5.1
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
48d1d7078b27223c895b4a9604916429879cc4e00e3a8772d64c76aa406711f6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174318
x-tata-request-id
d3c8b92bc54abdbb2ef0e3f3ca4d4f87, d3c8b92bc54abdbb2ef0e3f3ca4d4f87
x-cache
HIT,vp3nrt1
content-length
475
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"38c-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
front.css
blogs.quickheal.com/wp-content/plugins/slickquiz/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/plugins/slickquiz/css/front.css?ver=5.5.1
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
0f8a76154e9d4d4f95724c6fa01caa18d4511ad594363004e03055859da90ccf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174318
x-tata-request-id
1d7cc8120bb0e83e683c6ff55d9d4fae, 1d7cc8120bb0e83e683c6ff55d9d4fae
x-cache
HIT,vp3nrt1
content-length
929
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"d5d-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
comment-reply.min.js
blogs.quickheal.com/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-includes/js/comment-reply.min.js?ver=5.5.1
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
d06df4184ba84e09a4be6a6ed101d1c3adefea0eaa833ddecf2f2251f6af33a3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 07:26:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
161147
x-tata-request-id
f145d9429a1bceaa0e156bcd4dab083d, f145d9429a1bceaa0e156bcd4dab083d
x-cache
HIT,vp3nrt1
content-length
1313
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 21 Oct 2020 12:56:08 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"b2d-5b22ddefdca00"
x-frame-options
ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
sassy-social-share-public.js
blogs.quickheal.com/wp-content/plugins/sassy-social-share/public/js/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.13
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
d58ad6f49f6f268e1640104190bd2196306450aac1d7398cbda98e8330ab3a9b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174318
x-tata-request-id
9cd94cffc90666afa5e5b0aa5e9f023e, 9cd94cffc90666afa5e5b0aa5e9f023e
x-cache
HIT,vp3nrt1
content-length
11078
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 21 Oct 2020 12:39:05 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"ab5b-5b22da2040c40"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
wp-embed.min.js
blogs.quickheal.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174318
x-tata-request-id
8222aefe3e32e2c76f99d8b5c94e2fa2, 8222aefe3e32e2c76f99d8b5c94e2fa2
x-cache
HIT,vp3nrt1
content-length
769
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 21 Oct 2020 12:56:10 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"59a-5b22ddf1c4e80"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
form.js
blogs.quickheal.com/wp-content/plugins/akismet/_inc/ 		700 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/plugins/akismet/_inc/form.js?ver=4.1.6
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Tue, 21 Feb 2023 06:22:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
78881
x-tata-request-id
942ab3e7e4b6cb4749a4d8eed0ede632, 942ab3e7e4b6cb4749a4d8eed0ede632
x-cache
HIT,vp3nrt1
content-length
318
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 21 Oct 2020 12:56:41 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"2bc-5b22de0f55440"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
slickQuiz.js
blogs.quickheal.com/wp-content/plugins/slickquiz/slickquiz/js/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/plugins/slickquiz/slickquiz/js/slickQuiz.js?ver=5.5.1
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
5ac7017782855b44f36da92da024c5de980002bd06ca9c94dc631e8c26e9b57c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174483
x-tata-request-id
284fe2ecbcd9a2936fb2f23036eb5f43, 284fe2ecbcd9a2936fb2f23036eb5f43
x-cache
HIT,vp3nrt1
content-length
7290
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"9587-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js?ver=5.5.1
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 04:12:13 GMT
Content-Encoding
gzip
Age
823
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
x-amzn-internal-status
304
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (frb/67C2)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
fonts.css
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/fonts.css
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
6a946b7bb1b1b4ee0f110d91fc7f20bea2222a67511231d119065c8465b735b3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174319
x-tata-request-id
d9ceea88bcf02829beb1f3f10a5beba8, d9ceea88bcf02829beb1f3f10a5beba8
x-cache
HIT,vp3nrt1
content-length
493
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"11b3-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
icomoon.css
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/icomoon.css
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
d33cb4483ae22716a581b89f523332a52e07ebc94f845e02c5bc3e47633cc40c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 03:52:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
174319
x-tata-request-id
f8e2ac567e556942291c3208091709c6, f8e2ac567e556942291c3208091709c6
x-cache
HIT,vp3nrt1
content-length
772
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"b1d-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
font-awesome.min.css
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/font-awesome.min.css
