urlscan.io logo urlscan.io
SecurityTrails logo

www.techtosee.com Open in urlscan Pro
2606:4700:3031::6815:24ba  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Submission: On December 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 7 domains to perform 53 HTTP transactions. The main IP is 2606:4700:3031::6815:24ba, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.techtosee.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 30th 2021. Valid for: a year.
This is the only time www.techtosee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

30    2606:4700:3031::6815:24ba (United States)

ASN13335 (CLOUDFLARENET, US)
www.techtosee.com
7    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
i1.wp.com
i2.wp.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate-pa.googleapis.com
Domain Requested by
30 www.techtosee.com www.techtosee.com
ajax.googleapis.com
7 c0.wp.com www.techtosee.com
3 www.gstatic.com www.techtosee.com
translate.googleapis.com
2 translate.googleapis.com
2 i2.wp.com www.techtosee.com
2 i0.wp.com www.techtosee.com
2 cdnjs.cloudflare.com www.techtosee.com
1 translate-pa.googleapis.com srcdoc
1 www.google-analytics.com www.techtosee.com
1 i1.wp.com www.techtosee.com
1 translate.google.com www.techtosee.com
1 ajax.googleapis.com www.techtosee.com
53 12
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-30 -
2022-09-29		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Frame ID: 1843A87581AC24EEAFF6A593BD177B96
Requests: 54 HTTP requests in this frame

Frame: https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBwiZMnpJaVvcWHlTAcFdNmtrJb_P4aLXc&callback=callback
Frame ID: 8C58CF2D7DAEDC3A3F71F40C92724FD3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hackers use Zoho ServiceDesk internal exploit to delete webshells - Tech To See

