www.imperva.com Open in urlscan Pro
45.60.76.225 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Submission: On June 12 via api (June 12th 2024, 2:15:54 am UTC) from TR — Scanned from DE

Summary HTTP 196 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 24 domains to perform 196 HTTP transactions. The main IP is 45.60.76.225, located in United States and belongs to INCAPSULA, US. The main domain is www.imperva.com. The Cisco Umbrella rank of the primary domain is 256667.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 14th 2024. Valid for: a year.

This is the only time www.imperva.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
130	45.60.76.225 45.60.76.225	19551 (INCAPSULA) (INCAPSULA)
6	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:803::201b	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2.17.147.185 2.17.147.185	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2603:1020:203... 2603:1020:203:3::489	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.245.46.44 18.245.46.44	16509 (AMAZON-02) (AMAZON-02)
1	18.245.86.73 18.245.86.73	16509 (AMAZON-02) (AMAZON-02)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	18.66.102.85 18.66.102.85	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
5	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
1	172.217.18.8 172.217.18.8	15169 (GOOGLE) (GOOGLE)
1	2600:9000:272... 2600:9000:2724:9600:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:23::1726:629c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
2	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
2	18.245.86.87 18.245.86.87	16509 (AMAZON-02) (AMAZON-02)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
196	32

130 45.60.76.225 (United States)

ASN19551 (INCAPSULA, US)

www.imperva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.73.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.imperva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.17.147.185 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-185.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2603:1020:203:3::489 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

imperva.containers.piwik.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imperva.piwik.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-44.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-73.fra60.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-85.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:9600:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:23::1726:629c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

727-wrl-406.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.86.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-87.fra60.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
132	imperva.com www.imperva.com — Cisco Umbrella Rank: 256667 go.imperva.com — Cisco Umbrella Rank: 715920	4 MB
10	6sc.co j.6sc.co — Cisco Umbrella Rank: 5930 c.6sc.co — Cisco Umbrella Rank: 8413 ipv6.6sc.co — Cisco Umbrella Rank: 6075 b.6sc.co — Cisco Umbrella Rank: 3843	20 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	515 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	138 KB
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 8814	26 KB
4	piwik.pro imperva.containers.piwik.pro — Cisco Umbrella Rank: 882852 imperva.piwik.pro — Cisco Umbrella Rank: 597114	106 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68	21 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3078 www.google.com — Cisco Umbrella Rank: 5	371 B
3	driftt.com js.driftt.com — Cisco Umbrella Rank: 7352	62 KB
3	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2364 rs.fullstory.com — Cisco Umbrella Rank: 2143	76 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 296	921 B
2	google.de www.google.de — Cisco Umbrella Rank: 8196	126 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 132	405 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 4509	6 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 90	15 KB
2	company-target.com s.company-target.com — Cisco Umbrella Rank: 1561 api.company-target.com — Cisco Umbrella Rank: 4480	943 B
2	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 6161 tag-logger.demandbase.com — Cisco Umbrella Rank: 5445	26 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 893	17 KB
1	mktoresp.com 727-wrl-406.mktoresp.com — Cisco Umbrella Rank: 843768	318 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 15566	204 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 892	98 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 638	295 B
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 394	2 KB
0	licdn.com Failed snap.licdn.com Failed
196	24

	Domain	Requested by
130	www.imperva.com	www.imperva.com
7	b.6sc.co	www.imperva.com
6	www.googletagmanager.com	www.imperva.com
6	cdn.cookielaw.org	www.imperva.com
4	cdn.bizible.com	www.imperva.com cdn.bizible.com
3	www.google-analytics.com	www.imperva.com
3	imperva.piwik.pro	www.imperva.com imperva.piwik.pro
3	js.driftt.com	www.imperva.com
2	bam.nr-data.net	www.imperva.com
2	www.google.de	www.imperva.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.imperva.com
2	region1.analytics.google.com	www.googletagmanager.com
2	munchkin.marketo.net	www.imperva.com
2	www.youtube.com	www.imperva.com
2	edge.fullstory.com	www.imperva.com
2	go.imperva.com	www.imperva.com
1	www.google.com
1	js-agent.newrelic.com	www.imperva.com
1	727-wrl-406.mktoresp.com	munchkin.marketo.net
1	cdn.bizibly.com	www.imperva.com
1	rs.fullstory.com	www.imperva.com
1	ipv6.6sc.co	www.imperva.com
1	c.6sc.co	www.imperva.com
1	tag-logger.demandbase.com	www.imperva.com
1	api.company-target.com	www.imperva.com
1	id.rlcdn.com	www.imperva.com
1	s.company-target.com	www.imperva.com
1	tag.demandbase.com	www.imperva.com
1	imperva.containers.piwik.pro	www.imperva.com
1	j.6sc.co	www.imperva.com
1	geolocation.onetrust.com	www.imperva.com
1	storage.googleapis.com	www.imperva.com
0	snap.licdn.com Failed	www.imperva.com
196	33

This site contains links to these domains. Also see Links.

Domain
cpl.thalesgroup.com
community.imperva.com
support.imperva.com
docs.imperva.com
partners.imperva.com
www.linkedin.com
twitter.com
www.facebook.com
nvd.nist.gov
www.php.net
www.crowdstrike.com
cert.360.cn
www.sangfor.com
www.bleepingcomputer.com
x.com
status.imperva.com
www.youtube.com
www.glassdoor.com
soundcloud.com
vimeo.com

Subject Issuer	Validity	Valid
www.imperva.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-14` - `2025-03-20`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
go.imperva.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-29` - `2025-05-30`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-05-03` - `2024-08-01`	3 months	crt.sh
storage.googleapis.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
6sc.co R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
*.containers.piwik.pro GlobeSSL DV CA	`2024-01-02` - `2025-01-01`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
*.company-target.com R3	`2024-04-17` - `2024-07-16`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-07` - `2025-07-08`	a year	crt.sh
*.piwik.pro GlobeSSL DV CA	`2024-01-02` - `2025-01-28`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M02	`2024-06-10` - `2025-07-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.de WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-05-02` - `2024-07-31`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Frame ID: 06C8CFFA2556CEBE7DDA7B482972EED2
Requests: 194 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: E71900DFFC735AEE6DB8E5CE18452775
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=xrppvhbiz5n6&eId=xrppvhbiz5n6&region=US&forceShow=false&skipCampaigns=false&sessionId=8d0ee46e-851a-42c7-b57e-a3d954e1e1fe&sessionStarted=1718158549.234&campaignRefreshToken=e1cf7e81-8d9d-4fa7-82fb-8da9462708f3&hideController=false&pageLoadStartTime=1718158547774&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F
Frame ID: 99F537A6074CCD11401F5FA1196045A8
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1718158547774
Frame ID: B0778A0EE96C7D0A2F083F1CA343A559
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware | Imperva

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

196
Requests

99 %
HTTPS

39 %
IPv6

24
Domains

33
Subdomains

32
IPs

6
Countries

5098 kB
Transfer

9031 kB
Size

44
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://cpl.thalesgroup.com/encryption/data-security-platform
Title: Data encryption and cryptographic solutions

Search URL Search Domain Scan URL

URL: https://community.imperva.com/home
Title: Community

Search URL Search Domain Scan URL

URL: https://support.imperva.com/
Title: Support Portal Login

Search URL Search Domain Scan URL

URL: https://docs.imperva.com/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://partners.imperva.com/
Title: Partner Portal Login

Search URL Search Domain Scan URL

URL: https://docs.imperva.com/bundle/articles/page/product-service-certifications.htm
Title: Imperva Certifications

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&text=Update:%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20%20Ransomware&hashtags=ImpervaResources

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2024-4577
Title: CVE-2024-4577

Search URL Search Domain Scan URL

URL: https://www.php.net/manual/en/function.system.php
Title: system

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/blog/tellyouthepass-ransomware-analysis-reveals-modern-reinterpretation-using-golang/
Title: various forms over the years

Search URL Search Domain Scan URL

URL: https://cert.360.cn/report/detail?id=65fceeb4c09f255b91b17f11
Title: [1]

Search URL Search Domain Scan URL

URL: https://www.sangfor.com/farsight-labs-threat-intelligence/cybersecurity/new-tellyouthepass-ransomware-variant-discovered
Title: [2]

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/forums/t/798060/tellyouthepass-ransomware-locked;-read-me9html-support-topic/
Title: Bleeping Computer Forums

Search URL Search Domain Scan URL

URL: https://x.com/robin840211/status/1800061751486210505
Title: X

Search URL Search Domain Scan URL

URL: https://status.imperva.com/
Title: System Status

Search URL Search Domain Scan URL

URL: https://docs.imperva.com/bundle/cloud-application-security/page/api/api.htm
Title: API Integration

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/imperva/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/imperva

Search URL Search Domain Scan URL

URL: https://twitter.com/imperva

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ImpervaChannel

Search URL Search Domain Scan URL

URL: https://www.glassdoor.com/Overview/Working-at-Imperva-EI_IE101738.11,18.htm

Search URL Search Domain Scan URL

URL: https://soundcloud.com/imperva

Search URL Search Domain Scan URL

URL: https://vimeo.com/user130735021

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

196 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ 265 KB
52 KB 548ms
443ms Document
text/html 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9b558120de2b2c5887d865396c37584e2c59c8ef3ffc3f684b91c5ee2c180abd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com ; form-action 'self' .salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: bam.nr-data.net www.google.co.ke *.gstatic.com www.googletagmanager.com *.imperva.com c.6sc.co *.doubleclick.net www.google.com.my munchkin.marketo.net cdn.bizible.com cdn.bizibly.com *.vimeo.com ipv6.6sc.co id.rlcdn.com www.google.com www.google-analytics.com *.optimizely.com js.driftt.com www.google.com.mx tag.demandbase.com translate.google.com www.google.com.ph edge.fullstory.com www.google.com.bd www.google.co.za rs.fullstory.com *.mktoutil.com www.google.co.jp www.google.co.in api.company-target.com s.company-target.com cdn.cookielaw.org b.6sc.co www.google.com.sg *.mktoresp.com www.google.com.au www.google.lk www.google.com.vn www.google.ca www.youtube.com www.google.com.tr *.licdn.com www.google.ae www.brighttalk.com tag-logger.demandbase.com js-agent.newrelic.com secure.gravatar.com www.google.co.il analytics.google.com www.google.co.id *.onetrust.com *.googleapis.com www.google.com.pk imperva.piwik.pro region1.analytics.google.com www.google.co.uk jscloud.net j.6sc.co adservice.google.com *.facebook.net imperva.containers.piwik.pro ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/html; charset=UTF-8
date: Wed, 12 Jun 2024 02:15:47 GMT
last-modified: Tue, 11 Jun 2024 16:00:27 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 8-16999432-16999436 2NNN RT(1718158546651 45) q(0 1 1 0) r(4 4) U18
x-slot: slot-1

GET
H2 200 strants-not-worstling-We-what-her-Lords-Thunderd Show response
www.imperva.com/ 230 KB
74 KB 67ms
67ms Script
text/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/strants-not-worstling-We-what-her-Lords-Thunderd

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

aafd1810c5d11078e73acbff122e10a7f8073e3c1ac5bdb24bd6bdd81cc496c4

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-cdn: Imperva
content-type: text/javascript
access-control-allow-origin: *
x-iinfo: 8-16999432-16999442 NNNN CT(3 5 0) RT(1718158546651 502) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
server-timing: bon, total;dur=12.278893
content-length: 75298

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 182ms
53ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Dw6K+rTuf8kOuPIEBw1QQA==
age: 20142
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6881
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2024 06:32:22 GMT
server: cloudflare
etag: 0x8DC89E04057A87F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2e61f1b6-801e-007c-1919-bcdc5c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892655cc1a0a918c-FRA
expires: Wed, 12 Jun 2024 20:40:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 299 KB
99 KB 223ms
127ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7LFBNHR6BF

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

930c9d4853d5c7b9587f01dfbd1c1a3f2d4087fd8f3fad25275d4160fdda555c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101503
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Jun 2024 02:15:48 GMT

GET
H2 200 logo.svg
www.imperva.com/wp-content/uploads/2018/12/ 2 KB
1 KB 62ms
50ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/wp-content/uploads/2018/12/logo.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c05540d0695ed6129ef63ef5fb8f8528e9ab4fbd49ef3f4052b295a8be077b87

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 30 Dec 2018 09:40:17 GMT
x-cdn: Imperva
etag: "5c289281-7f3"
content-type: image/svg+xml
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 1234) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 1002

GET
H2 200 icomoon.ttf
www.imperva.com/wp-content/themes/impv/dist/fonts/icomoon/ 4 KB
3 KB 57ms
47ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/icomoon/icomoon.ttf?ucf6ha

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a88fa03a7f8faca508e17fe76108c5cb812e152e7af22ab1c9c2c791cbaa924c

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-fd8"
content-type: application/octet-stream
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 656) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 2885