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 07:26:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
161147
x-tata-request-id
73b9b0d07fad48000cb17e09117968c8, 73b9b0d07fad48000cb17e09117968c8
x-cache
HIT,vp3nrt1
content-length
7050
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"7918-59ee973dd3a00"
x-frame-options
ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
bootstrap.min.css
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/ 		141 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/bootstrap.min.css
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 07:26:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
161147
x-tata-request-id
d1c4785ff3ba99a911fbd201ddfa8fea, d1c4785ff3ba99a911fbd201ddfa8fea
x-cache
HIT,vp3nrt1
content-length
20563
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"235ed-59ee973dd3a00"
x-frame-options
ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
slick-theme.css
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/slick-theme.css
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
9a4d7d9a0106d9d3051a41da5640ff7b299a9c10557eadb08cff8ae7f7c89fd1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 07:26:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
161147
x-tata-request-id
5f26bb61625b02633acc47b7baaff56a, 5f26bb61625b02633acc47b7baaff56a
x-cache
HIT,vp3nrt1
content-length
870
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"c55-59ee973dd3a00"
x-frame-options
ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
slick.css
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/slick.css
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Fri, 17 Feb 2023 20:03:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
376098
x-tata-request-id
2d1a263e57100854fdc1f13188198470, 2d1a263e57100854fdc1f13188198470
x-cache
HIT,vp3nrt1
content-length
569
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"6f0-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
jquery.mCustomScrollbar.css
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/ 		52 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/jquery.mCustomScrollbar.css
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
bf3bdcf2de703f24db84e167ce024c84db5b27cddb4aa21a09b1b10ba2217154
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 07:26:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
161147
x-tata-request-id
90b178b916a5b02eaeb5d803ef2aefe6, 90b178b916a5b02eaeb5d803ef2aefe6
x-cache
HIT,vp3nrt1
content-length
5588
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"d14f-59ee973dd3a00"
x-frame-options
ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
animate.css
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/ 		76 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/animate.css
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
6b6b686ecaa56e02ec5aced95541a03f922f599b31f1b4cd429ceca824a6e669
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 07:26:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
161147
x-tata-request-id
811921dfbd8ab6733c33c3a5d60f4d74, 811921dfbd8ab6733c33c3a5d60f4d74
x-cache
HIT,vp3nrt1
content-length
4767
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"13053-59ee973dd3a00"
x-frame-options
ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
ion.rangeSlider.css
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/ion.rangeSlider.css
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
ca6495abad9c91ebd650db661d0f9fc8430ebeb3fc25bbdb8787fb98805f9c8a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 07:26:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
161147
x-tata-request-id
bf6351aec1acc33e923eb1150faad12e, bf6351aec1acc33e923eb1150faad12e
x-cache
HIT,vp3nrt1
content-length
2308
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"33f0-59ee973dd3a00"
x-frame-options
ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
horizetal.css
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/ 		582 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/horizetal.css
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
2bf3f6f78d36d158d2d6f37904c9c8e20a21520dd290086f51fd91eaba51d750
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/external.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Mon, 20 Feb 2023 09:43:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
152949
x-tata-request-id
83c1020b2e51a53af9cfb867257f5724, 83c1020b2e51a53af9cfb867257f5724
x-cache
HIT,vp3nrt1
content-length
313
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"246-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
wp-emoji-release.min.js
blogs.quickheal.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Tue, 21 Feb 2023 06:22:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
78881
x-tata-request-id
370593484468c24ca69283e62c4196d7, 370593484468c24ca69283e62c4196d7
x-cache
HIT,vp3nrt1
content-length
4671
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 21 Oct 2020 12:56:11 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
W/"37a6-5b22ddf2b90c0"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
/
blogs.quickheal.com/
Redirect Chain
  • https://blogs.quickheal.com/wp-json/wordpress-popular-posts/v1/popular-posts
  • https://blogs.quickheal.com/
70 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
9e0570d214768716112b5aaa9b864112172bb0699969547cda13350365236e7d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
2
date
Wed, 22 Feb 2023 04:12:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
myheader
mshy.