Page Statistics

53
Requests

100 %
HTTPS

80 %
IPv6

7
Domains

12
Subdomains

11
IPs

2
Countries

714 kB
Transfer

1881 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/ 		305 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.26
Resource Hash
92c91103d2176746c32c70dd6f8f5d47f5eb13fef3910485888bbe101f49000f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-type
text/html; charset=UTF-8
cf-railgun
direct (starting new WAN connection)
link
<https://www.techtosee.com/wp-json/>; rel="https://api.w.org/" <https://www.techtosee.com/wp-json/wp/v2/posts/68048>; rel="alternate"; type="application/json"
vary
Accept-Encoding,User-Agent
x-dns-prefetch-control
on
x-litespeed-cache
miss
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
5bd_HTTP.200,5bd_post,5bd_URL.d33a3f831848261536ae606883e764e8,5bd_Po.68048,5bd_
x-powered-by
PHP/7.4.26
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cY5z0j5IB5Arxijl4%2FnrheqHX60yBimkvaMVqE65x1DH2UVGzhL%2BYeKH7W4ImzT5k1JLDu8w8%2FWPnkCv5r98bR04iejqozSMtdsZtUP8HYLhAYWmaaaEMKp120qVl%2FFIc3R2cPeYa5iWcan2Q%2FO%2BvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6bd03e282e735a37-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gtranslate-style-v5d99a1e408263f9c2d0309f594dd3646349bb259.css
www.techtosee.com/wp-content/cache/asset-cleanup/css/item/ 		832 B
667 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/gtranslate-style-v5d99a1e408263f9c2d0309f594dd3646349bb259.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4c8109d3685f75b8fed9c8adda06fc04dcaf42b9017a28ab7a2b994dc2f89fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542869
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 25 Nov 2021 10:10:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BclX0cM09ycm3etyZ5KHFY4dq6vMjcvT2CIAvCISlP2uqdORUDTmMH%2BVYZCTY5tphNPUVw89ia9fSSAiAgzG%2FMkd6jke%2FTpLj0fmGj7cNbtjsp4VJ%2BMojKjxfX40dITbgT7LPid518wUdJlua6T%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e504b2f5a37-MXP
expires
Fri, 25 Nov 2022 16:13:32 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 13 Dec 2022 15:32:08 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 13 Dec 2022 15:32:08 GMT
pwp-pushbutton-style-v9e13004b75f1755a61c362808009dfaa6938eaf2.css
www.techtosee.com/wp-content/cache/asset-cleanup/css/item/ 		2 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/pwp-pushbutton-style-v9e13004b75f1755a61c362808009dfaa6938eaf2.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e9112d042ae20bddef9d9ab32e01fc6e10bb01494bf6afdcca61f7bbbaada29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542869
cf-polished
origSize=1670
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 25 Nov 2021 10:10:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODwyPRR7JsERAkZMd0QevMzH5G6ckRXVCEUsrrBWKuiwJ7cXRq4rO77AY29m%2Fg6sbJ254pEWvkuImZutSegLGB0HqNLOqiNAidWvtKyjRSNoAdWQaB%2F8UIxINP%2BOt9QKtEhZb%2BQ2k1oV5UctqeUPoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e504b365a37-MXP
expires
Fri, 25 Nov 2022 16:13:37 GMT
wp_automatic_gallery_style-vb42d4eb189a2ed109fef5733181addc2f4cb8378.css
www.techtosee.com/wp-content/cache/asset-cleanup/css/item/ 		2 KB
963 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/wp_automatic_gallery_style-vb42d4eb189a2ed109fef5733181addc2f4cb8378.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cb4b778eaf248c6203177a6ed79edd23b1003554b87589813eb806db743bc4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542869
cf-polished
origSize=2431
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 25 Nov 2021 10:10:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYSigX34O33bdks8yHK0P7ZXxn5zuPZsNH7yqFu1MvvHzBHPjJGAr30AlyxahI7PbJsRbpLSEqcsfmtuGdA5gUtJADKbYPk4%2FgONqbWZqqR1t274edWGM%2FxoZbjd%2BE%2FqOgaU8%2FaU0S0Y9fngYh4i%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e504b3d5a37-MXP
expires
Fri, 25 Nov 2022 16:13:28 GMT
dashicons.min.css
c0.wp.com/c/5.8.2/wp-includes/css/ 		58 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/css/dashicons.min.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 13 Dec 2022 15:32:08 GMT
wpel-style-v8a64903cc08dcf3ead93be62923b1fa0f84e6f90.css
www.techtosee.com/wp-content/cache/asset-cleanup/css/item/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/wpel-style-v8a64903cc08dcf3ead93be62923b1fa0f84e6f90.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be896f4a7d83b6b20286020f3083bb2f589ae1008d377dceb5a58418da104d9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542869
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 17 Nov 2021 19:44:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrLNAfdDgLDB7a01MQ5FE6eT%2F2BkVbvIMvxyLcEQ0a1%2FTvhyiSaNuExkjgGAQTTo9rtEekpma5%2FseY3pzL1jyizVPMtVZR%2BIOrT7TQxqGpWwp68Exjn7%2Bv1RLwRsNFgBcsF1%2FpC8ZZ5iC72j5jlDew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e504b425a37-MXP
expires
Fri, 18 Nov 2022 03:41:10 GMT
td-plugin-multi-purpose-v57538ac7dfdb8b0cdf52382e83aef27c70c654c8.css
www.techtosee.com/wp-content/cache/asset-cleanup/css/item/ 		34 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/td-plugin-multi-purpose-v57538ac7dfdb8b0cdf52382e83aef27c70c654c8.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3121bbf3538f3cb6778c29d63660e499662bc108f87ed3d6f040f3c8407c54b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1054070
cf-polished
origSize=35193
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 17 Nov 2021 19:44:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBiKvXkJM8SCFaRDUnTo0l44ODLPSimmdw7kzlm4b0Ghfc1WIllBLz8Hy6PX3EUeVxV0ToW6XS8SjM29AgYJLKHBmDab5O%2BALZ5T0lmAjusPFjsEUo2oJUC%2B3kqFUo16rjkygxZtY3kfSFebjR43uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e504b465a37-MXP
expires
Fri, 18 Nov 2022 03:41:10 GMT
b088b4c04a3b78fc3302d5713e0e9f97-va3db66a6345c2bfe20af5bebc1c01b81b4b4780b.css