GET
H2 200 382BE0_0_0.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/fabricat/ 30 KB
30 KB 60ms
49ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/fabricat/382BE0_0_0.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bdaeb454f34af48fb87d4c74c39d5b7d6c26eb0a3b6dea349e3896634f71ddff

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-7670"
content-type: application/octet-stream
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 661) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 30353

GET
H2 200 Inter-ExtraBold.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/ 105 KB
104 KB 65ms
55ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/Inter-ExtraBold.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0ef4267ef8c1d414d85062c3eca4a02270822af0e4dda820937a4577200d4d76

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-1a328"
content-type: application/octet-stream
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 664) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 106427

GET
H2 200 Inter-Light.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/ 103 KB
104 KB 98ms
87ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Light.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0f7dfe72f016f723dffc551a4e3c0e17492acd9494d8d8392a53f6223c1eef83

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-19c54"
content-type: application/octet-stream
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 668) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 104597

GET
H2 200 Inter-Regular.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/ 98 KB
97 KB 104ms
94ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Regular.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-18810"
content-type: application/octet-stream
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 670) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 99458

GET
H2 200 Inter-Medium.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/ 104 KB
103 KB 161ms
150ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Medium.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d308f3dc654f14af6a600482f41458efe0667eb639ec7bf7ddd784502b8fd55

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-19ff4"
content-type: application/octet-stream
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 764) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 105552

GET
H2 200 Inter-Bold.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/ 105 KB
104 KB 163ms
152ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Bold.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f5e9a23c31da569497ae9c233b3a3176b33da9ecd52caa3b45dea57805a0cf8

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-1a288"
content-type: application/octet-stream
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 766) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 106106

GET
H2 200 impv-vendors-cc6c6d3e07.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 113 KB
38 KB 536ms
525ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-vendors-cc6c6d3e07.min.js?ver=cc6c6d3e07

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0d5cc190ab17ffc4216e1bcf25e052261bbdc6a970d037d242dd9099d9e0b14a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-1c3da"
content-type: application/javascript
x-iinfo: 8-16999432-16999459 2VNN RT(1718158546651 768) q(0 0 0 -1) r(3 3)
cache-control: max-age=0
content-length: 39097

GET
H2 200 impv-bt-vendors-c3619d0a8e.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 51 KB
15 KB 337ms
327ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-bt-vendors-c3619d0a8e.min.js?ver=c3619d0a8e

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8c3da68772482df35780186361a229c8c8e345d85ca905528b8026452387fb1a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-ca48"
content-type: application/javascript
x-iinfo: 8-16999432-16999436 2VNN RT(1718158546651 770) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 15199

GET
H2 200 impv-import-collapse-9ceab1220e.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 11 KB
4 KB 339ms
329ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-import-collapse-9ceab1220e.min.js?ver=9ceab1220e

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c72c77d9577203f6f39747d43be9ff438e7a2307dcab86f44e1c126abc83b227

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-2ce1"
content-type: application/javascript
x-iinfo: 8-16999432-16999436 2CNN RT(1718158546651 773) q(0 2 2 -1) r(2 2)
cache-control: max-age=0
content-length: 3903

GET
H2 200 impv-import-modal-component-eda69920e1.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 43 KB
13 KB 341ms
331ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-import-modal-component-eda69920e1.min.js?ver=eda69920e1

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5cff80f1e7a1f5a2ec26e2bb7e497e16987c36538a01883101482afabb044fff

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-ad5c"
content-type: application/javascript
x-iinfo: 8-16999432-16999436 2CNN RT(1718158546651 775) q(0 2 2 -1) r(2 2)
cache-control: max-age=0
content-length: 13165

GET
H2 200 impv-import-progress-bar-371a9013da.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 1 KB
680 B 343ms
332ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-import-progress-bar-371a9013da.min.js?ver=371a9013da

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

be4288cf3f5721ff4da854fdc5d9574c32ef032248b320fb61554f0be5c14111

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-4c9"
content-type: application/javascript
x-iinfo: 8-16999432-16999436 2CNN RT(1718158546651 777) q(0 2 2 -1) r(2 2)
cache-control: max-age=0
content-length: 580

GET
H2 200 impv-main-815cb9ded7.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 40 KB
11 KB 345ms
335ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-main-815cb9ded7.min.js?ver=815cb9ded7

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e0cd6b0c598bdfc76e7fd1ed5514164b73380299ae62ac3cbcedc678ba5cb790

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-9fb4"
content-type: application/javascript
x-iinfo: 8-16999432-16999436 2CNN RT(1718158546651 779) q(0 2 2 -1) r(2 2)
cache-control: max-age=0
content-length: 11313

GET
H2 200 impv-marketo-upload-controller-3c4f096680.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 43 KB
13 KB 345ms
335ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-marketo-upload-controller-3c4f096680.min.js?ver=3c4f096680

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fed4127db2f052dd15ae8947eab6b8284218919ee5471e1c25e0fc8edcafd329

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-adb9"
content-type: application/javascript
x-iinfo: 8-16999432-16999436 2CNN RT(1718158546651 781) q(0 2 2 -1) r(2 2)
cache-control: max-age=0
content-length: 13298

GET
H2 200 impv-page-hero-c8802dc7af.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 26 KB
8 KB 346ms
336ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-page-hero-c8802dc7af.min.js?ver=c8802dc7af

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

77f06ac180bf184778f65c62016b98bcf72c46a07c6b48ae4c3ca61c1d89801a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-697c"
content-type: application/javascript
x-iinfo: 8-16999432-16999436 2CNN RT(1718158546651 783) q(0 2 2 -1) r(2 2)
cache-control: max-age=0
content-length: 8273

GET
H2 200 impv-new-design-header-27f539c0b0.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 77 KB
21 KB 448ms
438ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-new-design-header-27f539c0b0.min.js?ver=27f539c0b0

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0bfe0a14e701c455113de0aa82cbd885a9b996eeded51638699e0edb229d4425

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-132b3"
content-type: application/javascript
x-iinfo: 8-16999432-16999436 2VNN RT(1718158546651 784) q(0 2 2 -1) r(3 3)
cache-control: max-age=0
content-length: 21796

GET
H2 200 impv-blog-single-7772e0aa89.min.js Show response
www.imperva.com/blog/wp-content/themes/impv-blog/dist/js/ 136 KB
38 KB 551ms
541ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/js/impv-blog-single-7772e0aa89.min.js?ver=7772e0aa89

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

93065f7f13b59b43e639a57b95be8d2274039a09a178181be67d96c854ec4a14

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-21fd1"
content-type: application/javascript
x-iinfo: 8-16999432-16999436 2VNN RT(1718158546651 786) q(0 3 3 -1) r(4 4)
cache-control: max-age=0
content-length: 38722

GET
H2 200 impv-blog-inner-awesome-3869b33dff.min.js Show response
www.imperva.com/blog/wp-content/themes/impv-blog/dist/js/ 96 KB
26 KB 605ms
595ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/js/impv-blog-inner-awesome-3869b33dff.min.js?ver=3869b33dff

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9b57b00465a54f13df71366f64eafa14ff55b0d5a28ae93b0c1e419f8f7de63b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com ; form-action 'self' .salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
etag: "666176aa-17f8d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-slot: slot-1
x-iinfo: 8-16999432-16999461 2NNN RT(1718158546651 788) q(0 3 3 -1) r(4 4)
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 impv-vendors-94d1fbc2c7.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 153 KB
22 KB 104ms
95ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

186af15ec062f321fbe5533ad143a258bfd0f985fa0f6d5a7d24d8d59cbb0a06

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-2627f"
content-type: text/css
x-iinfo: 8-16999432-16999436 2CNN RT(1718158546651 673) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 22363

GET
H2 200 impv-main-47a90affff.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 109 KB
11 KB 106ms
97ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-main-47a90affff.min.css?ver=47a90affff

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8435bb28fa650eaa8b3b37aa761b6bec783644870c0a2c57a23d4de005f0b59e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-1b3b8"
content-type: text/css
x-iinfo: 8-16999432-16999455 2CNN RT(1718158546651 676) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 11579

GET
H2 200 impv-import-layout-header-new-design-12e110f3c9.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 36 KB
6 KB 107ms
98ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-layout-header-new-design-12e110f3c9.min.css?ver=12e110f3c9

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

952808e318dddbd724fb132a120f6f6ba5ae78434b867d20452f112e480aec2f

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-908c"
content-type: text/css
x-iinfo: 8-16999432-16999457 2CNN RT(1718158546651 680) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 6410

GET
H2 200 impv-import-layout-footer-new-design-d1d6f1be28.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 14 KB
3 KB 109ms
100ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-layout-footer-new-design-d1d6f1be28.min.css?ver=d1d6f1be28

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2ebabe1c299e39a1080c22169799148e969b4f0ad36340ec6aee4b3ed815a7eb

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-38ab"
content-type: text/css
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 682) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 2551

GET
H2 200 impv-import-progress-bar-4f1acdc252.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 999 B
453 B 110ms
101ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-progress-bar-4f1acdc252.min.css?ver=4f1acdc252

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3172dc80c6e01ee4da30bb7958bea4576ecdb4d450f4a09168e66ffe894d0949

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-3e7"
content-type: text/css
x-iinfo: 8-16999432-16999461 2CNN RT(1718158546651 685) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 351

GET
H2 200 impv-import-share-buttons-943cb304e9.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 3 KB
966 B 111ms
102ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-943cb304e9.min.css?ver=943cb304e9

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4aa93b95025b5dc2c78d84034aed7dffd0c72848d26798748fca9870097ce3c0

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-c0a"
content-type: text/css
x-iinfo: 8-16999432-16999461 2CNN RT(1718158546651 708) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 864

GET
H2 200 impv-import-tile_cards-c2a5bd96b9.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 9 KB
2 KB 112ms
103ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-tile_cards-c2a5bd96b9.min.css?ver=c2a5bd96b9

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

32c64c63b2b52bcc0f6ee7f41e3dc3bae3e9b07f8bbbf84671c318b74f1b77b9

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-2354"
content-type: text/css
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 711) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 2060

GET
H2 200 impv-import-collapse-59a23b016c.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 683 B
446 B 113ms
105ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-collapse-59a23b016c.min.css?ver=59a23b016c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1201de885b688f12d49f204e83fc09ce059ecf797b355e3fae644539a26af244

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-2ab"
content-type: text/css
x-iinfo: 8-16999432-16999457 2CNN RT(1718158546651 714) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 344

GET
H2 200 impv-import-box-library-layout-35b34a5b30.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 22 KB
4 KB 116ms
107ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-box-library-layout-35b34a5b30.min.css?ver=35b34a5b30

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2953b84b525efe8f1e83cfa4c993ce9b300774552b147acb2d5c17b202f67213

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-56f0"
content-type: text/css
x-iinfo: 8-16999432-16999455 2CNN RT(1718158546651 717) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 3589

GET
H2 200 impv-import-related-cards-18ca1ad399.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 39 KB
6 KB 117ms
109ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-related-cards-18ca1ad399.min.css?ver=18ca1ad399

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9f0a1d965791097cae0ba04a221a2bc3de83f44128f303e0924fd4c586b067dc

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-9baa"
content-type: text/css
x-iinfo: 8-16999432-16999436 2CNN RT(1718158546651 719) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 5916

GET
H2 200 impv-blog-main-6c33702890.min.css
www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/ 18 KB
3 KB 120ms
111ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-main-6c33702890.min.css?ver=6c33702890

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

29ddbc7c5ee98f7a9a84f12ed4fac82d97a0127de386353564fee88ebb008125

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-4802"
content-type: text/css
x-iinfo: 8-16999432-16999461 2CNN RT(1718158546651 721) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 3114

GET
H2 200 impv-blog-inner-eff78ebd7a.min.css
www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/ 29 KB
5 KB 514ms
505ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-eff78ebd7a.min.css?ver=eff78ebd7a

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d749de182c99b390308480b94ea1b08dad2f6a82f6414bf0d4db99a6f0050f81

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-73e7"
content-type: text/css
x-iinfo: 8-16999432-16999470 2VNN RT(1718158546651 723) q(0 0 0 -1) r(0 4)
cache-control: max-age=0
content-length: 4986

GET
H2 200 impv-blog-inner-awesome-38776653f0.min.css
www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/ 51 KB
9 KB 125ms
117ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-awesome-38776653f0.min.css?ver=38776653f0

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6d83cc34a5c6764ba996aecd2fccf2f4e9d1bc272506eb5a0a0f7d9bccc8c7ec

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-ccf5"
content-type: text/css
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 725) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 8995

GET
H2 200 forms2-theme-glow.css
go.imperva.com/js/forms2/css/ 3 KB
1 KB 250ms
57ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.imperva.com/js/forms2/css/forms2-theme-glow.css

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc4975bd5c8039a43c369b00294f4a971a4a70d94684c71f2f361a9ec24cd4f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
etag: "a8125a-d92-619b21e0856c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 892655ccb88d58de-TXL
content-length: 952
expires: Wed, 12 Jun 2024 06:15:47 GMT

GET
H2 200 forms2.css
go.imperva.com/js/forms2/css/ 13 KB
3 KB 351ms
159ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.imperva.com/js/forms2/css/forms2.css