age
0
x-tata-request-id
d503a4c32c93633bd7bf954294aca75c, d503a4c32c93633bd7bf954294aca75c
x-cache
MISS,vp3nrt1
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
v/6.5.0/6.5.18/vp3nrt1-www
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
link
<https://blogs.quickheal.com/wp-json/>; rel="https://api.w.org/"

Redirect headers

x-version
2
date
Wed, 22 Feb 2023 04:12:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
server
v/6.5.0/6.5.18/vp3nrt1-www
age
0
x-tata-request-id
d03d1d3874fef4e556b403be0b9bbd13, d03d1d3874fef4e556b403be0b9bbd13
x-frame-options
ALLOW-FROM https://blogs.quickheal.com
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
location
https://blogs.quickheal.com/
x-cache
MISS,vp3nrt1
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
content-length
196
filter-line.png
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/images/filter-line.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/themes/mh_cicero/style.css?ver=1.0.77
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
5870e116107aac4c15a929d309de5b6fad3d10e27ecb63578d7beb01e7609d07
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/style.css?ver=1.0.77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Tue, 21 Feb 2023 11:32:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
61853
x-tata-request-id
633d244eae75b4b0eb23d2b9b390a01e, 633d244eae75b4b0eb23d2b9b390a01e
x-cache
HIT,vp3nrt1
content-length
1273
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"4f9-59ee973dd3a00"
x-frame-options
ALLOW-FROM https://blogs.quickheal.com
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
BarlowRegular.woff2
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/fonts/barlow/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/fonts/barlow/BarlowRegular.woff2
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
9b52f94241a23c0614e1dc71bf305ac914a73e0cbabdb6f09a5c8519ed67b43c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/fonts.css
Origin
https://blogs.quickheal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
2
date
Wed, 22 Feb 2023 04:12:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
0
x-tata-request-id
617d432f8519f6a2639b15fd32659dbe, 617d432f8519f6a2639b15fd32659dbe
x-cache
MISS,vp3nrt1
content-length
40636
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"9ebc-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Origin
https://blogs.quickheal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 04:12:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1053
age
4184522
cdn-cachedat
11/15/2022 10:30:17
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65452
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
"d95d6f5d5ab7cfefd09651800b69bd54"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
3f8f208b2b5197478122c85933088bfa
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
79d4e1dadeeebb7d-FRA
cdn-requestpullsuccess
True
BarlowMedium.woff2
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/fonts/barlow/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/fonts/barlow/BarlowMedium.woff2
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
9a5756f5f69fac107538f53ce9b0733ce44c94b1316544fab7e1b8f8cf9358db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/fonts.css
Origin
https://blogs.quickheal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
2
date
Wed, 22 Feb 2023 04:12:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
0
x-tata-request-id
89b23c9415b64070f5c6a887994e743d, 89b23c9415b64070f5c6a887994e743d
x-cache
MISS,vp3nrt1
content-length
40648
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"9ec8-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
BarlowBold.woff2
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/fonts/barlow/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/fonts/barlow/BarlowBold.woff2
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
d75e1f844d778cf6f8b25b1df8396fb57ea44255711218d62a3390439eacc28a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/fonts.css
Origin
https://blogs.quickheal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
2
date
Wed, 22 Feb 2023 04:12:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
0
x-tata-request-id
919e579396e773cc14c8fe012a08066e, 919e579396e773cc14c8fe012a08066e
x-cache
MISS,vp3nrt1
content-length
41796
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"a344-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
truncated
/ 		302 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		682 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		425 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54c9560cb0117d8d1f955aefe0f88b843517964e118512d8f1a224a8a9b662f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		436 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2662e0eef0f270830358bb255f079f695da71794ecbe8ba0825200862d8e9746

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
BarlowBlack.woff2
blogs.quickheal.com/wp-content/themes/mh_cicero/assets/fonts/barlow/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/fonts/barlow/BarlowBlack.woff2
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
191c24e8b57dacfddef6db59cddd5bedf9d17df7fd32a9fbafedd714e6d272a9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.quickheal.com/wp-content/themes/mh_cicero/assets/css/fonts.css
Origin
https://blogs.quickheal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
2
date
Wed, 22 Feb 2023 04:12:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
0
x-tata-request-id
f12b6798457e3e663683163c016e42bc, f12b6798457e3e663683163c016e42bc
x-cache
MISS,vp3nrt1
content-length
41724
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 08:19:52 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"a2fc-59ee973dd3a00"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
xll-789x425.jpg
blogs.quickheal.com/wp-content/uploads/2023/02/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.quickheal.com/wp-content/uploads/2023/02/xll-789x425.jpg