www.techtosee.com/wp-content/cache/asset-cleanup/css/item/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/b088b4c04a3b78fc3302d5713e0e9f97-va3db66a6345c2bfe20af5bebc1c01b81b4b4780b.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff318eb5c79eb3061a2814b72a1541d16431cb1ad3b84a84fa595c3ef206634c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Origin
https://www.techtosee.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=4491
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 05 Dec 2021 11:12:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQmnQakC%2Fh6f%2FFxqq1UDX%2Bds%2FnHKvhaB4exIxTNkFfyd%2FPAaF45118A6EpBDN12tFLBlzzFQXUExvBNQsFrh6GLrN2FPUY7dc7t0xkLFPBiLb7x764FpUWZxL5gqMz3sv86mJYFHfSBPr4wcRHfkZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e504b4c5a37-MXP
expires
Mon, 05 Dec 2022 17:13:58 GMT
td-theme-vf7288e2b49514ab4943192329cfe4e2e9956d3b5.css
www.techtosee.com/wp-content/cache/asset-cleanup/css/item/ 		103 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/td-theme-vf7288e2b49514ab4943192329cfe4e2e9956d3b5.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c35271744789c7491295907e9ef1e30588749d875b3c92fc27de28552813fc4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1052520
cf-polished
origSize=106418
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 25 Nov 2021 11:16:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rct9pGTbUADf%2Fao%2BujSysd6%2B2dZT%2BajHfc2Ec6Z9ZBf8mAxR1rg%2FMBdvaQvY1FEJlnkcbVQY0xS9ydx6qTwCDknWNd77M24af6MDtPglsVKNoiXKcY%2BNJbZ78pSPwvXdtYufHuSgboxKr3aMx79aQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e504b515a37-MXP
expires
Thu, 01 Dec 2022 17:10:08 GMT
td-theme-child-vb373ca532242640c32205a39af3475a6d57ca9f9.css
www.techtosee.com/wp-content/cache/asset-cleanup/css/item/ 		171 B
529 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/td-theme-child-vb373ca532242640c32205a39af3475a6d57ca9f9.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b4a1c4b9a5a8cae8cec6b48e14e72231911a308a7309e73683cd3696e3c3f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542869
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 25 Nov 2021 10:10:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4aiRIWj711fTT6bk%2BoKjPyO7HT9wTHUaiLxNFqijP4pQ9QUYRwQItWSAQR0k4qcSBGmsaP0rPqP7pAgxx5rCXF6uxsdcD7Gg986reLZQf85In3VFlcQbjHGg0DA5ZZ4mkw2C1fVk%2F1%2FbiDGlQ%2FyhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e504b565a37-MXP
expires
Fri, 25 Nov 2022 16:13:34 GMT
typicons-vd7903c3a4bd9725dd38c18b7dbdb8224a444685c.css
www.techtosee.com/wp-content/cache/asset-cleanup/css/item/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/typicons-vd7903c3a4bd9725dd38c18b7dbdb8224a444685c.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b1ff2978e021cb7d1b191d7ce896cb87b4cc9017490b3590cc11bdc30b0733c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542869
cf-polished
origSize=18358
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 15 Nov 2021 13:11:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l82sZ3yk%2F89b3z0oRDAWZ7%2F9cuMfxgDhfEnJl65bnrhNtXfVFZPHB2sjlwm6NYIsQIMVlE84AHeMgL1fEoQdM6aoL9gdSFC7YKV0LXlxKEX9WX%2BLje9kTdY%2BPWWCuS2nxDhbi4h4hzuovTCercSOfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e504b595a37-MXP
expires
Tue, 15 Nov 2022 19:12:05 GMT
td-multipurpose-v0c832aa1f90f0c8b7990bfea35ce1f36922bd19d.css
www.techtosee.com/wp-content/cache/asset-cleanup/css/item/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/td-multipurpose-v0c832aa1f90f0c8b7990bfea35ce1f36922bd19d.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87b3749abb84ce10b85e493194edb6dfaa7b0c6f4a3387539147cc8d0b78ca6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542869
cf-polished
origSize=9894
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 17 Nov 2021 19:44:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8haxrw3XaTmB69dVCcbp%2Ft%2BZpjoLoqOX74xuq9UWbSQgYVf1S0Fhe0AHDOePtlkGt7Sgd9QaKMbQdSrtbCsMbHTPsESoLsf2TwAPecrjXZ6A%2Fgn8h0A%2BbAj0b8OloVuvLxHgcHaUPRHfNnh%2BjImsdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e504b5e5a37-MXP
expires
Fri, 18 Nov 2022 03:41:10 GMT
td-legacy-framework-front-style-v2c31735d9e2ed52db17a684a2766283b0cbe4bbf.css
www.techtosee.com/wp-content/cache/asset-cleanup/css/item/ 		131 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/td-legacy-framework-front-style-v2c31735d9e2ed52db17a684a2766283b0cbe4bbf.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3d264e77f4ef93c83efddc0a682fee9a2e59c0e811faff55f27b157578ca3b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542869
cf-polished
origSize=134390
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 15 Nov 2021 11:50:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zhzwpRkSOBfPxoKRngTbS30bYvGOmCgC1B9C2OkPfq5yrirZOW9IW12UzqlPkWShv5jt%2F%2BTvxniFxPq0Z2j%2F0ks0rD0lQ%2FTBxdQHg5NxnplR38zaO42XiigfFb6vQ46JoIF2IiE83si%2B8W1vFkXjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e504b655a37-MXP
expires
Tue, 15 Nov 2022 17:50:54 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 15:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173778
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Dec 2022 15:15:50 GMT
wp_automatic_gallery-v0ce7bd8202b4984292b075dc89f886e02c2f428a.js
www.techtosee.com/wp-content/cache/asset-cleanup/js/item/ 		981 B
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/js/item/wp_automatic_gallery-v0ce7bd8202b4984292b075dc89f886e02c2f428a.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dc8bd7ffea92fb147e8a1642fd9a0381b346fd4cf1afce76e5903097cf2d34d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1054070
cf-polished
origSize=983
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 15 Nov 2021 11:50:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhmW2sASdSO4PDVWDugBu3ePNVcnYlwEWtAfnjLQfkAN49%2BKcxLb6c1cyLgbmSfU5DuyE%2Bg0W8J9PJqkTy2%2FUVP%2FUUutmFd%2BK4AWrPa3ol3f3CIUmzuB%2FWoF%2B%2BLuxmcKkBxrBxXYM2RhfNgmperU6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e504b685a37-MXP