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
etag: "a81258-3437-619b21e0856c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 892655ccb89058de-TXL
content-length: 2623
expires: Wed, 12 Jun 2024 06:15:48 GMT

GET
H2 200 impv-import-benefits-section-2bc17139e9.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 12 KB
2 KB 131ms
123ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-benefits-section-2bc17139e9.min.css?ver=2bc17139e9

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1c5a824e76c257d0d80730f8fa5ecd292f868f6d711612225b3e3cffa2335fad

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-2efa"
content-type: text/css
x-iinfo: 8-16999432-16999457 2CNN RT(1718158546651 729) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 2346

GET
H2 200 impv-import-carousel-25dddd017d.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 4 KB
1 KB 224ms
216ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-carousel-25dddd017d.min.css?ver=25dddd017d

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

11c49b3de0d29902106ba961bfd658b60943ff5a6aebbdb84fb5a71d837f3123

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-ecd"
content-type: text/css
x-iinfo: 8-16999432-16999436 2VNN RT(1718158546651 731) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 946

GET
H2 200 impv-import-cases-section-47baa6657c.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 7 KB
2 KB 132ms
125ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-cases-section-47baa6657c.min.css?ver=47baa6657c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

025cc6517481d481a9204fd763b915871854a4d54b9634843020bf30948a0f5f

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-1a57"
content-type: text/css
x-iinfo: 8-16999432-16999455 2CNN RT(1718158546651 733) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1497

GET
H2 200 impv-import-hero_section-e18316acf4.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 4 KB
2 KB 504ms
496ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-hero_section-e18316acf4.min.css?ver=e18316acf4

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a54f347a323cc9b7d405444751908944155cdbd50910a3f2e2b2aa73dfe88cb7

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-e98"
content-type: text/css
x-iinfo: 8-16999432-16999461 2VNN RT(1718158546651 735) q(0 0 0 -1) r(4 4)
cache-control: max-age=0
content-length: 915

GET
H2 200 impv-import-heros-c3d8b8e3fb.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 47 KB
7 KB 133ms
126ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-heros-c3d8b8e3fb.min.css?ver=c3d8b8e3fb

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bc3eacab2ecefdf1a12c8911d2771b441ba51126a8a825698fa2e1dc66dba1bc

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-bd0e"
content-type: text/css
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 737) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 7255

GET
H2 200 impv-import-logos_section-97238874d7.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 2 KB
562 B 534ms
527ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-logos_section-97238874d7.min.css?ver=97238874d7

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e87fdfba924f8be5ac5df3763aa8e84b1b4d813e87b029c343f51fc218c26c28

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-6b4"
content-type: text/css
x-iinfo: 8-16999432-16999457 2VNN RT(1718158546651 739) q(0 0 0 -1) r(4 4)
cache-control: max-age=0
content-length: 452

GET
H2 200 impv-import-message_section-9dceaf4492.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 1 KB
540 B 139ms
132ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-message_section-9dceaf4492.min.css?ver=9dceaf4492

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

65f088faec558ce0131e258fb36accced15a7ab999416312d9d6e58d32569c86

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-5cb"
content-type: text/css
x-iinfo: 8-16999432-16999455 2CNN RT(1718158546651 741) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 411

GET
H2 200 impv-import-page-tabs-30d6487978.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 11 KB
2 KB 140ms
133ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-page-tabs-30d6487978.min.css?ver=30d6487978

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

84753e5282482f8f00338058509c3e3b92da49a91309ed30273975cdce989031

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-2df5"
content-type: text/css
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 743) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 2096

GET
H2 200 impv-import-pagination-3820d4c90e.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 5 KB
1 KB 141ms
134ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-pagination-3820d4c90e.min.css?ver=3820d4c90e

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

02a5ffe4365f65acb73ab862a060513d00d3fa2a0a6daa4b38670b4118a852d5

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-137b"
content-type: text/css
x-iinfo: 8-16999432-16999455 2CNN RT(1718158546651 745) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 1159

GET
H2 200 impv-import-quote_section-e9f78b498a.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 18 KB
4 KB 144ms
137ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-quote_section-e9f78b498a.min.css?ver=e9f78b498a

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5755a49b2a8ced97cc096160b7b822dfe5f0fbe6f03ccc76d3b4b02a6461e046

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-4897"
content-type: text/css
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 747) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 2870

GET
H2 200 impv-import-round_filters-8d1b29afee.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 8 KB
2 KB 146ms
139ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-round_filters-8d1b29afee.min.css?ver=8d1b29afee

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3f9b804bf0a80e939b00167e70064895ce600b862cdd1d0eb8269763bd98dee0

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-1f1c"
content-type: text/css
x-iinfo: 8-16999432-16999455 2CNN RT(1718158546651 749) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1658

GET
H2 200 impv-import-search_form-6b996aacbb.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 14 KB
3 KB 147ms
141ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-search_form-6b996aacbb.min.css?ver=6b996aacbb

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

85fcd9458c2c585266ac90353442dd2edec3160b65e2e8fd5c5e39cfe9cfd741

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-38fa"
content-type: text/css
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 751) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 2726

GET
H2 200 impv-import-tiles_section-20b642e07c.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 4 KB
1 KB 149ms
143ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-tiles_section-20b642e07c.min.css?ver=20b642e07c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

720db8ff50e5cf3a5d38c99b3c65ffc8426721384343448e59ee9d8e36e10fc3

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-11f7"
content-type: text/css
x-iinfo: 8-16999432-16999455 2CNN RT(1718158546651 753) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 967

GET
H2 200 impv-import-web_testimonials_section-75288470c8.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 13 KB
2 KB 151ms
144ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-web_testimonials_section-75288470c8.min.css?ver=75288470c8

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

96ee59eab1bfbaad9d975ffa1065e65085a86de74b8f78e8a477fed645e6be78

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-32bc"
content-type: text/css
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 756) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1743

GET
H2 200 impv-import-read-next-section-44fb9fe415.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 13 KB
2 KB 153ms
147ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-read-next-section-44fb9fe415.min.css?ver=44fb9fe415

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4aef0e07111798b1a34d6d447e22b83080f3a0bc3f8cba65a536460121ea4a32

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-3458"
content-type: text/css
x-iinfo: 8-16999432-16999455 2CNN RT(1718158546651 758) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1781

GET
H2 200 impv-import-stycky-pagination-a572a14521.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 1 KB
615 B 155ms
149ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-stycky-pagination-a572a14521.min.css?ver=a572a14521

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3cce4475cf10e16d044494898f8ea352a7852252609164b9ee0ed7c18fdda7ea

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-497"
content-type: text/css
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 761) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 513

GET
H2 200 impv-import-see-how-we-can-help-banner-efb116bf58.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 6 KB
1 KB 553ms
548ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-see-how-we-can-help-banner-efb116bf58.min.css?ver=efb116bf58

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

19dacd1b053b27b37690f754cb92fcf60d2ab9e6ae065c8f4d69e914171224ee

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-16d5"
content-type: text/css
x-iinfo: 8-16999432-16999455 2VNN RT(1718158546651 762) q(0 0 0 -1) r(4 4)
cache-control: max-age=0
content-length: 1158

GET
H2 200 impv-import-page-tabs-0c223d8bd6.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 1 KB
654 B 71ms
58ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-import-page-tabs-0c223d8bd6.min.js?ver=0c223d8bd6

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

513d397da9e7d8bb90ac27ec17e78f9a4c5490a9b506846a42ccecc6503b0ca4

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-40c"
content-type: application/javascript
x-iinfo: 8-16999432-16999455 2CNN RT(1718158546651 1237) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 553

GET
H2 200 impv-import-search-window-366eb3374e.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 857 B
643 B 178ms
166ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-import-search-window-366eb3374e.min.js?ver=366eb3374e

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5dc69b358f9db055e7cc13e75cd82bff68f8548a10b5f12d67c0e4682c6f06d4

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-359"
content-type: application/javascript
x-iinfo: 8-16999432-16999457 2VNN RT(1718158546651 1240) q(0 1 1 -1) r(2 2)
cache-control: max-age=0
content-length: 496

GET
H2 200 imperva-a-thales-company-light.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 8 KB
3 KB 514ms
508ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/imperva-a-thales-company-light.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ddca2fed65acd63744a897327877281b3a9e7de698c5fa1bff889d0c90940be3

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 04 Dec 2023 06:00:20 GMT
x-cdn: Imperva
etag: "656d6af4-21a6"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999470 2CNN RT(1718158546651 790) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 3400

GET
H2 200 application-performance-icon.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 2 KB
1 KB 515ms
510ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/application-performance-icon.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

242961abafaf0f9f71d93dbfef73f3ce3573d1a7eb193c2301916f76295d8f8e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 18:02:43 GMT
x-cdn: Imperva
etag: "63dfef43-8c7"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999470 2CNN RT(1718158546651 791) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 1023

GET
H2 200 application-security.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 2 KB
925 B 52ms
52ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/application-security.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f2a6ab5d73300a5d6dfdb80988511d6159e3e63a574a7aec57b25d516e9e6cb

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 18:52:15 GMT
x-cdn: Imperva
etag: "63dffadf-6f0"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999455 2CNN RT(1718158546651 1172) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 799

GET
H2 200 data-security.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 5 KB
2 KB 52ms
52ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/data-security.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

08ebe79e85ad2185d2d6136020e8a5e210b120f18e7f888fa2688b7dc589073d

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 06 Feb 2023 10:21:09 GMT
x-cdn: Imperva
etag: "63e0d495-1366"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999436 2CNN RT(1718158546651 1177) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1818

GET
H2 200 network-security.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 3 KB
3 KB 64ms
52ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/network-security.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

924c77f09e3343d5e33569b1bf5d498d26dc31b5ef00b99ea59e89953da42c86

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 06 Feb 2023 10:28:17 GMT
x-cdn: Imperva
etag: "63e0d641-dea"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999436 2CNN RT(1718158546651 1230) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1565

GET
H2 200 cdn.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 3 KB
1 KB 76ms
65ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/cdn.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

37978492749251dbeab1f130ebbc19a190d4c77887c1d2e919c0830858d8953d

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 18:45:32 GMT
x-cdn: Imperva
etag: "63dff94c-d4e"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1243) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 1362

GET
H2 200 waiting-room.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
1 KB 77ms
66ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/waiting-room.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

63b6594d3b25f2fb489e20a56dc4134520399bf34380abb0c2a5ae82631f2f0a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 18:46:49 GMT
x-cdn: Imperva
etag: "63dff999-e2c"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999436 2CNN RT(1718158546651 1245) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 1197

GET
H2 200 waf.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
1 KB 78ms
67ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/waf.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

88ce1403cc1906c46cdbaf38a96b3d30842c04fc8c6c93a4e4b0d57cd4f86360

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 18:55:07 GMT
x-cdn: Imperva
etag: "63dffb8b-f11"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999470 2CNN RT(1718158546651 1247) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 1352

GET
H2 200 advanced-bot-protection.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
2 KB 79ms
68ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/advanced-bot-protection.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5ac23e65f56d87a6e399a571e99f008a360d3e8de6fbe3c5de92464ae93d419b

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 18:56:14 GMT
x-cdn: Imperva
etag: "63dffbce-1033"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999455 2CNN RT(1718158546651 1250) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1765

GET
H2 200 api-security.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 6 KB
2 KB 80ms
69ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/api-security.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6010e83fe72ef2cd176adaca67ac9c6e3d9c92a159199eeeaf782a3331f2a0d5

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 19:03:25 GMT
x-cdn: Imperva
etag: "63dffd7d-16f0"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1254) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 2238

GET
H2 200 ddos-protection.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
1 KB 81ms
70ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/ddos-protection.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6c6e1030b23653adf9efc4d7cea424664bb37b95ff72d0cfbc6237806ec676df

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 19:04:37 GMT
x-cdn: Imperva
etag: "63dffdc5-e14"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999436 2CNN RT(1718158546651 1256) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1370

GET
H2 200 client-side-protection.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 9 KB
3 KB 205ms
195ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/client-side-protection.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

76fea9e6dfec1fb360e9e76af8ecb7057cd1f7806ab67555c52a77fdb730079e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 19:05:56 GMT
x-cdn: Imperva
etag: "63dffe14-244e"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999436 2VNN RT(1718158546651 1282) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 3109

GET
H2 200 runtime-protection.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 8 KB
3 KB 112ms
102ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/runtime-protection.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7aa92f916531c82fc0110c402faacc2fd5b1e2c0b8bb85448e898f8144a2b7d9

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 19:06:58 GMT
x-cdn: Imperva
etag: "63dffe52-21d9"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1284) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 2849

GET
H2 200 serverless-protection.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
2 KB 114ms
104ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/serverless-protection.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4715b778c68a28824f2bd8d54e0a761a279d40b71f5def3be36aeabfc014ec45

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 19:08:21 GMT
x-cdn: Imperva
etag: "63dffea5-1082"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999455 2CNN RT(1718158546651 1287) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1604