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
2912d679824661658f257832b5a7e90fa4f665694396f85d6d5c716786537141
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Tue, 21 Feb 2023 12:26:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
58357
x-tata-request-id
6f07a4b0f34fea834b729ea303727cbd, 6f07a4b0f34fea834b729ea303727cbd
x-cache
HIT,vp3nrt1
content-length
45449
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Feb 2023 11:30:03 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"b189-5f53419cff611"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
content-type
image/jpeg
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
Security-Risk-Warning-768x63.png
blogs.quickheal.com/wp-content/uploads/2023/02/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.quickheal.com/wp-content/uploads/2023/02/Security-Risk-Warning-768x63.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
f0c90af9ea731eddf3169d55b8ea0e7b1c3da09fa198d77e43cde0fd4495eaa0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Tue, 21 Feb 2023 12:24:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
58354
x-tata-request-id
1aa9e9e0d7109e6379af4fda8d7cdf54, 1aa9e9e0d7109e6379af4fda8d7cdf54
x-cache
HIT,vp3nrt1
content-length
14308
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Feb 2023 05:17:42 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"37e4-5f52ee62a9a96"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
Malicious-DLL-with-.XLL-extension.png
blogs.quickheal.com/wp-content/uploads/2023/02/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.quickheal.com/wp-content/uploads/2023/02/Malicious-DLL-with-.XLL-extension.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
a29b69120a448039ba1195aaed622c5a5fc39bef607ebd54edc279d0b6fb109a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Tue, 21 Feb 2023 12:08:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
82145
x-tata-request-id
d8f9bb66d24c819aeab0a1a6cef43eeb, d8f9bb66d24c819aeab0a1a6cef43eeb
x-cache
HIT,vp3nrt1
content-length
10638
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Feb 2023 05:22:33 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"298e-5f52ef77d9df0"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
MS-office-warning-for-Add-in.png
blogs.quickheal.com/wp-content/uploads/2023/02/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.quickheal.com/wp-content/uploads/2023/02/MS-office-warning-for-Add-in.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
0d31c9df557ddd3f7e20233ec0199f743bd9ede8c1af494f05cc7434be420c53
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Tue, 21 Feb 2023 11:59:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
82065
x-tata-request-id
19f04263212b06b515a413a2d82e55d1, 19f04263212b06b515a413a2d82e55d1
x-cache
HIT,vp3nrt1
content-length
27884
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Feb 2023 05:23:49 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"6cec-5f52efc04a4e4"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
DLL-Export-Function.png
blogs.quickheal.com/wp-content/uploads/2023/02/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.quickheal.com/wp-content/uploads/2023/02/DLL-Export-Function.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
95d52ddb8d27ecd903644502f4869a13f1e796fec1450175cc068df61a403887
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Tue, 21 Feb 2023 12:26:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
81949
x-tata-request-id
a98f88b312df1835ea7810e5207d4377, a98f88b312df1835ea7810e5207d4377
x-cache
HIT,vp3nrt1
content-length
4970
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Feb 2023 05:25:44 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"136a-5f52f02ecc1a3"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
Process-Flow-of-Execution.png
blogs.quickheal.com/wp-content/uploads/2023/02/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.quickheal.com/wp-content/uploads/2023/02/Process-Flow-of-Execution.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
7bff57023ec12de6d3f2cb8ad3cab8f32092f65a6b2232ce4c631c52da4f9c45
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Tue, 21 Feb 2023 12:38:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
81682
x-tata-request-id
35a43f5d05c4659675483bb08ec0ae1c, 35a43f5d05c4659675483bb08ec0ae1c
x-cache
HIT,vp3nrt1
content-length
8031
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Feb 2023 05:30:12 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"1f5f-5f52f12e1c36c"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
Code-for-generation-of-Link-and-connection.png
blogs.quickheal.com/wp-content/uploads/2023/02/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.quickheal.com/wp-content/uploads/2023/02/Code-for-generation-of-Link-and-connection.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
c6569613f16a97ff540232f3c1aec7a492c66b7ba751a76d971886f8a62368ed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Tue, 21 Feb 2023 12:43:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
80152
x-tata-request-id
7c8d5b26ef97b8828527d96731b09d50, 7c8d5b26ef97b8828527d96731b09d50
x-cache
HIT,vp3nrt1
content-length
18080
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Feb 2023 05:55:42 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"46a0-5f52f6e179a61"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
filesetup_v17.3.4-folder-into-Temp.png
blogs.quickheal.com/wp-content/uploads/2023/02/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.quickheal.com/wp-content/uploads/2023/02/filesetup_v17.3.4-folder-into-Temp.png
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
120.29.198.247 , India, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-gslb.nrt1.bitgravity.com
Software
v/6.5.0/6.5.18/vp3nrt1-www /
Resource Hash
ff1ace23daaa8e56103063dccb4005b032eb21f33b9c86e05b3b2172e4d1c5c0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-version
23.s
date
Tue, 21 Feb 2023 12:38:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
myheader
mshy.