expires
Tue, 15 Nov 2022 17:51:10 GMT
en-us.svg
www.techtosee.com/wp-content/plugins/gtranslate/flags/svg/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.techtosee.com/wp-content/plugins/gtranslate/flags/svg/en-us.svg
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c64c14fa68916dba409ddf0e38ca5dc8bd262b959a5814ecb6667096b35efa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2530400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 05 Nov 2021 15:15:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0DYsW5wfH9VCwdeCRBXph2fUcPc%2F6epoqVROpOKiiTem1lVkX29Wsn5LMMJk8%2FoD9wsGB4HAx3izybft6ONVb0y3qD%2FE4QbcMcAQJaJ%2FWZKXxCn45bpsnusE0npCzdeiTIS%2BFRNAF0gIBJ4YGeOew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e50dea859e9-MXP
expires
Sat, 05 Nov 2022 21:24:24 GMT
element.js
translate.google.com/translate_a/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8e0b01f507f71a56ea05ab9a15b05484fd1e4c451cd23a51d4dcddb48d678f8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		270 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
newspaper.woff
www.techtosee.com/wp-content/themes/TechToSee/images/icons/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/themes/TechToSee/images/icons/newspaper.woff?19
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/td-theme-vf7288e2b49514ab4943192329cfe4e2e9956d3b5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/td-theme-vf7288e2b49514ab4943192329cfe4e2e9956d3b5.css
Origin
https://www.techtosee.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:09 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24864
last-modified
Mon, 15 Nov 2021 14:30:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8rHT3KTiE5XAN2q8%2F7%2BHWsXzXVvaZKsq4mwTILin0oWf9MZ3o7A4fSo5X1jvodEL101U3kx1Vhv66U2REuPAE4%2FBVHZfeCSChSpypLNC924bVuEU9pHQCoRr76DuhFcCP%2BtcunW6yzg0D8Tpe5LFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
vary
User-Agent, Accept-Encoding
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6bd03e51da2e59e9-MXP
cf-railgun
direct (starting new WAN connection)
expires
Tue, 13 Dec 2022 21:32:09 GMT
7Auwp_0qiz-afTLGLQjUwkQ.woff2
www.techtosee.com/wp-content/cache/perfmatters/www.techtosee.com/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/perfmatters/www.techtosee.com/fonts/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/b088b4c04a3b78fc3302d5713e0e9f97-va3db66a6345c2bfe20af5bebc1c01b81b4b4780b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/b088b4c04a3b78fc3302d5713e0e9f97-va3db66a6345c2bfe20af5bebc1c01b81b4b4780b.css
Origin
https://www.techtosee.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24884
last-modified
Sun, 14 Nov 2021 21:26:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=in4zNDWgijOsQIPf8nLN4VBPpmGBiNG%2BlR%2FSqc9Gyhq8OVnUhZ2puyyFm0ggGLkeWJjGAGL9A%2FcTTZD2Mh7AxQYijbeO2SwlKaIkUDtWUp3RxdK09P5raYYaAYdtmlBYd%2BTjDcs6pwy790wzI5IOyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
User-Agent, Accept-Encoding
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6bd03e51da3359e9-MXP
expires
Fri, 18 Nov 2022 02:41:24 GMT
typicons.woff
www.techtosee.com/wp-content/plugins/td-composer/assets/fonts/typicons/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/plugins/td-composer/assets/fonts/typicons/typicons.woff
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/typicons-vd7903c3a4bd9725dd38c18b7dbdb8224a444685c.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2430aad2b6a33948dc064cfaee8ad65ff9e3ca439834f3aaa84abec3d10dea8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/typicons-vd7903c3a4bd9725dd38c18b7dbdb8224a444685c.css
Origin
https://www.techtosee.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454966
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
59872
last-modified
Thu, 14 Oct 2021 21:24:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxOl9lErhXZ9E0v6zH%2Fp19Dh6IK%2FOnzmAGfbD696%2Bu54ulHWYqFg6la%2BFjveYvV2%2Fi1rmJlwInuLUfMjXGvlHAXmxX%2FPb79zVieDu90hSTtigbxvW36yTpBPaqcIy5MMLYoRmTHjnsAmRlsJTKqNeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
vary
User-Agent, Accept-Encoding
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6bd03e51da3659e9-MXP
expires
Fri, 18 Nov 2022 01:21:34 GMT
email-decode.min.js
www.techtosee.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
last-modified
Wed, 08 Dec 2021 16:45:16 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"61b0e11c-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lui%2FaZkoZbFGMU4cyN7DRhXBYYCOWJfEs0TpcBl4Ac9EUpPXmmmCofspJ0HxG05%2FGehg4c29bDz8DII6nUloga4vcyTn3w%2F6Og1Evir3VWhzUmlEK6f%2BMd68jjUlwdqw7eh4vxoss6psXl0REK6Jeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6bd03e522b5959e9-MXP
expires
Wed, 15 Dec 2021 15:32:08 GMT
analytics-minimal.js
www.techtosee.com/wp-content/plugins/perfmatters/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/plugins/perfmatters/js/analytics-minimal.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
291c8a3ddeb2b5c48738e3615b2ff82553436c49e8099c11f30c45eb1c4e1c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1792982
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 04 Oct 2021 02:56:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8OVtEwKausICXMu63EWQHcvJOL4CusWJQ%2FvGvdQNzdbYrfGlzi3bqciPJ6jnny6tBQlLz9Sjw5hXrbUzoiP7VS4h%2BtTctmwrVO8miQXfFWpzkwfg4DlQA%2B2ukkTR1Jj84LQjenNxRJMtmZpD%2Fq2Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e523b7059e9-MXP
expires
Fri, 04 Nov 2022 14:36:25 GMT
fifu-video-css-v33073ebf92cb8ccebac436625e0df16324e4cde1.css