GET
H2 200 attack-analytics.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 3 KB
1 KB 119ms
110ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/attack-analytics.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b43cb8a4c12407c7253b29667f3d47ea80f3d080616d896b546bbba7146802e8

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 19:08:48 GMT
x-cdn: Imperva
etag: "63dffec0-c27"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999470 2CNN RT(1718158546651 1289) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1277

GET
H2 200 data-security-fabric.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 7 KB
3 KB 120ms
111ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/data-security-fabric.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d8fc31bf912e9e3fc7f2107ff41f6287a93cbb6414ee4497519a4416616e829

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 06 Feb 2023 10:26:44 GMT
x-cdn: Imperva
etag: "63e0d5e4-1c5a"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1291) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 3189

GET
H2 200 icon_data_security.3b69d8d2-2-1.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 2 KB
2 KB 123ms
113ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_data_security.3b69d8d2-2-1.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d1e9b122158ad5d4c0d60b7c0f552dc1392e60dcaf649c3827582bf4319e88f3

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:23:46 GMT
x-cdn: Imperva
etag: "65736d42-8d3"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999455 2CNN RT(1718158546651 1292) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 968

GET
H2 200 icon_multicloud.5be4b003-1.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 2 KB
1 KB 125ms
116ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_multicloud.5be4b003-1.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e0ca2c05025cef9c01b466b3d0f40d6064e5fa2da6a2d10230dc9fbc0f523961

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:24:19 GMT
x-cdn: Imperva
etag: "65736d63-861"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1294) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 968

GET
H2 200 Data-Risk-Analytics_black.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 3 KB
1 KB 223ms
214ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/Data-Risk-Analytics_black.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f2562c9a71dd954899c607befc794d81e8353bd20df9b1b8b516f9d140a96641

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:24:55 GMT
x-cdn: Imperva
etag: "65736d87-b2c"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999470 2VNN RT(1718158546651 1296) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 1219

GET
H2 200 icon_brief.4af47836.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 2 KB
955 B 127ms
118ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_brief.4af47836.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3dabd756c34ec4ab838c2232c13156e3b8918bf1911b34f206718e9cf6963791

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:25:44 GMT
x-cdn: Imperva
etag: "65736db8-8d4"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999455 2CNN RT(1718158546651 1299) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 817

GET
H2 200 icon_discover_classify.ca96a429.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 3 KB
1 KB 127ms
121ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_discover_classify.ca96a429.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bc880ae1ec3a729f651a2c6aae829de1a1c61c461187730b401018260a172e2b

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:26:10 GMT
x-cdn: Imperva
etag: "65736dd2-d7b"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1300) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1332

GET
H2 200 cloud-data-security.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 3 KB
1 KB 131ms
125ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/cloud-data-security.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f505512f270809bc07274043af94b12df1c40a727917863590c288de39b3d9fc

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 06 Feb 2023 10:27:34 GMT
x-cdn: Imperva
etag: "63e0d616-d80"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999455 2CNN RT(1718158546651 1304) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1362

GET
H2 200 icon_coverage_black.845bc853-1.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 5 KB
2 KB 136ms
129ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_coverage_black.845bc853-1.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

20b0ae65f9b8f7bf3638714c157445fa3e0aef502864c93eb550f88f16f55917

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:28:42 GMT
x-cdn: Imperva
etag: "65736e6a-1387"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1307) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 2172

GET
H2 200 icon_protect_data_black.c2346606.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 5 KB
2 KB 237ms
231ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_protect_data_black.c2346606.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

caf5734ae4166937cfbc7aeb501797b357daff07085043a0688764b7120c8aea

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:29:22 GMT
x-cdn: Imperva
etag: "65736e92-127f"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999455 2VNN RT(1718158546651 1311) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 1882

GET
H2 200 icon_integrate_black.fbdab592-1.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 2 KB
975 B 141ms
136ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_integrate_black.fbdab592-1.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

45d5183688616d1f2731c59e3b1330ef5ecd0aeb63c875321fc4a12757e0424a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:29:56 GMT
x-cdn: Imperva
etag: "65736eb4-71c"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1313) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 849

GET
H2 200 icon_unify_black.fe30fb89.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 3 KB
1 KB 238ms
232ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_unify_black.fe30fb89.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9b2c624a45d0935f9b6a6c34ace88f60da27db9db482ceca3067554f4de19f6b

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:30:26 GMT
x-cdn: Imperva
etag: "65736ed2-b5e"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2VNN RT(1718158546651 1317) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 1220

GET
H2 200 ddos-protection-1.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
1 KB 156ms
151ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/ddos-protection-1.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f718bffcdd41642b71ca3b768a29cdf3584c0cb45941f70105076bb67bd61f6

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 06 Feb 2023 10:31:10 GMT
x-cdn: Imperva
etag: "63e0d6ee-e06"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999461 2CNN RT(1718158546651 1319) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1365

GET
H2 200 shutterstock_1071270287-30.jpg.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 16 KB
16 KB 160ms
155ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/shutterstock_1071270287-30.jpg.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

da9761274419298d253f018be249d1b154a78343a894053701aed3b74dd4fe47

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 10 Jun 2024 18:37:26 GMT
x-cdn: Imperva
etag: "666747e6-40cc"
content-type: image/webp
x-iinfo: 8-16999432-16999461 2CNN RT(1718158546651 1321) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=0
content-length: 16621

GET
H2 200 Code-1.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 11 KB
11 KB 322ms
317ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/Code-1.png.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

168ac2a75a081b9b182b5cdcd6fe36bc2f084a0c62875826845d990a681fa4c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com ; form-action 'self' .salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 10 Jun 2024 17:58:09 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
etag: "66673eb1-2a60"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
x-slot: slot-1
x-iinfo: 8-16999432-16999457 2NNN RT(1718158546651 1323) q(0 1 1 -1) r(2 2) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 Code-2.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 45 KB
45 KB 206ms
200ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/Code-2.png.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fe3bc6c1baee7759b08ccf7ac0f1cbcaf7dce2a23da472bba7f6268fd7e94ed0

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 10 Jun 2024 18:02:21 GMT
x-cdn: Imperva
etag: "66673fad-b2de"
content-type: image/webp
x-iinfo: 8-16999432-16999436 2CNN RT(1718158546651 1327) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=0
content-length: 45467

GET
H2 200 Code-3.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 67 KB
67 KB 331ms
326ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/Code-3.png.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1963572eed8be8c97ab280af3062931e628fe06c88f869423ad5c5a2bab0e807

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com ; form-action 'self' .salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 10 Jun 2024 18:12:28 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
etag: "6667420c-10a86"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
x-slot: slot-1
x-iinfo: 8-16999432-16999470 2NNN RT(1718158546651 1330) q(0 1 1 -1) r(2 2) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 Code-4.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 48 KB
47 KB 243ms
238ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/Code-4.png.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

572fc3f2622c098a73b18498911c07b22d8246e5513b78704866c8b9b3a6d7cc

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 10 Jun 2024 18:17:24 GMT
x-cdn: Imperva
etag: "66674334-be9e"
content-type: image/webp
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1332) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=0
content-length: 47704

GET
H2 200 Code-5.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 6 KB
6 KB 246ms
241ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/Code-5.png.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1ad7c5088953b625985c922d458e308a91336b424d315635e8f5a2da96bed2eb

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 10 Jun 2024 18:22:10 GMT
x-cdn: Imperva
etag: "66674452-1856"
content-type: image/webp
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1335) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=0
content-length: 6168

GET
H2 200 UI-Screen.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 27 KB
27 KB 248ms
244ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/UI-Screen.png.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

705c3290daf1d027804c910e3191f12c0103711c94a5b4c5fcd90e5c06ebcc38

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 10 Jun 2024 18:22:21 GMT
x-cdn: Imperva
etag: "6667445d-6c62"
content-type: image/webp
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1337) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=0
content-length: 26621

GET
H2 200 Code-6.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 23 KB
22 KB 252ms
247ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/Code-6.png.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

caaacfc0b6b5777311b562143269916b0009f7bb44ecdf2486118a9bfdc31e84

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 10 Jun 2024 18:32:46 GMT
x-cdn: Imperva
etag: "666746ce-5a76"
content-type: image/webp
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1340) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=0
content-length: 21914

GET
H2 200 Server-Damage.png
www.imperva.com/blog/wp-content/uploads/sites/9/2024/04/ 867 KB
868 KB 253ms
248ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/04/Server-Damage.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d0509a71cdb270f4cf7bd1ec96a46c2dfc5a3a8c222360fd7e930d70dbd6cbf7

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 05 Apr 2024 00:25:21 GMT
x-cdn: Imperva
etag: "660f44f1-d8d1c"
content-type: image/png
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1342) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 888357

GET
H2 200 Chatbots-AI-Gen.png
www.imperva.com/blog/wp-content/uploads/sites/9/2024/03/ 650 KB
650 KB 286ms
281ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/03/Chatbots-AI-Gen.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b918b707a508860c2b406f484adeee93cfa42bd84a896744fcd598c1865521f5

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 28 Mar 2024 17:15:46 GMT
x-cdn: Imperva
etag: "6605a5c2-a2618"
content-type: image/png
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1345) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 665240

GET
H2 200 app-delivery.jpg
www.imperva.com/wp-content/themes/impv-blog/dist/imgs/default-thumbnail/ 142 KB
140 KB 164ms
159ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/wp-content/themes/impv-blog/dist/imgs/default-thumbnail/app-delivery.jpg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0fd475cdcbac9fea5b027f1a0dff6b1219f334a43498939d85e192854c466df4

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-23870"
content-type: image/jpeg
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 1347) q(0 -1 -1 -1) r(1 -1)
cache-control: max-age=0
content-length: 143382

GET
H2 200 Screenshot-2024-02-15-at-5.48-1.jpg
www.imperva.com/blog/wp-content/uploads/sites/9/2024/02/ 246 KB
246 KB 299ms
295ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/02/Screenshot-2024-02-15-at-5.48-1.jpg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f7678f7b01be55f3f8c4d9675f07e8303f1bd076f6852d8c296dbaaac2f0002

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 15 Feb 2024 22:51:47 GMT
x-cdn: Imperva
etag: "65ce9583-3d78c"
content-type: image/jpeg
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1349) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 251263

GET
H2 200 Atlassian-CVE-Blog.jpg
www.imperva.com/blog/wp-content/uploads/sites/9/2023/12/ 195 KB
194 KB 304ms
299ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2023/12/Atlassian-CVE-Blog.jpg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

60f0b9f12ce4c118f6e794e479a77e96f4690560ee4ff9487f67cfe307c7b8f6

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 14 Dec 2023 15:59:36 GMT
x-cdn: Imperva
etag: "657b2668-30c4f"
content-type: image/jpeg
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1351) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 198700

GET
H2 200 shutterstock_1071270287-23.jpg
www.imperva.com/blog/wp-content/uploads/sites/9/2023/12/ 67 KB
68 KB 306ms
301ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2023/12/shutterstock_1071270287-23.jpg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

383665614c348aeef8e025136d1d7aef83df0e8f3c8ab9f015a2dae65c91a6aa

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Wed, 13 Dec 2023 14:27:58 GMT
x-cdn: Imperva
etag: "6579bf6e-10df5"
content-type: image/jpeg
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1353) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 69057

GET
H2 200 shape.svg
www.imperva.com/wp-content/uploads/2020/12/ 1 KB
725 B 180ms
176ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/wp-content/uploads/2020/12/shape.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3d225dda4cd22627a45339769c1713dd1b1b012e2a0cd0c45e51c584fde0950e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Wed, 02 Dec 2020 15:09:03 GMT
x-cdn: Imperva
etag: "5fc7ae0f-53f"
content-type: image/svg+xml
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 1355) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 591

GET
H2 200 logo-imperva-a-thales-company.svg
www.imperva.com/blog/wp-content/themes/impv/img/ 8 KB
3 KB 307ms
303ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/img/logo-imperva-a-thales-company.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ddca2fed65acd63744a897327877281b3a9e7de698c5fa1bff889d0c90940be3

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-21a6"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1357) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 3400

GET
H2 200 Group-2554.svg
www.imperva.com/wp-content/uploads/2021/03/ 782 B
527 B 182ms
178ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/wp-content/uploads/2021/03/Group-2554.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

23656e9957f57d4dc83395e4d3583e0320990e1274f97c133e2afd39d15a0d39

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 01 Mar 2021 15:32:23 GMT
x-cdn: Imperva
etag: "603d0907-30e"
content-type: image/svg+xml
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 1359) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 405

GET
H2 200 _Incapsula_Resource Show response
www.imperva.com/ 148 KB
22 KB 178ms
175ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1292185244

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

98be7f90961273d4d6305bf6df5a8d482540e9974fc19f3498398e004abc7b71

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
cache-control: no-cache, no-store
content-encoding: gzip
x-content-type-options: nosniff
x-robots-tag: noindex
content-length: 21256
content-type: application/javascript

GET
H2 200 091ebf04-8283-4c90-a26c-86623781f703.json Show response
cdn.cookielaw.org/consent/091ebf04-8283-4c90-a26c-86623781f703/ 4 KB
2 KB 139ms
59ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/091ebf04-8283-4c90-a26c-86623781f703/091ebf04-8283-4c90-a26c-86623781f703.json