age
60120
x-tata-request-id
d32638d75a353e55828285b3da09e1d0, d32638d75a353e55828285b3da09e1d0
x-cache
HIT,vp3nrt1
content-length
27173
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Feb 2023 06:04:16 GMT
server
v/6.5.0/6.5.18/vp3nrt1-www
etag
"6a25-5f52f8cbaf8d8"
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW-FROM https://blogs.quickheal.com
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
jquery.mousewheel.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js
Requested by
Host: blogs.quickheal.com
URL: https://blogs.quickheal.com/wp-content/plugins/jquery-updater/js/jquery-3.6.0.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 04:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2343064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1046
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-ad3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CshsrcG3mY6gowF8eu2v4EPf6pSYIlreUtppX%2FwYEgnLBHyS3dtW99gY3HjYxaRPVrzQPRWxUMSI3U06gTa7n7eVkMyLsvKv609ge%2FAiYcoZOunnGzY4%2FaHclBXwO6ZV%2BYmwkgMg86kq9OTh8GZkVC1w"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
79d4e1dc98ec5c5c-FRA
expires
Mon, 12 Feb 2024 04:12:14 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 2BD2 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fblogs.quickheal.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=5.5.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/675D) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2442530
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Feb 2023 04:12:14 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/675D)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2934888-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 03:12:06 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3608
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 22 Feb 2023 05:12:06 GMT
settings
syndication.twitter.com/ Frame 2BD2 		919 B
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=dfbdadb2dc60bda9eb976ecd418c16d52adec239
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fblogs.quickheal.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ee80cf3b15ea6f7dd08ba1b6bbb065994092b94415845536e0db3476ea80fad4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time
113
date
Wed, 22 Feb 2023 04:12:13 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 22 Feb 2023 04:12:14 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
a62f38b1cd00d7de
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
aa0c6ab68b068381156342e22ec0a5b2490f322e21f47bd57dc4a44cc4b079ae
content-length
326
collect
www.google-analytics.com/j/ 		1 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1645957963&t=pageview&_s=1&dl=https%3A%2F%2Fblogs.quickheal.com%2Fyour-office-document-is-at-risk-xll-a-new-attack-vector%2F&ul=en-us&de=UTF-8&dt=Your%20Office%20Document%20is%20at%20Risk%20-%20XLL%2C%20A%20New%20Attack%20Vector&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1247149378&gjid=2066028710&cid=1305840434.1677039134&tid=UA-2934888-6&_gid=163979270.1677039134&_r=1&gtm=457e32f0&z=740642751
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blogs.quickheal.com/your-office-document-is-at-risk-xll-a-new-attack-vector/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 04:12:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blogs.quickheal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange string| ajaxurl object| _wpemojiSettings function| $ function| jQuery object| wpp_params object| WordPressPopularPosts string| subbox_text function| subscribeSubmit function| Popper object| bootstrap boolean| mCustomScrollbar function| mscrollbar function| mscrollbarY