www.techtosee.com/wp-content/cache/asset-cleanup/css/item/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/css/item/fifu-video-css-v33073ebf92cb8ccebac436625e0df16324e4cde1.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6cf3bc8d1a2ef8a63ee77cefcf9aa20aa9f5c1bbb56efd6ebc5a2982ee32b08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542869
cf-polished
origSize=1168
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 25 Nov 2021 23:48:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuzQ6%2B%2BIKlSgWGRBG%2FbJSb6LnWJHUXz9WYjikN8c7xayX%2BFLrsTNLirvqPJFeuWCQbkQCUYG2cRd%2Bsb2xXEwa6%2FmnBM6quFBZscgZrHs256UY%2BK7qHG36BjQbBpXGIc6th1OYaNdJsPKVbpXAXF9hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e523b7459e9-MXP
expires
Sat, 26 Nov 2022 06:01:05 GMT
jquery.fancybox.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.css
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fc93cc3f2dec261a4dbd670cfcf476a15f759d6b9066f30bb65e4082d032fdb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
330547
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3081
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-4404"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QD5J1XejW3tS2FSHtd9ra9auYTlDpRKZqbrB3HoIG7%2BQnd0tpX%2BByXerWibYo24k1LZbXuFRNAlnUV2vvDMB7aZjCDFtx2Ndr5Xd8%2Fscer0P3mVcoyVYuXQrXx3LzU0rl6Fj5dpHMHVEGHVf5CPxzI9%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6bd03e527fb5d608-MXP
expires
Sat, 03 Dec 2022 15:32:08 GMT
photon.min.js
c0.wp.com/p/jetpack/10.3/_inc/build/photon/ 		758 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.3/_inc/build/photon/photon.min.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 13 Dec 2022 15:32:08 GMT
clientjs.min.js
www.techtosee.com/wp-content/plugins/progressive-wp/assets/scripts/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/plugins/progressive-wp/assets/scripts/clientjs.min.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec3130989eb17ef696eac4e71cb9b29ec8617a07c76a8e424cbb454d4b8fe69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542869
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 07 Nov 2021 00:01:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bYoLCJ7Sv%2B3RpwAMMfS%2B99nR9ZCN7K3e1yGlCniodI8iDt0Ey3T0WBcTwWM6DfCoQVb%2B%2BULolYAg%2F5pY%2BCo63T7MYskhGC%2FKAvxBOx6O2%2BjxiJwvoDcA5gQyMvMvSfJ9BmEry2gu%2BGw8g4P%2FkyRnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e523b8e59e9-MXP
expires
Fri, 18 Nov 2022 03:41:10 GMT
pwp-pushbutton-script-vdac97ee7c4a37db2db4311ea262845886ef42b7f.js
www.techtosee.com/wp-content/cache/asset-cleanup/js/item/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/js/item/pwp-pushbutton-script-vdac97ee7c4a37db2db4311ea262845886ef42b7f.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e43f836542cb7d45d6176cbe1bc660b2e73f4a2b1f690868765823144bfb157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=3875
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 17 Nov 2021 19:44:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lG%2Bpw%2FXN%2FQUoMRykDx0nHuBigGnqsZiyfTKIm7jpScRYjXl64o6rzfcHsPyRCGUiFckOSwOCLNOoow0EiGD%2F0UlpQ%2BQ7PK67r3kMbI%2BQMtSXOebIypLu%2FgfJfx%2BOVP4gMqdzVQ9UGRIx2LjzgPC6aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e523b9159e9-MXP
expires
Fri, 18 Nov 2022 03:41:11 GMT
pwp-installprompt-script-v9fcc505edc92f0ce42def41add264dd340cf908f.js
www.techtosee.com/wp-content/cache/asset-cleanup/js/item/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/js/item/pwp-installprompt-script-v9fcc505edc92f0ce42def41add264dd340cf908f.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519f3d7779841d031996b5224e5a72736850253f03fa5ce404c06e4e786e6e59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542869
cf-polished
origSize=1942
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 25 Nov 2021 11:15:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2OMzjSakPz8FvM1%2F%2BPqEif%2Bo8%2FjiHdfc3v8c6YsdSxUHveK5XrxurxYLrndppeygIU6gaZPWu7e445IN9m8Y39wA%2Fk70P5MEDBjvf%2BvHt82K%2Brks1zBBTGn4Htv0ANmE8rpci7OwAuhDG8XblZDDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e523b9259e9-MXP
expires
Thu, 01 Dec 2022 22:03:58 GMT
underscore.min.js
c0.wp.com/c/5.8.2/wp-includes/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/underscore.min.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 19:33:19 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 13 Dec 2022 15:32:08 GMT
js_posts_autoload.min.js
www.techtosee.com/wp-content/plugins/td-cloud-library/assets/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542869
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 30 Oct 2021 23:39:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWoR6eAs%2FiWWCvW7nvh4VgxX%2B6%2FMWm%2Bgb7a9mjV2liWMOhW%2BSlNrifpiDsdLZ1CztbXVGncz8SCnJn4lI0IZ0NECkPdMYhvTZRcUbGHY2ar5ggKpU1q4PEsIlRcoQnd7b2%2BPO5guQNQ45tyKOYOUug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e523b9559e9-MXP
expires
Fri, 18 Nov 2022 03:41:11 GMT
tagdiv_theme.min.js
www.techtosee.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		258 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5442291e1c921abc633723ad82232f8388cde8206a5e27148d5904b08c7462b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542869
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 14 Oct 2021 21:24:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWec3UGVYLnMMMyT5TA6NVP0imYbB02Brpo1eFFmharFih%2B9e7hxmqeu3u7u3va3hpU2gt3qA8oJzmMHaB26hnR%2FUi%2BZiCAEpDqqwAAdF8JAWArSQur3Df1yIcL%2BCaD1u3E%2FO8GG3aJ6xOfaB4CrNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e523b9659e9-MXP
expires
Fri, 18 Nov 2022 03:41:11 GMT
comment-reply.min.js
c0.wp.com/c/5.8.2/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/comment-reply.min.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:48:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 13 Dec 2022 15:32:08 GMT
js_files_for_front.min.js