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0bf6a4ee3d2efc3e49a3a705b3b1530ea8a1dd295cf42f18972e3100350ead8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 20313
content-md5: gFTd45fYgTDS2Dcaa+ogsg==
content-length: 1642
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 15:04:52 GMT
server: cloudflare
etag: 0x8DBB9EAF165DE56
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d42dfe1e-f01e-0004-393a-23b484000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892655cd0d904d4f-FRA
expires: Thu, 13 Jun 2024 02:15:48 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 273 KB
74 KB 140ms
42ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ae662bc47f598b1deec34ecd7a9432c766c4db2f2ae8a951fa76336b6c001f85

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:14:48 GMT
content-encoding: br
age: 60
x-guploader-uploadid: ABPtcPoPu30IC-g0Vu_0pT-bCUprmc6wXc-Kc1c9MXjeLLnGV6GjuyUNDbgdo_dOtuJjfURXkIE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75362
last-modified: Thu, 06 Jun 2024 13:11:57 GMT
server: UploadServer
etag: "505d5df439fda0ef6083305f079651ff"
vary: Accept-Encoding
x-goog-generation: 1717679517113319
x-goog-hash: crc32c=dZHqrA==, md5=UF1d9Dn9oO9ggzBfB5ZR/w==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 75362
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 12 Jun 2024 03:14:48 GMT

GET
H2 200 workbox-window.prod.mjs Show response
storage.googleapis.com/workbox-cdn/releases/6.1.1/ 3 KB
2 KB 132ms
39ms Script
application/javascript 2a00:1450:4001:803::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/workbox-cdn/releases/6.1.1/workbox-window.prod.mjs
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3846421d9c73536b2869ff117ea84f6b0e6b764406b34523836d47d306ae4fed

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:05:52 GMT
content-encoding: gzip
age: 596
x-guploader-uploadid: ABPtcPr8Og8-ALako4_INY8b2G58CznbJKZ4Nip4wTRIxkBDbI3f_sy9n73x31at8J6qi5cR9Z8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1299
last-modified: Mon, 22 Feb 2021 19:16:41 GMT
server: UploadServer
etag: "ce7ffaa7ad1f21523b407426d8cbecd6"
vary: Accept-Encoding
x-goog-generation: 1614021401665338
x-goog-hash: crc32c=eSkeUw==, md5=zn/6p60fIVI7QHQm2Mvs1g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1299
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 12 Jun 2025 02:05:52 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 166ms
73ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 892655cdfc6e2c5b-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/ 407 KB
98 KB 56ms
53ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 12zQcT/rVMicuxojEvnp3g==
age: 24790
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 100389
x-ms-lease-status: unlocked
last-modified: Tue, 18 Apr 2023 02:32:15 GMT
server: cloudflare
etag: 0x8DB3FB51FD9A927
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 28d3babc-501e-0022-05ac-12fc9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892655cf2b7d918c-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
75 KB 144ms
58ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KF4BJ8

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1952ac23c6370fc246fa40dea69cea8a7a6a6d9f12546b5d96d3ecd34bce025a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76790
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jun 2024 02:15:48 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 66 KB
18 KB 219ms
46ms Script
application/javascript 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 May 2024 06:01:25 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "663c66b5-106b3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 18038
expires: Wed, 12 Jun 2024 02:15:48 GMT

GET
H2 200 5601c189-ca1e-4728-80a2-9f7d7e128eb9.js Show response
imperva.containers.piwik.pro/ 303 KB
83 KB 167ms
48ms Script
application/javascript 2603:1020:203:3::489
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://imperva.containers.piwik.pro/5601c189-ca1e-4728-80a2-9f7d7e128eb9.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2603:1020:203:3::489 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0a2898376beb9b74ee46ddde4093f1b5e087a52d8a8019bdbbdd4f091662e01d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
referrer-policy: origin
etag: W/"9d548891fbcd1224-e85c20a4cb74d110"
vary: Accept-Encoding, Cookie
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate
x-robots-tag: none
x-cached: HIT

GET
H2 200 d7cdb24c.min.js Show response
tag.demandbase.com/ 101 KB
26 KB 128ms
46ms Script
application/javascript 18.245.46.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/d7cdb24c.min.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-44.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

416fca9cbc59fa0b065d0940c8e03a1aebd919693e1edc93d9baee1910e3eb1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: X3Sw0tBYrX6QbCq23afYpzzqfrpKnyPs
content-encoding: gzip
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
date: Wed, 12 Jun 2024 01:41:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 2697
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 07 Jun 2024 04:28:54 GMT
server: AmazonS3
etag: W/"f613de7908816f798731a1eeba48c232"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: XB0Ad5e6CmHMeAixb2vCHhENJylVihYRZUNjK5DsTZO6aTz7mpNQaQ==

GET
H2 200 xrppvhbiz5n6.js Show response
js.driftt.com/include/1718158800000/ 221 KB
62 KB 414ms
293ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1718158800000/xrppvhbiz5n6.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

24688043f67a45e79662f6fc9b64ddf8ddccafaf458458fe066db7a1be89d05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
x-amz-version-id: vYj2QwoXuDHoMr32TIXJRIEgPcZmsDr0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 55
last-modified: Thu, 30 May 2024 18:54:04 GMT
server: istio-envoy
etag: W/"ae4f24426ae40aec8481b3eedc7098e8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UZR2ayHQSdVleeb4dWV-ZP4ql8KlMSBp3UZT3OJpIsXogWr6GJ6X2w==

GET
H2 200 shape.svg
www.imperva.com/wp-content/uploads/2020/12/ 1 KB
81 B 216ms
51ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/wp-content/uploads/2020/12/shape.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3d225dda4cd22627a45339769c1713dd1b1b012e2a0cd0c45e51c584fde0950e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 15:09:03 GMT
x-cdn: Imperva
etag: "5fc7ae0f-53f"
content-type: image/svg+xml
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 1418) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 591

GET
H2 200 geo Show response
www.imperva.com/wp-json/geoLocationData/v1/ 146 B
651 B 799ms
799ms XHR
application/json 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-json/geoLocationData/v1/geo

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d081e7326a89fb9807555ebb1ec32b18a0af6fb6c159acc98aea83e66cf821a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com ; form-action 'self' .salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
tracestate: 402762@nr=0-1-322172-969995084-e9cc49a8c98c2d4e----1718158548340
traceparent: 00-35917f88e8c260985f24e4fd7e94e5e0-e9cc49a8c98c2d4e-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjE3MiIsImFwIjoiOTY5OTk1MDg0IiwiaWQiOiJlOWNjNDlhOGM5OGMyZDRlIiwidHIiOiIzNTkxN2Y4OGU4YzI2MDk4NWYyNGU0ZmQ3ZTk0ZTVlMCIsInRpIjoxNzE4MTU4NTQ4MzQwLCJ0ayI6IjQwMjc2MiJ9fQ==
Accept: */*
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-cdn: Imperva
x-iinfo: 8-16999432-16999578 NNNN CT(99 205 0) RT(1718158546651 1369) q(0 0 3 -1) r(6 6) U12
content-length: 121
referrer-policy: same-origin
allow: GET, POST
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-slot: slot-1
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://www.imperva.com/wp-json/>; rel="https://api.w.org/"

GET
H2 200 cdn-report-background.jpeg
www.imperva.com/blog/wp-content/uploads/2023/02/ 24 KB
24 KB 287ms
286ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/cdn-report-background.jpeg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bd97a1ba1726d0e2dc8aa6e3628a2eb68032b2a3607c4d9239d0bd56b6e75b1e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 18:03:04 GMT
x-cdn: Imperva
etag: "63dfef58-5e22"
content-type: image/jpeg
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1372) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 24063

GET
H2 200 navbar-promotion-channel-program.png
www.imperva.com/blog/wp-content/uploads/2023/06/ 33 KB
33 KB 287ms
286ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/06/navbar-promotion-channel-program.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8e768be304cb57069ff9e61716ff1dd571e7d88f1dc18f00852a8fda9d0cd22a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Wed, 07 Jun 2023 12:23:03 GMT
x-cdn: Imperva
etag: "648076a7-851c"
content-type: image/png
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1375) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 34114

GET
H2 200 customers-application-security-banner.png
www.imperva.com/blog/wp-content/uploads/2023/02/ 29 KB
29 KB 288ms
287ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/customers-application-security-banner.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

596f24a4c1ca10df756d9b6293582a99f10d1becd6cbb50f3e8a8c74f4d17505

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 06 Feb 2023 10:50:06 GMT
x-cdn: Imperva
etag: "63e0db5e-7387"
content-type: image/png
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1378) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 29608

GET
H2 200 Blog-banner.png
www.imperva.com/blog/wp-content/uploads/2023/02/ 104 KB
105 KB 288ms
288ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/Blog-banner.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b160daffaa522a02b24a9c260a50bc4c5ff7b081162f517fe343255f5d7ac5c2

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 06 Feb 2023 11:00:29 GMT
x-cdn: Imperva
etag: "63e0ddcd-19e17"
content-type: image/png
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1381) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 106065

GET
H2 200 esg-nevbar.png
www.imperva.com/blog/wp-content/uploads/2023/07/ 53 KB
53 KB 290ms
290ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/07/esg-nevbar.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d37b4b075815b666679e52c8064db9533be103d107c15f861db348ea48b4865b

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jul 2023 11:19:05 GMT
x-cdn: Imperva
etag: "64a6a329-d366"
content-type: image/png
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1384) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 54161

GET
H2 200 linkedin-black.svg
www.imperva.com/blog/wp-content/themes/impv/dist/imgs/ 744 B
480 B 290ms
290ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/imgs/linkedin-black.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-943cb304e9.min.css?ver=943cb304e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7662f910f71930fd17446eedb1e9670446fb6d6959e51a8049dbd0bad3bc0bd8

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-943cb304e9.min.css?ver=943cb304e9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-2e8"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1386) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 379

GET
H2 200 twitter-black.svg
www.imperva.com/blog/wp-content/themes/impv/dist/imgs/ 372 B
376 B 291ms
291ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/imgs/twitter-black.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-943cb304e9.min.css?ver=943cb304e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ac63f437d99ab6b64b14d6a8ec86d56269d067448fe958e23aa13464221c0493

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-943cb304e9.min.css?ver=943cb304e9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-174"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1390) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 275

GET
H2 200 facebook-black.svg
www.imperva.com/blog/wp-content/themes/impv/dist/imgs/ 894 B
587 B 292ms
292ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/imgs/facebook-black.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-943cb304e9.min.css?ver=943cb304e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7fd2e4240a153a2c752737589c0edc9833390bfa287647b41f56315ef7b7cd2d

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-943cb304e9.min.css?ver=943cb304e9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-37e"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1392) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 486

GET
H2 200 bg-dots01.svg
www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/ 34 KB
12 KB 293ms
291ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/bg-dots01.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-eff78ebd7a.min.css?ver=eff78ebd7a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d3a7fd1356e747fac0fbffe52717d1f839d20da639548280999b2efb245c7ed

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-eff78ebd7a.min.css?ver=eff78ebd7a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-8650"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1395) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 12665

GET
H2 200 bg-dots02.svg
www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/ 18 KB
7 KB 297ms
296ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/bg-dots02.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-eff78ebd7a.min.css?ver=eff78ebd7a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6c8d043959c8141f082282f3e70f8ccceec0405e72f60c5dcdbb005e31550107

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-eff78ebd7a.min.css?ver=eff78ebd7a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-4823"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1397) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 7260

GET
H2 200 bg-dotted03.svg
www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/ 34 KB
13 KB 299ms
298ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/bg-dotted03.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-eff78ebd7a.min.css?ver=eff78ebd7a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8be60165f00625f3116094377a58246b598c01d24bb7e27d2983733a27e53ff3

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-eff78ebd7a.min.css?ver=eff78ebd7a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-8985"
content-type: image/svg+xml
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1399) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 12907

GET
H2 200 Inter-Regular.woff2
www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/ 98 KB
97 KB 275ms
271ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Regular.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-18810"
content-type: application/octet-stream
x-iinfo: 8-16999432-16999436 2VNN RT(1718158546651 1409) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 99458

GET
H2 200 Inter-Medium.woff2
www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/ 104 KB
103 KB 282ms
278ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Medium.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d308f3dc654f14af6a600482f41458efe0667eb639ec7bf7ddd784502b8fd55

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-19ff4"
content-type: application/octet-stream
x-iinfo: 8-16999432-16999455 2VNN RT(1718158546651 1411) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 105552

GET
H2 200 Inter-Bold.woff2
www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/ 105 KB
104 KB 185ms
181ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Bold.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f5e9a23c31da569497ae9c233b3a3176b33da9ecd52caa3b45dea57805a0cf8

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-1a288"
content-type: application/octet-stream
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1413) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 106106

GET
H2 200 fontello.woff2
www.imperva.com/blog/wp-content/themes/impv/dist/fonts/fontello/ 2 KB
3 KB 187ms
184ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/fonts/fontello/fontello.woff2?6965835