function| productSlider function| faqSlider function| popularSlider function| webSlider function| webBlogSlider function| jsMobDot function| bannerSlider function| awardSlider function| articleSlider function| newsSlider function| choiceSlider function| testimonialSlider function| protectionDevicesSlider function| sayReviewSlider function| quarterlySlider function| productWebinarSlider function| jsBenefitsSlider function| fullSlider function| halfSlider function| sliderleftspace function| cartAccordian function| filterScrollFix function| fixedHeader function| filterTopSpace function| filterfixonclick function| backdrop function| searchInput function| upcomingEventSlider function| InvestoContactrSlider function| textBoxActive function| dropdownActive function| tabCart function| setCookie function| getCookie function| changeTab function| resizeToggleSlider number| page number| categoryOffset function| si_captcha_refresh function| gtag object| dataLayer object| addComment function| heateorSssLoadEvent string| heateorSssSharingAjaxUrl string| heateorSssCloseIconPath string| heateorSssPluginIconPath number| heateorSssHorizontalSharingCountEnable number| heateorSssVerticalSharingCountEnable number| heateorSssSharingOffset number| heateorSssMobileStickySharingEnabled string| heateorSssCopyLinkMessage object| heateorSssUrlCountFetched string| heateorSssSharesText string| heateorSssShareText function| heateorSssPopup string| heateorSssWhatsappShareAPI function| heateorSssCallAjax function| heateorSssGetScript function| heateorSssDetermineWhatsappShareAPI function| heateorSssMoreSharingPopup function| heateorSssFilterSharing object| heateorSssFacebookTargetUrls function| heateorSssGetSharingCounts function| heateorSssFetchFacebookShares function| heateorSssFBShareJSONCall function| heateorSssSaveFacebookShares function| heateorSssCalculateApproxCount function| heateorSssCalculateActualCount function| heateorSssCapitaliseFirstLetter function| heateorSssHideSharing function| ClipboardJS object| wp object| __twttrll object| twttr object| __twttr object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga number| dx object| ak_js object| commentForm undefined| replyRowContainer undefined| children object| gaplugins object| gaGlobal object| gaData object| twemoji

4 Cookies

Domain/Path Name / Value
.quickheal.com/ Name: _ga
Value: GA1.2.1305840434.1677039134
.quickheal.com/ Name: _gid
Value: GA1.2.163979270.1677039134
.quickheal.com/ Name: _gat_gtag_UA_2934888_6
Value: 1
blogs.quickheal.com/ Name: PHPSESSID
Value: 8kp2ghuio0s86tshgpsmekhp9q

1 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN ALLOW-FROM https://blogs.quickheal.com
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogs.quickheal.com
cdnjs.cloudflare.com
fonts.googleapis.com
maxcdn.bootstrapcdn.com
platform.twitter.com
secure.gravatar.com
syndication.twitter.com
www.google-analytics.com
www.googletagmanager.com
104.244.42.8
120.29.198.247
2606:2800:234:59:254c:406:2366:268c
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2008
2a00:1450:400d:80e::200a
2a04:fa87:fffe::c000:4902
0219ff363240ec5b1a233d052229e68f241343660952c20e4898b1fe6637d19a
02a8fdaf3955daa57acf108697ebf7ded7a5d7c88495f4be94d16682732643db
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
0a06df48db68818d909fef4ca1f9940344aa038f4a474e38c39ba873e83e47b4
0b38fb5c436f55c30b976f7d46509bcb32c2653e5065b1e33253e1e1bc7c9de2
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d31c9df557ddd3f7e20233ec0199f743bd9ede8c1af494f05cc7434be420c53
0f8a76154e9d4d4f95724c6fa01caa18d4511ad594363004e03055859da90ccf
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