www.techtosee.com/wp-content/plugins/td-cloud-library/assets/js/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bedcc92fa96a1549eec70158c56437af620ad5562b61b64bbf86dfc8bb30dec5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542869
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 30 Oct 2021 23:39:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pl6tafILWVHnT2TzvB%2FWY9QdzYnVjfSBLTeqCbw9rsyDD1lDuo8QmYP0HjTVBSQ9PHogu7UR5PC0zPhXvbWROw6%2FzhrgWsUP4RuxNrbEf6u7giLKOKlFrAx13z8qo0Niz2GCmLNQPSEyfOIiFNsqzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e523b9959e9-MXP
expires
Fri, 18 Nov 2022 03:41:11 GMT
wp-embed.min.js
c0.wp.com/c/5.8.2/wp-includes/js/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/wp-embed.min.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 13 Dec 2022 15:32:08 GMT
fifu-image-js-v1fc81229045d193e592689f610f56e64f701ee1c.js
www.techtosee.com/wp-content/cache/asset-cleanup/js/item/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/js/item/fifu-image-js-v1fc81229045d193e592689f610f56e64f701ee1c.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
083ce92dfe0a5f3b16c149202e1e3699bc42f4dbd8894c8a110817b69b33b1c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542869
cf-polished
origSize=5739
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 17 Nov 2021 21:21:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arFsbZB%2BiPG2AjNON9YrFfkBbLxNwxHv0J2WxwyDHKFs8OjgPug2kzgWAxMA%2FM7kIur6CuC%2BleS9tdLoD8CyvSHN%2BPU6LYDfaxxgbMPpx6adEIlZHOJ1J271lsUTGLYowZBZUbIibNhV8ju3T7VsrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e523b9a59e9-MXP
expires
Fri, 18 Nov 2022 03:41:11 GMT
jquery.fancybox.min.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
332710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19249
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-10a9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdWGBWxPZIZAoSIwKyyF1uzxA0O0zBJ%2BEVdq8gugoys7Ie3WgQbski52qlz6T7OKk%2ByjYFabwMugzLfbd2yNW2E4iMk4PUr973%2FB0ACg6TawY3tK9TMpUVbW%2FSSlvbzJzEwIN1s5j5j2s2FiYaN%2BU26f"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6bd03e527fb8d608-MXP
expires
Sat, 03 Dec 2022 15:32:08 GMT
fifu-video-js-v197c43a3187390e11df37c46d98cf1a86d4aa538.js
www.techtosee.com/wp-content/cache/asset-cleanup/js/item/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-content/cache/asset-cleanup/js/item/fifu-video-js-v197c43a3187390e11df37c46d98cf1a86d4aa538.js
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d04a8839460cb4c06d116c30cc73a28c1322142ab7ef35159cb40c5e0296b88a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1054069
cf-polished
origSize=14814
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 17 Nov 2021 21:21:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MigCND%2BtwAkjHuF1XoWQS%2FXwBT5NJ5GW%2BqIghl6NKLJRuQ0Reti0R7vH0MMPbTOW%2B4RGz54p%2Fb6xNyjkw4k9QrK0sVxB2zou06RfZZhPbm8srhdYhZ52Xd6tLJw2uYpc31YJGVbI9d2JynDTd8f2MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-bgj
minify
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e523b9e59e9-MXP
expires
Fri, 18 Nov 2022 03:41:11 GMT
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin
https://www.techtosee.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
system-hacked.jpg
i0.wp.com/www.bleepstatic.com/content/hl-images/2021/12/02/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.bleepstatic.com/content/hl-images/2021/12/02/system-hacked.jpg?resize=696%2C392&ssl=1
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
6f462eaa3c2715739c18a96cd40d9f07159831fb75b0dbe92489010894bf01a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS hhn 3
date
Mon, 13 Dec 2021 15:32:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Dec 2021 15:32:08 GMT
server
nginx
etag
"702eebc7c8046bab"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.bleepstatic.com/content/hl-images/2021/12/02/system-hacked.jpg>; rel="canonical"
content-length
26056
expires
Thu, 14 Dec 2023 03:32:08 GMT
campaigns_diagram.png
i1.wp.com/www.bleepstatic.com/images/news/u/1220909/Diagrams/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/www.bleepstatic.com/images/news/u/1220909/Diagrams/campaigns_diagram.png?resize=696%2C312&ssl=1
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
7794b38555a3d511b1c5ff87974fc4d0e8ef543c9e12d14d44a93954eeb65998
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Mon, 13 Dec 2021 15:32:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Dec 2021 15:32:08 GMT
server
nginx
etag
"5e8f7b7716419fb1"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.bleepstatic.com/images/news/u/1220909/Diagrams/campaigns_diagram.png>; rel="canonical"
content-length
20378
expires
Thu, 14 Dec 2023 03:32:08 GMT
tomcat_filter.jpg
i0.wp.com/www.bleepstatic.com/images/news/u/1220909/Code%20and%20Details/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.bleepstatic.com/images/news/u/1220909/Code%20and%20Details/tomcat_filter.jpg?resize=696%2C356&ssl=1
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
d13ca39126c0f1588d46767f2bce75812f0e76ff245a7b78a28756d1d22443ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS hhn 3
date
Mon, 13 Dec 2021 15:32:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Dec 2021 15:32:08 GMT
server
nginx
etag
"383d643215565bcf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.bleepstatic.com/images/news/u/1220909/Code%20and%20Details/tomcat_filter.jpg>; rel="canonical"
content-length
30580
expires
Thu, 14 Dec 2023 03:32:08 GMT
countries.jpg
i2.wp.com/www.bleepstatic.com/images/news/u/1220909/Tables/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/www.bleepstatic.com/images/news/u/1220909/Tables/countries.jpg?resize=696%2C239&ssl=1
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ea480594da9094de450aa42532ed2e1c067c8a4a53ec2e194f6af440d8100cb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS hhn 4
date