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

190c977f5cfffc6ef67ef2bba456e93cd32fd179dfbe76bc066ef943fce85446

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-978"
content-type: application/octet-stream
x-iinfo: 8-16999432-16999459 2CNN RT(1718158546651 1415) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 2452

GET
H2 200 gabi-stapel-36x36.jpg.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2022/09/ 794 B
942 B 276ms
275ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2022/09/gabi-stapel-36x36.jpg.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

75b0b86ee3f9471a0bf00b9865b960f306a530af65be4115cb4b5cfa7bd62b1f

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 23:15:02 GMT
x-cdn: Imperva
etag: "63377876-31a"
content-type: image/webp
x-iinfo: 8-16999432-16999457 2CNN RT(1718158546651 1403) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 794

GET
H2 200 DanielJohnston-150x150.jpg.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2019/09/ 14 KB
16 KB 320ms
319ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2019/09/DanielJohnston-150x150.jpg.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fd0606fc49a674cbb1ef84a9ddf674912de6cf9adee3fe838acfe0de0dede6c5

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 28 Aug 2020 19:28:37 GMT
x-cdn: Imperva
etag: "5f495ae5-3920"
content-type: image/webp
x-iinfo: 8-16999432-16999459 2VNN RT(1718158546651 1406) q(0 1 1 -1) r(2 2)
cache-control: max-age=0
content-length: 14652

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/091ebf04-8283-4c90-a26c-86623781f703/76ec43e5-0519-49c8-abbd-3a014a11c1ea/ 113 KB
23 KB 57ms
57ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/091ebf04-8283-4c90-a26c-86623781f703/76ec43e5-0519-49c8-abbd-3a014a11c1ea/en.json

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30f890a763ef761e59cf09a86be14e655e72a5231f76b32fd6a0e6114264b329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 68239
content-md5: +1Hlg87bcMDnScZwyCRcdQ==
content-length: 23140
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 15:04:56 GMT
server: cloudflare
etag: 0x8DBB9EAF3D17A5A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ddd14160-101e-008a-2c58-796232000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892655cfcf224d4f-FRA
expires: Thu, 13 Jun 2024 02:15:48 GMT

GET
H2 200 sync
s.company-target.com/s/ Frame E719 0
0 225ms
135ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Wed, 12 Jun 2024 02:15:48 GMT
via: 1.1 google

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 132ms
49ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 geo Show response
www.imperva.com/wp-json/geoLocationData/v1/ 146 B
326 B 1175ms
484ms XHR
application/json 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-json/geoLocationData/v1/geo

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d081e7326a89fb9807555ebb1ec32b18a0af6fb6c159acc98aea83e66cf821a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com ; form-action 'self' .salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
tracestate: 402762@nr=0-1-322172-969995084-4adb3e63feced87e----1718158548487
traceparent: 00-25972533bfff6f244aefd5ee0a9e5370-4adb3e63feced87e-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjE3MiIsImFwIjoiOTY5OTk1MDg0IiwiaWQiOiI0YWRiM2U2M2ZlY2VkODdlIiwidHIiOiIyNTk3MjUzM2JmZmY2ZjI0NGFlZmQ1ZWUwYTllNTM3MCIsInRpIjoxNzE4MTU4NTQ4NDg3LCJ0ayI6IjQwMjc2MiJ9fQ==
Accept: */*
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-cdn: Imperva
x-iinfo: 8-16999432-16999578 PNNN RT(1718158546651 2172) q(0 1 1 -1) r(3 3) U12
content-length: 121
referrer-policy: same-origin
allow: GET, POST
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-slot: slot-1
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://www.imperva.com/wp-json/>; rel="https://api.w.org/"

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 448 B
943 B 173ms
90ms XHR
application/json 18.66.102.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&page_title=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-85.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: efd6a1f2e73f6eda2b9943988d1bdeead35f3436aa3802cedc0b6fdd7ee66bd8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
identification-source: CENTRAL
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: 0521bd17-b49a-4ac4-8fd1-e619d2630048
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.imperva.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: h5hqRXzvZcC8QvBoCBBTu12y6sIolWvcaAA9kQ_KK7btJq_f1v8lEw==
expires: Tue, 11 Jun 2024 02:15:48 GMT

GET
H2 200 geo Show response
www.imperva.com/wp-json/geoLocationData/v1/ 146 B
326 B 1563ms
395ms XHR
application/json 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-json/geoLocationData/v1/geo

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d081e7326a89fb9807555ebb1ec32b18a0af6fb6c159acc98aea83e66cf821a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com ; form-action 'self' .salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
tracestate: 402762@nr=0-1-322172-969995084-dc80184ed58f0b94----1718158548499
traceparent: 00-3873dbfbe8a4d9034c10d513689aadd0-dc80184ed58f0b94-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjE3MiIsImFwIjoiOTY5OTk1MDg0IiwiaWQiOiJkYzgwMTg0ZWQ1OGYwYjk0IiwidHIiOiIzODczZGJmYmU4YTRkOTAzNGMxMGQ1MTM2ODlhYWRkMCIsInRpIjoxNzE4MTU4NTQ4NDk5LCJ0ayI6IjQwMjc2MiJ9fQ==
Accept: */*
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-cdn: Imperva
x-iinfo: 8-16999432-16999578 PNNN RT(1718158546651 2574) q(0 0 0 -1) r(3 3) U12
content-length: 121
referrer-policy: same-origin
allow: GET, POST
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-slot: slot-1
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://www.imperva.com/wp-json/>; rel="https://api.w.org/"

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/ 13 KB
3 KB 57ms
57ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otFlat.json

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QSeDXFW8Ey6Sps1UWSFoNg==
age: 20312
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Tue, 18 Apr 2023 02:32:07 GMT
server: cloudflare
etag: 0x8DB3FB51B21D3A6
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 559b483f-201e-0028-60a6-21582b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892655d09f894d4f-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/ 21 KB
4 KB 58ms
58ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otCommonStyles.css

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jun 2024 02:15:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 18192
x-ms-lease-status: unlocked
last-modified: Tue, 18 Apr 2023 02:32:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 0d8297c8-101e-0041-58cd-216167000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 892655d09f8a4d4f-FRA

GET
DATA 200
OK truncated
/ 210 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51cc5cc0737cbfcc7c7e35a142af498e9784a6bf6fb14815834d8b934b2319f3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 web Show response
edge.fullstory.com/s/settings/Y5R7X/v1/ 4 KB
1 KB 154ms
142ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/Y5R7X/v1/web
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 71b1a3e3da3d092a081225f5b6272e4ccfe9b32d81575fb33a015a1a22dbb7d9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPq-GrDxErSYPCnvACXOrRvAjMS7muBMqzVJGNy9BwiMcgfNbOmQxR0WAt1PPiqmdGVVZ6o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1198
last-modified: Wed, 21 Jun 2023 11:08:06 GMT
server: UploadServer
etag: "ec2c68ea8d76de6f93aa55d2dd62e952"
x-goog-generation: 1687345685956137
x-goog-hash: crc32c=DuKRaA==, md5=7Cxo6o123m+TqlXS3WLpUg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1198
accept-ranges: bytes
content-type: application/json
expires: Wed, 12 Jun 2024 02:30:48 GMT

GET
H2 200 _Incapsula_Resource
www.imperva.com/ 1 B
121 B 41ms
41ms Image
text/plain 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5264161149711177

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
cache-control: no-cache, no-store
x-content-type-options: nosniff
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
98 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7LFBNHR6BF&l=dataLayer&cx=c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fcdb22620f909077f661195acde0f59c08f9436643c9efc79371763f02c932af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100403
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Jun 2024 02:15:48 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 147ms
58ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ea04bbcb32373fe616a45ebd0f89246420fb1836005dd508bdd24c35deb42d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 12 Jun 2024 02:15:48 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 124ms
40ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 02:15:48 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 177ms
40ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D4) /

Resource Hash

7832f4a3c9cdc8ef1259fd500526f9d7bde88361e75340f2d74a6dfbf2afc3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Mon, 10 Jun 2024 20:04:29 GMT
server: ECS (frb/67D4)
age: 18023
etag: "ad123c6771bbda1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25393

GET insight.min.js
snap.licdn.com/li.lms-analytics/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
84 KB 63ms
63ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-991406091

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4e0a2eeebd67075fbd67f5e79fb5eec2a1b1a6e870774c685527505b746f923

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86352
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jun 2024 02:15:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
84 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-991406091&l=dataLayer&cx=c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70646e818443036aae5c3225e22f261b9bb71f5213f5de814f12c6f73f83cf4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86391
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jun 2024 02:15:48 GMT

GET
H2 200 ppms.js Show response
imperva.piwik.pro/ 60 KB
24 KB 163ms
51ms Script
application/javascript 2603:1020:203:3::489
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://imperva.piwik.pro/ppms.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2603:1020:203:3::489 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d780ea58706b7a21b1db69f47c3c575c1f952291cc7963ae7ea050e78d1b1e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Wed, 29 May 2024 11:49:19 GMT
referrer-policy: origin
etag: W/"6657163f-efb3"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=21600
expires: Wed, 12 Jun 2024 08:15:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
74 KB 54ms
54ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-114236658-1&l=dataLayer&cx=c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f1b0c9f12e3f83451f52481a3ebae6297c15b10b3a0e71f686bff534a5f62979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75266
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jun 2024 02:15:48 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
420 B 218ms
135ms XHR
text/html 2600:9000:2724:9600:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=h5hqRXzvZcC8QvBoCBBTu12y6sIolWvcaAA9kQ_KK7btJq_f1v8lEw==&api-version=v2
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:9600:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Tue, 11 Jun 2024 08:01:43 GMT
via: 1.1 b44afb2a44376871c20edb8c123ed47c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 65646
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: oMF_ud8yBSXzoEYv-0vqwB5s1fIrzmOFuItgchz6wwCRDjMktbMXMg==

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 74ms
47ms XHR
text/html 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:48 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.imperva.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 19 B
309 B 200ms
42ms XHR
text/html 2a02:26f0:480:23::1726:629c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:629c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2ad83efd3b3987100da97f634d1cf0f23ba332b8ecb510a2af3883d224272216

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:49 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.imperva.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:1338:92::4
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1718158548958_388391900_318990184_33_1186_38_82_219";dur=1
content-length: 19
expires: Wed, 12 Jun 2024 02:15:49 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 164ms
150ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7567fc14-aec4-41c1-87b1-523657ce4c37&session=dcf5a6bc-8237-4980-807f-1216bdfa3437&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2012%20Jun%202024%2002%3A15%3A48%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=959b91e1-56ce-48e3-80f2-e8f7e153f71e&v=1.1.20

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:49 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 12 Jun 2024 02:15:49 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 162ms
149ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7567fc14-aec4-41c1-87b1-523657ce4c37&session=dcf5a6bc-8237-4980-807f-1216bdfa3437&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2012%20Jun%202024%2002%3A15%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%226ba0a5170b7bdf842e22ba6f114c37d0%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2012%20Jun%202024%2002%3A15%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2012%20Jun%202024%2002%3A15%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=959b91e1-56ce-48e3-80f2-e8f7e153f71e&v=1.1.20

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:49 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 12 Jun 2024 02:15:49 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 134ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7LFBNHR6BF&gtm=45je46a0v9116219100za200zb71979964&_p=1718158547908&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1072475452.1718158549&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1718158548&sct=1&seg=0&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&dt=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1848
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LFBNHR6BF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imperva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 152ms
48ms Ping
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7LFBNHR6BF&cid=1072475452.1718158549&gtm=45je46a0v9116219100za200zb71979964&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LFBNHR6BF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imperva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp_report
www.imperva.com/ 0
28 B 41ms
40ms Other
text/plain 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/csp_report

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
cache-control: no-cache, no-store
x-content-type-options: nosniff
x-robots-tag: noindex
content-length: 0
content-type: text/plain

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 105ms
49ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7LFBNHR6BF&cid=1072475452.1718158549&gtm=45je46a0v9116219100za200zb71979964&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=427555637

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 page Show response
rs.fullstory.com/rec/ 75 B
282 B 244ms
154ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

d3cfdc0aeea2b41a0bf11c2ed24e615f84abd0d9495e5c66fb328540819b9cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 Jun 2024 02:15:49 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.imperva.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 40ms
40ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 02:15:48 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Fri, 20 Sep 2024 02:15:48 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4fc7f9fa/www-widgetapi.vflset/ 37 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fc7f9fa/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12617
x-xss-protection: 0
last-modified: Mon, 10 Jun 2024 04:18:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 12 Jun 2025 01:43:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Jun 2024 00:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6401
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 12 Jun 2024 02:29:08 GMT

GET
H2 200 ipv
cdn.bizible.com/ 43 B
328 B 40ms
39ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=5f46686e20cb4e46e0de77fe46165e7f&_biz_l=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&_biz_t=1718158548993&_biz_i=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva&_biz_n=0&rnd=323549&cdn_o=a&_biz_z=1718158548993