103e38eb9f321279273c34a872d013016b82efc4eb07b2cabc38c051bf66fc7b
10b9897038db24ada365f99e6e9a8cfc026306b8905d4fefeed4bf5599ccc6f9
182cab990c2118fcdb18feab5115335e4eb4bc0b38bb30a36c4e73c92b080ea4
191c24e8b57dacfddef6db59cddd5bedf9d17df7fd32a9fbafedd714e6d272a9
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1bcee1b4d83dac08181855b025b990b8ed2653996d066ef2ac79cd947f5d268e
1fef10664a08f7b6e533160c274d4d62f7706aa66cb49c9aea71423509e1cb4c
227ce490d0f195a8b3e07b28368c16aaaeec5bbd2c5b6d02af976a96c1226994
2662e0eef0f270830358bb255f079f695da71794ecbe8ba0825200862d8e9746
2912d679824661658f257832b5a7e90fa4f665694396f85d6d5c716786537141
2bf3f6f78d36d158d2d6f37904c9c8e20a21520dd290086f51fd91eaba51d750
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
48d1d7078b27223c895b4a9604916429879cc4e00e3a8772d64c76aa406711f6
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86
54c9560cb0117d8d1f955aefe0f88b843517964e118512d8f1a224a8a9b662f4
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5870e116107aac4c15a929d309de5b6fad3d10e27ecb63578d7beb01e7609d07
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ac7017782855b44f36da92da024c5de980002bd06ca9c94dc631e8c26e9b57c
63fc653edb51bfa3d49559c3a85663887048a0a230b3e4b3f9f51bc8daf9368e
6a946b7bb1b1b4ee0f110d91fc7f20bea2222a67511231d119065c8465b735b3
6b6b686ecaa56e02ec5aced95541a03f922f599b31f1b4cd429ceca824a6e669
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7369eb7217705e08010dbd6c0ed5433f75e66391ff6f365372381b658b1f1da9
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bff57023ec12de6d3f2cb8ad3cab8f32092f65a6b2232ce4c631c52da4f9c45
7efa72f5d3878a1f7145d552d8d2186bac3942fce7b3d7e3a51550c3bc9ab3cb
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
946c135b26cea56f2b3867bd23d45c75eb81f65cb6a6213706ae326a4138f179
95d52ddb8d27ecd903644502f4869a13f1e796fec1450175cc068df61a403887
9a4d7d9a0106d9d3051a41da5640ff7b299a9c10557eadb08cff8ae7f7c89fd1
9a5756f5f69fac107538f53ce9b0733ce44c94b1316544fab7e1b8f8cf9358db
9b52f94241a23c0614e1dc71bf305ac914a73e0cbabdb6f09a5c8519ed67b43c
9e0570d214768716112b5aaa9b864112172bb0699969547cda13350365236e7d
9e2ba925b0679c27ec34e25225bb429fc65912f44012cf0e20bdb4de27aec855
a29b69120a448039ba1195aaed622c5a5fc39bef607ebd54edc279d0b6fb109a
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
b39dca9292d5fbdb87b109ae221af807248e56e027fb17f9de9f0563c55af2db
b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed
bf3bdcf2de703f24db84e167ce024c84db5b27cddb4aa21a09b1b10ba2217154
c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7
c52d8ecaada50da7a9739ca285872b431fad51042eccf398e2c2ecad8013880b
c626f64856192160e6d3b0dfa71f31ed0bfacc72bc36c96ab6821a2bd6b62bd2
c6569613f16a97ff540232f3c1aec7a492c66b7ba751a76d971886f8a62368ed
ca6495abad9c91ebd650db661d0f9fc8430ebeb3fc25bbdb8787fb98805f9c8a
d06df4184ba84e09a4be6a6ed101d1c3adefea0eaa833ddecf2f2251f6af33a3
d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651
d33cb4483ae22716a581b89f523332a52e07ebc94f845e02c5bc3e47633cc40c
d58ad6f49f6f268e1640104190bd2196306450aac1d7398cbda98e8330ab3a9b
d75e1f844d778cf6f8b25b1df8396fb57ea44255711218d62a3390439eacc28a
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e11fd155c9363b07dbe5a13ff4d7b4d116fcf9fe4503d3da26bd1fa7e1e9c3dd
ec9e533468bbc524beb33f6306a8ac0d4c928d4d91608d4fa01e778715c30087
ed758ceabbd024ef927acbc7d220d42654a52aa08dbe936e86bd8b4b583d4ab0
ee80cf3b15ea6f7dd08ba1b6bbb065994092b94415845536e0db3476ea80fad4
f0c90af9ea731eddf3169d55b8ea0e7b1c3da09fa198d77e43cde0fd4495eaa0
f7e248392cea6eed6651423f5b9a4adafec5b15921a2f16ec54e1012be0aaee5
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff1ace23daaa8e56103063dccb4005b032eb21f33b9c86e05b3b2172e4d1c5c0