Mon, 13 Dec 2021 15:32:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Dec 2021 15:32:08 GMT
server
nginx
etag
"ec47b5743978618d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.bleepstatic.com/images/news/u/1220909/Tables/countries.jpg>; rel="canonical"
content-length
4994
expires
Thu, 14 Dec 2023 03:32:08 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.VxDkSCiucxo.O/d=1/rs=AN8SPfqzW7r3hTh53zV3Wutei3mGK4UKog/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:25:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 19:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 13 Dec 2021 16:25:23 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.VxDkSCiucxo.O/am=AQ/d=1/exm=el_conf/ed=1/rs=AN8SPfqA9sxh8mITpzdEVrnMvDC40Psmqg/ 		223 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.VxDkSCiucxo.O/am=AQ/d=1/exm=el_conf/ed=1/rs=AN8SPfqA9sxh8mITpzdEVrnMvDC40Psmqg/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.VxDkSCiucxo.O/d=1/rs=AN8SPfqzW7r3hTh53zV3Wutei3mGK4UKog/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d9ac70e6b4108042f3974dc74bac723cd44c65435a071dca3c9871b7f1d7d61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 14:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77953
x-xss-protection
0
last-modified
Tue, 07 Dec 2021 20:12:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 14:25:21 GMT
techtosee-2-300x300.png
www.techtosee.com/wp-content/uploads/2021/09/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.techtosee.com/wp-content/uploads/2021/09/techtosee-2-300x300.png
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80da8ddeb15e503cd29b201b5e01d064341a2fa85c99c5121cc18114a0d59fb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542868
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
57351
last-modified
Thu, 30 Sep 2021 06:47:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjJ7noisbLFpG6Dh%2FI1Wxu1M5BzbobfyhDKsntDe5YMIYdNdhIHpG%2BJRjAzqP3nEe9QqpqDqLHPobq7rxJoa9NofcVAUR92w7hnRzM%2FUihFtkrqdbryeGngnIap1ETd51IOzb3D%2BKHQMmPvkk4edYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
User-Agent, Accept-Encoding
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6bd03e52ee4259e9-MXP
expires
Fri, 18 Nov 2022 01:30:25 GMT
Intel-Xe-Graphics_5-640x360.jpg
i2.wp.com/www.extremetech.com/wp-content/uploads/2021/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/www.extremetech.com/wp-content/uploads/2021/12/Intel-Xe-Graphics_5-640x360.jpg?w=485&resize=485%2C&ssl=1
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
7ffe13efe57d1ccad2945d74f2b82676d839562533372e9bf7c77c97228664a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Mon, 13 Dec 2021 15:32:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Dec 2021 15:32:08 GMT
server
nginx
etag
"87ed7b9802dc37f9"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.extremetech.com/wp-content/uploads/2021/12/Intel-Xe-Graphics_5-640x360.jpg>; rel="canonical"
content-length
10994
expires
Thu, 14 Dec 2023 03:32:08 GMT
collect
www.google-analytics.com/ 		35 B
441 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/wp-content/plugins/perfmatters/js/analytics-minimal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.techtosee.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 15:32:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.techtosee.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
admin-ajax.php
www.techtosee.com/wp-admin/ 		12 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.techtosee.com/wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=11.3.1
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:24ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.26
Resource Hash
bedbf2544f0b42599fdc9a7265499fc70f3993c80ab32b04969bf2da83c798c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 15:32:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.26
x-litespeed-cache-control
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
x-robots-tag
noindex
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTgWfqxYp3EYKL0PIEKadvYWzH%2F8lpgxvCLoM9%2FQ%2F4srYQPpRDqvwPcinWK4MW%2F2LDF7WGHQB6DF2I2yGfRliFL0cjAoJ36h8xKS4NLh7mthPpAFhNJEqzPh1P0uDwdqzAld9%2Bguu08D2%2F4TPxv2WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.techtosee.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-turbo-charged-by
LiteSpeed
cf-ray
6bd03e53f9fa59e9-MXP
cf-railgun
direct (waiting for pending WAN connection)
expires
Wed, 11 Jan 1984 05:00:00 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		846 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 14:51:22 GMT
x-content-type-options
nosniff
age
2447
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
846
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 13 Dec 2022 14:51:22 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: www.techtosee.com
URL: https://www.techtosee.com/hackers-use-zoho-servicedesk-internal-exploit-to-delete-webshells/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.techtosee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:38:04 GMT
x-content-type-options
nosniff
age
50045
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
910
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 13 Dec 2022 01:38:04 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:28:45 GMT
x-content-type-options
nosniff
age
204
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 13 Dec 2022 15:28:45 GMT
supportedLanguages
translate-pa.googleapis.com/v1/ Frame 8C58 		14 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBwiZMnpJaVvcWHlTAcFdNmtrJb_P4aLXc&callback=callback
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 15:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
text/javascript; charset=UTF-8
vary
Origin, X-Origin, Referer
content-length
1213
x-xss-protection
0
expires
Mon, 13 Dec 2021 15:32:09 GMT