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:49 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 07 Jun 2024 21:15:25 GMT
server: ECS (frb/67BA)
age: 363624
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
204 B 41ms
40ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizibly.com/u?_biz_u=5f46686e20cb4e46e0de77fe46165e7f&_biz_l=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&_biz_t=1718158548996&_biz_i=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva&rnd=383051&cdn_o=a&_biz_z=1718158548996

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:49 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 07 Jun 2024 21:15:27 GMT
server: ECS (frb/6752)
age: 363622
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

POST
H2 202 ppms.php
imperva.piwik.pro/ 0
0 50ms
49ms Ping
text/html 2603:1020:203:3::489
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://imperva.piwik.pro/ppms.php
Requested by: Host: imperva.piwik.pro
URL: https://imperva.piwik.pro/ppms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2603:1020:203:3::489 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

POST
H/1.1 200
OK visitWebPage
727-wrl-406.mktoresp.com/webevents/ 2 B
318 B 579ms
122ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://727-wrl-406.mktoresp.com/webevents/visitWebPage?_mchNc=1718158549025&_mchCn=&_mchId=727-WRL-406&_mchTk=_mch-imperva.com-1718158549024-82605&_mchHo=www.imperva.com&_mchPo=&_mchRu=%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 02:15:49 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 2ddd2a1c-79a5-433b-9096-4406db64c985

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 84 B
294 B 152ms
151ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=5f46686e20cb4e46e0de77fe46165e7f&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.06.10

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6711) /

Resource Hash

6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
server: ECS (frb/6711)
etag: EFEDFBC3
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 186

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 152ms
151ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7567fc14-aec4-41c1-87b1-523657ce4c37&session=dcf5a6bc-8237-4980-807f-1216bdfa3437&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A92%3A%3A4%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=959b91e1-56ce-48e3-80f2-e8f7e153f71e&v=1.1.20

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:49 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 12 Jun 2024 02:15:49 GMT

POST
H2 200 strants-not-worstling-We-what-her-Lords-Thunderd Show response
www.imperva.com/ 735 B
881 B 265ms
223ms Fetch
application/json 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/strants-not-worstling-We-what-her-Lords-Thunderd?d=www.imperva.com

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

38554267ba75a7b93bb74f00a8eb68a7bb3fcb4d60277b914ffec4ec05812c71

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
tracestate: 402762@nr=0-1-322172-969995084-f9dab62510cbabc1----1718158549135
traceparent: 00-b44a9181c8ee8074c1d2a15452c678c0-f9dab62510cbabc1-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjE3MiIsImFwIjoiOTY5OTk1MDg0IiwiaWQiOiJmOWRhYjYyNTEwY2JhYmMxIiwidHIiOiJiNDRhOTE4MWM4ZWU4MDc0YzFkMmExNTQ1MmM2NzhjMCIsInRpIjoxNzE4MTU4NTQ5MTM1LCJ0ayI6IjQwMjc2MiJ9fQ==
content-type: text/plain; charset=utf-8
accept: application/json; charset=utf-8
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:49 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-content-type-options: nosniff
content-encoding: gzip
x-cdn: Imperva
content-type: application/json
access-control-allow-origin: *
x-iinfo: 8-16999432-16999442 PNYN RT(1718158546651 2043) q(0 0 0 -1) r(3 3) U6
cache-control: no-cache, no-store
server-timing: bon, total;dur=219.53700600000002

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 47ms
46ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2097972909&t=pageview&_s=1&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&ul=de-de&de=UTF-8&dt=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aBDAAUABAAAAACAAI~&jid=2005599927&gjid=2048680160&cid=1072475452.1718158549&tid=UA-114236658-1&_gid=1533006649.1718158549&_r=1&gtm=457e46a0z89116219100za200zb9116219100&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=868596711

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imperva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 51ms
50ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-114236658-1&cid=1072475452.1718158549&jid=2005599927&gjid=2048680160&_gid=1533006649.1718158549&npa=1&_u=aBDAAUAAAAAAACAAI~&z=1657910750

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jun 2024 02:15:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imperva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core
js.driftt.com/ Frame 99F5 0
0 233ms
156ms Document
text/html 18.245.86.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=xrppvhbiz5n6&eId=xrppvhbiz5n6&region=US&forceShow=false&skipCampaigns=false&sessionId=8d0ee46e-851a-42c7-b57e-a3d954e1e1fe&sessionStarted=1718158549.234&campaignRefreshToken=e1cf7e81-8d9d-4fa7-82fb-8da9462708f3&hideController=false&pageLoadStartTime=1718158547774&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-87.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 12 Jun 2024 02:15:49 GMT
etag: W/"5bb8e97d035f5bbf7dbcf6acec56024f"
last-modified: Thu, 30 May 2024 18:53:57 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-amz-cf-id: eWNz5Q78W4WdpuSPYowAZXTk6aNye6NZJf4U7fyNqI37oqX4BYC2Qg==
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: ZQPLXKU2LF9qHSvtQBhI5fOuyTbAKL0d
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 18

GET
H2 200 chat
js.driftt.com/core/ Frame B077 0
0 224ms
148ms Document
text/html 18.245.86.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1718158547774

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-87.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 12 Jun 2024 02:15:49 GMT
etag: W/"5bb8e97d035f5bbf7dbcf6acec56024f"
last-modified: Thu, 30 May 2024 18:53:57 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-amz-cf-id: phOxkmiRtS2uj7aFRR8gAI2Lm1vwZLg1rLj9U4nwcWHwA5DpEa5wkA==
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: ZQPLXKU2LF9qHSvtQBhI5fOuyTbAKL0d
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 20

GET
H2 200 nr-spa-1209.min.js Show response
js-agent.newrelic.com/ 42 KB
17 KB 151ms
48ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1209.min.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: KgzCtiOnqYr340UnH7uEeaW1TwZyFYCF
content-encoding: br
via: 1.1 varnish
date: Wed, 12 Jun 2024 02:15:49 GMT
strict-transport-security: max-age=300
x-amz-request-id: 4WAGEBXPVQZN3EKM
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16548
x-amz-id-2: LBCSapswYUWJHecsCoV+v6fB/Xhje/O2l92lqwLQxDcx9seOmO5rgoOz6cxf3nOKEdmbvGe1fFA=
x-served-by: cache-mxp6929-MXP
last-modified: Wed, 18 Oct 2023 21:31:08 GMT
server: AmazonS3
etag: "0a1d4ac0ed6107cdf844f28cc3ba3b82"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2602

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 130ms
49ms Image
image/gif 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114236658-1&cid=1072475452.1718158549&jid=2005599927&npa=1&_u=aBDAAUAAAAAAACAAI~&z=631000954

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp_report
www.imperva.com/ 0
28 B 137ms
136ms Other
text/plain 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/csp_report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
cache-control: no-cache, no-store
x-content-type-options: nosniff
x-robots-tag: noindex
content-length: 0
content-type: text/plain

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 51ms
51ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114236658-1&cid=1072475452.1718158549&jid=2005599927&npa=1&_u=aBDAAUAAAAAAACAAI~&z=631000954

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 09b953aa28 Show response
bam.nr-data.net/1/ 79 B
579 B 357ms
260ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/09b953aa28?a=969995084&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=2368&ck=1&ref=https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/&be=673&fe=2207&dc=1467&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1718158547033,%22n%22:0,%22f%22:0,%22dn%22:22,%22dne%22:22,%22c%22:22,%22s%22:61,%22ce%22:105,%22rq%22:105,%22rp%22:548,%22rpe%22:741,%22dl%22:551,%22di%22:1451,%22ds%22:1467,%22de%22:1504,%22dc%22:2199,%22l%22:2207,%22le%22:2218%7D,%22navigation%22:%7B%7D%7D&fp=1355&fcp=1355&jsonp=NREUM.setToken
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c909725b0ea7da9994f16e47a4142783410c5aa25cdd7770f85dc61eb8a170c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:49 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: *
Content-Length: 79
x-served-by: cache-fra-etou8220083-FRA

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 153ms
153ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7567fc14-aec4-41c1-87b1-523657ce4c37&session=dcf5a6bc-8237-4980-807f-1216bdfa3437&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2012%20Jun%202024%2002%3A15%3A49%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2012%20Jun%202024%2002%3A15%3A48%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=959b91e1-56ce-48e3-80f2-e8f7e153f71e&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:49 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 12 Jun 2024 02:15:49 GMT

GET
H2 200 u
cdn.bizible.com/ 43 B
109 B 44ms
44ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A727-WRL-406%26token%3A_mch-imperva.com-1718158549024-82605&_biz_u=5f46686e20cb4e46e0de77fe46165e7f&_biz_l=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&_biz_t=1718158549996&_biz_i=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva&_biz_n=1&rnd=152220&cdn_o=a&_biz_z=1718158549996

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:50 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 07 Jun 2024 21:15:27 GMT
server: ECS (frb/6752)
age: 363623
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 favicon.png
www.imperva.com/wp-content/themes/impv/icons/ 415 B
544 B 56ms
56ms Other
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/icons/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

01ec196bf73e983ac57b3769fd71e3fcc07123f0cf6998e2ed095a7a75843e8a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:49 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-19f"
content-type: image/png
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 2955) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 415

GET
H2 200 favicon.icns
www.imperva.com/wp-content/themes/impv/icons/ 802 B
962 B 54ms
54ms Other
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/icons/favicon.icns

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

15799e5551a532f329f20935f7f365968188541c2519369e70b6fed7b4c8f5e5

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:49 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-322"
content-type: application/octet-stream
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 3013) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 802

GET
H2 200 favicon.ico
www.imperva.com/ 1 KB
2 KB 58ms
58ms Other
image/x-icon 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

78949eac36ad0be444962fa0a2885a20503fae47cd999442d301d61a5e4be0bb

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:49 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-47e"
content-type: image/x-icon
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 3069) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 1150

GET
H2 200 favicon.ico
www.imperva.com/wp-content/themes/impv/icons/ 1 KB
1 KB 53ms
53ms Other
image/x-icon 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/icons/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

78949eac36ad0be444962fa0a2885a20503fae47cd999442d301d61a5e4be0bb

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:49 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-47e"
content-type: image/x-icon
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 3130) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 1150

GET
H2 200 favicon-32.png
www.imperva.com/wp-content/themes/impv/icons/ 629 B
738 B 156ms
156ms Other
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/icons/favicon-32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f704a7156ec50c34bba729b656133b6099c5ee960d8271af5f8be8863b91b66

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:49 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-275"
content-type: image/png
x-iinfo: 8-16999432-16999455 2VNN RT(1718158546651 3186) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 629

GET
H2 200 Code-1.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 11 KB
106 B 52ms
51ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/Code-1.png.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

168ac2a75a081b9b182b5cdcd6fe36bc2f084a0c62875826845d990a681fa4c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com ; form-action 'self' .salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:49 GMT
content-encoding: gzip
referrer-policy: same-origin
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 10 Jun 2024 17:58:09 GMT
x-cdn: Imperva
x-content-type-options: nosniff
etag: "66673eb1-2a60"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
x-slot: slot-1
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 3211) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 148ms
148ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7567fc14-aec4-41c1-87b1-523657ce4c37&session=dcf5a6bc-8237-4980-807f-1216bdfa3437&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2012%20Jun%202024%2002%3A15%3A50%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2012%20Jun%202024%2002%3A15%3A49%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=959b91e1-56ce-48e3-80f2-e8f7e153f71e&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:50 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 12 Jun 2024 02:15:50 GMT

POST
H2 202 ppms.php
imperva.piwik.pro/ 0
0 54ms
54ms Ping
text/html 2603:1020:203:3::489
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://imperva.piwik.pro/ppms.php
Requested by: Host: imperva.piwik.pro
URL: https://imperva.piwik.pro/ppms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2603:1020:203:3::489 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
40ms Image
image/gif 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2097972909&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&ul=de-de&de=UTF-8&dt=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%202242516&_u=aDDAAUABAAAAACAAI~&jid=&gjid=&cid=1072475452.1718158549&tid=UA-114236658-1&_gid=1533006649.1718158549&gtm=457e46a0z89116219100za200zb9116219100&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=652773392

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 20:16:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Code-1.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 11 KB
126 B 55ms
55ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/Code-1.png.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

168ac2a75a081b9b182b5cdcd6fe36bc2f084a0c62875826845d990a681fa4c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com ; form-action 'self' .salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 02:15:51 GMT
content-encoding: gzip
referrer-policy: same-origin
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 10 Jun 2024 17:58:09 GMT
x-cdn: Imperva
x-content-type-options: nosniff
etag: "66673eb1-2a60"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
x-slot: slot-1
x-iinfo: 8-16999432-0 0CNN RT(1718158546651 4644) q(0 -1 -1 -1) r(1 -1)
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 148ms
148ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7567fc14-aec4-41c1-87b1-523657ce4c37&session=dcf5a6bc-8237-4980-807f-1216bdfa3437&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2012%20Jun%202024%2002%3A15%3A51%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2012%20Jun%202024%2002%3A15%3A50%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223003%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=959b91e1-56ce-48e3-80f2-e8f7e153f71e&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:51 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 12 Jun 2024 02:15:51 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 149ms
148ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7567fc14-aec4-41c1-87b1-523657ce4c37&session=dcf5a6bc-8237-4980-807f-1216bdfa3437&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2012%20Jun%202024%2002%3A15%3A52%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2012%20Jun%202024%2002%3A15%3A51%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224004%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=959b91e1-56ce-48e3-80f2-e8f7e153f71e&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:52 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 12 Jun 2024 02:15:52 GMT