Verdicts & Comments Add Verdict or Comment

250 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery object| PwpJsVars object| tdb_globals object| tdwGlobal object| tdaGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| tds_general_modal_image string| tds_video_scroll string| tds_video_playing_one string| tds_video_pause_hidden string| tds_video_lazy string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target function| googleTranslateElementInit2 object| gt_translate_script function| GTranslateGetCurrentLang function| GTranslateFireEvent function| doGTranslate string| tdb_login_sing_in_shortcode object| block_tdi_69 function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| block_tdi_70 object| block_tdi_80 string| pmGAID boolean| pmGAAIP object| ma object| deployJava function| Detector function| murmurhash3_32_gc object| swfobject function| ClientJS function| UAParser function| pwpRegisterPushDevice function| pwpDeregisterPushDevice function| _ object| tdbAutoload object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdScrollToClass object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdConfirm function| $f function| onYouTubeIframeAPIReady object| addComment undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdcPostSettings function| tdbGetMobileTemplates object| wp object| fifuImageVars function| addHoverEffect function| cropImage function| isValidImgClass function| disableClick function| disableLink function| fifu_fix_gallery_height object| fifuVideoVars function| replaceVideoThumb function| replaceImageDlg function| registerReplaceOnClick function| is_video_img function| is_youtube_img function| is_vimeo_img function| is_cloudinary_video_img function| is_tumblr_video_img function| is_imgur_video_img function| is_publitio_video_img function| is_gag_video_img function| video_id function| youtube_parameter function| is_jetpack_src function| youtube_id function| vimeo_id function| video_url function| youtube_url function| vimeo_url function| cloudinary_url function| tumblr_url function| imgur_url function| publitio_url function| gag_url function| fifu_autoplay_mouseover_vimeo object| players function| fifu_autoplay_mouseover_youtube function| add_parameters function| parameter_char function| fifu_fix_elementor function| fifu_fix_zoom function| fifu_fix_divi function| fifu_fix_essential_grid function| fifu_fix_youtube_thumbnails function| almComplete string| firstParentClass string| parentClass string| $position string| selector undefined| src string| background_style boolean| is_background object| closure_lm_177804 undefined| wrapper string| enabled

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c0.wp.com
cdnjs.cloudflare.com
i0.wp.com
i1.wp.com
i2.wp.com
translate-pa.googleapis.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.gstatic.com
www.techtosee.com
192.0.77.2
192.0.77.37
2606:4700:3031::6815:24ba
2606:4700::6810:125e
2a00:1450:4001:801::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:811::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
083ce92dfe0a5f3b16c149202e1e3699bc42f4dbd8894c8a110817b69b33b1c3
0cb4b778eaf248c6203177a6ed79edd23b1003554b87589813eb806db743bc4c
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1b1ff2978e021cb7d1b191d7ce896cb87b4cc9017490b3590cc11bdc30b0733c
1c64c14fa68916dba409ddf0e38ca5dc8bd262b959a5814ecb6667096b35efa5
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
291c8a3ddeb2b5c48738e3615b2ff82553436c49e8099c11f30c45eb1c4e1c4b
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1
3121bbf3538f3cb6778c29d63660e499662bc108f87ed3d6f040f3c8407c54b5
3d9ac70e6b4108042f3974dc74bac723cd44c65435a071dca3c9871b7f1d7d61
3fc93cc3f2dec261a4dbd670cfcf476a15f759d6b9066f30bb65e4082d032fdb
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
519f3d7779841d031996b5224e5a72736850253f03fa5ce404c06e4e786e6e59
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5dc8bd7ffea92fb147e8a1642fd9a0381b346fd4cf1afce76e5903097cf2d34d
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6f462eaa3c2715739c18a96cd40d9f07159831fb75b0dbe92489010894bf01a9
7794b38555a3d511b1c5ff87974fc4d0e8ef543c9e12d14d44a93954eeb65998
7ffe13efe57d1ccad2945d74f2b82676d839562533372e9bf7c77c97228664a3
80da8ddeb15e503cd29b201b5e01d064341a2fa85c99c5121cc18114a0d59fb7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87b3749abb84ce10b85e493194edb6dfaa7b0c6f4a3387539147cc8d0b78ca6e
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
8e0b01f507f71a56ea05ab9a15b05484fd1e4c451cd23a51d4dcddb48d678f8d
8e9112d042ae20bddef9d9ab32e01fc6e10bb01494bf6afdcca61f7bbbaada29
92c91103d2176746c32c70dd6f8f5d47f5eb13fef3910485888bbe101f49000f
9e43f836542cb7d45d6176cbe1bc660b2e73f4a2b1f690868765823144bfb157
a5442291e1c921abc633723ad82232f8388cde8206a5e27148d5904b08c7462b
b4c8109d3685f75b8fed9c8adda06fc04dcaf42b9017a28ab7a2b994dc2f89fd
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
be896f4a7d83b6b20286020f3083bb2f589ae1008d377dceb5a58418da104d9b
bedbf2544f0b42599fdc9a7265499fc70f3993c80ab32b04969bf2da83c798c6
bedcc92fa96a1549eec70158c56437af620ad5562b61b64bbf86dfc8bb30dec5
c1b4a1c4b9a5a8cae8cec6b48e14e72231911a308a7309e73683cd3696e3c3f2
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2430aad2b6a33948dc064cfaee8ad65ff9e3ca439834f3aaa84abec3d10dea8
c35271744789c7491295907e9ef1e30588749d875b3c92fc27de28552813fc4d
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cec3130989eb17ef696eac4e71cb9b29ec8617a07c76a8e424cbb454d4b8fe69
d04a8839460cb4c06d116c30cc73a28c1322142ab7ef35159cb40c5e0296b88a
d13ca39126c0f1588d46767f2bce75812f0e76ff245a7b78a28756d1d22443ba
d6cf3bc8d1a2ef8a63ee77cefcf9aa20aa9f5c1bbb56efd6ebc5a2982ee32b08
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3d264e77f4ef93c83efddc0a682fee9a2e59c0e811faff55f27b157578ca3b9
ea480594da9094de450aa42532ed2e1c067c8a4a53ec2e194f6af440d8100cb8
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
ff318eb5c79eb3061a2814b72a1541d16431cb1ad3b84a84fa595c3ef206634c