POST
H/1.1 200 09b953aa28 Show response
bam.nr-data.net/events/1/ 24 B
342 B 258ms
258ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/09b953aa28?a=969995084&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=5980&ck=1&ref=https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 12 Jun 2024 02:15:53 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.imperva.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-etou8220083-FRA

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
0 151ms
151ms Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7567fc14-aec4-41c1-87b1-523657ce4c37&session=dcf5a6bc-8237-4980-807f-1216bdfa3437&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2012%20Jun%202024%2002%3A15%3A53%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2012%20Jun%202024%2002%3A15%3A52%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225004%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=959b91e1-56ce-48e3-80f2-e8f7e153f71e&v=1.1.20

Protocol

Server

-, , ASN (),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:53 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 12 Jun 2024 02:15:53 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 46ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7LFBNHR6BF&gtm=45je46a0v9116219100za200zb71979964&_p=1718158547908&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1072475452.1718158549&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=kA&_s=2&sid=1718158548&sct=1&seg=0&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&dt=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva&en=API%20Resolution&ep.event_category=Demandbase&ep.event_label=IP%20API&_et=270&tfd=7121
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LFBNHR6BF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 02:15:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imperva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imperva.com/	1969-12-31 23:59:59	Name: nlbi_2439_1706812 Value: 9vCPPZAY0jV8aWNwDugsBAAAAACOHGLPJmyeg67XsZhY1ke8
.imperva.com/	1970-01-21 06:01:20	Name: visid_incap_2439 Value: BateZO64Sa2yWzS060NxX9IEaWYAAAAAQUIPAAAAAACnQ6oz6T7Dkonjxs/3pzLA
.imperva.com/	1969-12-31 23:59:59	Name: incap_ses_184_2439 Value: v1uJaJVLHH57zPVpG7ONAtMEaWYAAAAAh4sc5bmw90GvywPHlnr/SQ==
www.imperva.com/	1969-12-31 23:59:59	Name: isEuropeUser Value: true
www.imperva.com/	1969-12-31 23:59:59	Name: cookieconsent_status Value: europe-user
.go.imperva.com/	1970-01-20 21:16:00	Name: __cf_bm Value: DpiohoCLsGEjQbxXa.dUCPpoPVCfEGUMNzCF8aViaGE-1718158548-1.0.1.1-skggt4RHM9QRcgjSc0NWkkf1q25.WbzruRr8O4QDd8s2Q9R49NfLoZNtVeOKA_7QhwyX.Ch7IUvPGVtJ9OlfGQ
www.imperva.com/	1970-01-21 06:01:34	Name: isReturningUser Value: true
.company-target.com/	1970-01-21 06:51:58	Name: tuuid Value: aecfaeac-8a48-41a2-85bb-a7e0f7b26798
.company-target.com/	1970-01-21 06:51:58	Name: tuuid_lu Value: 1718158548\|ix:0\|mctv:0\|rp:0
www.imperva.com/	1970-01-20 21:16:00	Name: stg_traffic_source_priority Value: 1
.casalemedia.com/	1970-01-21 06:01:34	Name: CMID Value: ZmkE1FVbLVcAACObAMrSqQAA
.casalemedia.com/	1970-01-20 23:25:34	Name: CMPS Value: 5173
.casalemedia.com/	1970-01-20 23:25:34	Name: CMPRO Value: 5173
www.imperva.com/	1970-01-21 06:51:58	Name: _gd_visitor Value: 7567fc14-aec4-41c1-87b1-523657ce4c37
www.imperva.com/	1970-01-20 21:16:12	Name: _gd_session Value: dcf5a6bc-8237-4980-807f-1216bdfa3437
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: DC3BzRVhp3w
.youtube.com/	1970-01-21 01:35:10	Name: VISITOR_INFO1_LIVE Value: s9pT3UF-DwU
.youtube.com/	1970-01-21 01:35:10	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgOQ%3D%3D
.imperva.com/	1970-01-21 01:35:10	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Jun+12+2024+04%3A15%3A48+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202303.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=7a84e3e8-34a9-49ab-abfe-b3cc1c7d54e3&interactionCount=0&landingPath=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.imperva.com/	1970-01-20 23:25:34	Name: _gcl_au Value: 1.1.1087502890.1718158549
.imperva.com/	1970-01-21 06:01:34	Name: _biz_uid Value: 5f46686e20cb4e46e0de77fe46165e7f
.imperva.com/	1970-01-20 21:16:00	Name: _pk_ses.5601c189-ca1e-4728-80a2-9f7d7e128eb9.4f80 Value: *
.imperva.com/	1970-01-21 06:51:58	Name: _mkto_trk Value: id:727-WRL-406&token:_mch-imperva.com-1718158549024-82605
.bizible.com/	1970-01-21 06:01:34	Name: _BUID Value: 5f46686e20cb4e46e0de77fe46165e7f
.bizibly.com/	1970-01-21 06:01:34	Name: _BUID Value: f2d01ff341b0621bbd6d53921bed33d0
.tremorhub.com/	1970-01-21 06:01:55	Name: tvid Value: 65c766984e7043b18d10ac656526f859
.tremorhub.com/	1970-01-21 06:51:58	Name: tv_UIDM Value: aecfaeac-8a48-41a2-85bb-a7e0f7b26798
.imperva.com/	1970-01-21 06:51:58	Name: _ga Value: GA1.2.1072475452.1718158549
.imperva.com/	1970-01-20 21:17:24	Name: _gid Value: GA1.2.1533006649.1718158549
.imperva.com/	1970-01-20 21:15:58	Name: _gat_gtag_UA_114236658_1 Value: 1
.imperva.com/	1970-01-21 06:51:58	Name: _ga_7LFBNHR6BF Value: GS1.1.1718158548.1.0.1718158549.59.0.0
www.imperva.com/	1970-01-20 21:16:00	Name: drift_campaign_refresh Value: e1cf7e81-8d9d-4fa7-82fb-8da9462708f3
www.imperva.com/	1970-01-21 06:01:34	Name: stg_last_interaction Value: Wed%2C%2012%20Jun%202024%2002:15:49%20GMT
www.imperva.com/	1970-01-21 06:01:34	Name: stg_returning_visitor Value: Wed%2C%2012%20Jun%202024%2002:15:49%20GMT
.imperva.com/	1969-12-31 23:59:59	Name: nlbi_2439_2147483392 Value: C69CIPdOQHcIoYYFDugsBAAAAAByaF+ZlHYawjuS1wZz8ifu
.www.imperva.com/	1970-01-20 21:59:10	Name: reese84 Value: 3:mwibBPQO6yAV+JdMa1Z/rg==:aG3G2auF9311+deBDcw72X2GqmPSGM9T4gG0SzyDCfjD6E1AS2pTmaT1w0SBcqUScTXvVZVGpoeVpv0rAFxtkkYXZ4JFRlYN6A/Yz7W5RxF7SIsP00twZAWyXoFFYQu1SdXgZ7f5worgqGesc6DC+FiydpwVz2MyjProImng1DdSrspYAQ6HtUasPcqDubC8M/uMdhNkU25phFQCryHjmPPa27rCaT+iil94xu9WagfKHPuiRyoBxpBlTiXa3Eauna2WBN5Mxcc/PEcDpffeHsci2oJ6bgYV9KI1UNw6tgox2568jZtOTtyvp0s8xr6Kf6B2opFCqGvF1aAwZ/fxTz1zpMyuoxioGzM95/w2PBY6/mR2GZr71a4F5F5h6QTy3c0/6tArFStnvHoR/V2fHFadQTKTeyPP3QZbwWaC/aljM6A0RuWpmCHPfns3T7WFsWo+VzbgB+uwa1OvxQ7kipan3/DAq7Xq7JyNkA70sL2CsrzoVZmQ603egX3TLq1oorrlGreaUUKw8n08DHF3YfxMR26dFlnYq4JU5S16lRaaf5wjgr1Fq4QW6FsC78X5YnBct6Mc7TZXqP/F/vI1FA==:Mhcgy9Dxzwu62AqFxm9g8FEkfKxK7Clv/9bJavpYtIg=
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 41288e46848c0de4
.imperva.com/	1970-01-21 06:01:34	Name: _biz_nA Value: 2
.imperva.com/	1970-01-21 06:01:34	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%2C%22Mkto%22%3A%221%22%7D
.imperva.com/	1970-01-21 06:01:34	Name: _biz_pendingA Value: %5B%5D
www.imperva.com/	1970-01-20 21:16:00	Name: ppwp_wp_session Value: 93352196b3e6cd7cf0bb3c7641081d1a%7C%7C1718160349%7C%7C1718159989
www.imperva.com/	1970-01-21 06:51:58	Name: drift_aid Value: f309c34c-1bff-4667-bb52-18b40f5183f2
www.imperva.com/	1970-01-21 06:51:58	Name: driftt_aid Value: f309c34c-1bff-4667-bb52-18b40f5183f2
.imperva.com/	1970-01-21 06:41:53	Name: _pk_id.5601c189-ca1e-4728-80a2-9f7d7e128eb9.4f80 Value: 4fb804f1102b49f5.1718158549.1.1718158552.1718158549.

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
security	error	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/(Line 14) Message: Refused to load the script 'https://snap.licdn.com/li.lms-analytics/insight.min.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com *.hcaptcha.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: [Report Only] Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7LFBNHR6BF&cid=1072475452.1718158549&gtm=45je46a0v9116219100za200zb71979964&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=427555637' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: bam.nr-data.net www.google.co.ke .gstatic.com www.googletagmanager.com .imperva.com c.6sc.co .doubleclick.net www.google.com.my munchkin.marketo.net cdn.bizible.com cdn.bizibly.com .vimeo.com ipv6.6sc.co id.rlcdn.com www.google.com www.google-analytics.com .optimizely.com js.driftt.com www.google.com.mx tag.demandbase.com translate.google.com www.google.com.ph edge.fullstory.com www.google.com.bd www.google.co.za rs.fullstory.com .mktoutil.com www.google.co.jp www.google.co.in api.company-target.com s.company-target.com cdn.cookielaw.org b.6sc.co www.google.com.sg .mktoresp.com www.google.com.au www.google.lk www.google.com.vn www.google.ca www.youtube.com www.google.com.tr .licdn.com www.google.ae www.brighttalk.com tag-logger.demandbase.com js-agent.newrelic.com secure.gravatar.com www.google.co.il analytics.google.com www.google.co.id .onetrust.com .googleapis.com www.google.com.pk imperva.piwik.pro region1.analytics.google.com www.google.co.uk jscloud.net j.6sc.co adservice.google.com *.facebook.net imperva.containers.piwik.pro". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://js.driftt.com/include/1718158800000/xrppvhbiz5n6.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
security	error	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: [Report Only] Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114236658-1&cid=1072475452.1718158549&jid=2005599927&npa=1&_u=aBDAAUAAAAAAACAAI~&z=631000954' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: bam.nr-data.net www.google.co.ke .gstatic.com www.googletagmanager.com .imperva.com c.6sc.co .doubleclick.net www.google.com.my munchkin.marketo.net cdn.bizible.com cdn.bizibly.com .vimeo.com ipv6.6sc.co id.rlcdn.com www.google.com www.google-analytics.com .optimizely.com js.driftt.com www.google.com.mx tag.demandbase.com translate.google.com www.google.com.ph edge.fullstory.com www.google.com.bd www.google.co.za rs.fullstory.com .mktoutil.com www.google.co.jp www.google.co.in api.company-target.com s.company-target.com cdn.cookielaw.org b.6sc.co www.google.com.sg .mktoresp.com www.google.com.au www.google.lk www.google.com.vn www.google.ca www.youtube.com www.google.com.tr .licdn.com www.google.ae www.brighttalk.com tag-logger.demandbase.com js-agent.newrelic.com secure.gravatar.com www.google.co.il analytics.google.com www.google.co.id .onetrust.com .googleapis.com www.google.com.pk imperva.piwik.pro region1.analytics.google.com www.google.co.uk jscloud.net j.6sc.co adservice.google.com *.facebook.net imperva.containers.piwik.pro". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com ; form-action 'self' .salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

727-wrl-406.mktoresp.com
api.company-target.com
b.6sc.co
bam.nr-data.net
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
edge.fullstory.com
geolocation.onetrust.com
go.imperva.com
id.rlcdn.com
imperva.containers.piwik.pro
imperva.piwik.pro
ipv6.6sc.co
j.6sc.co
js-agent.newrelic.com
js.driftt.com
munchkin.marketo.net
region1.analytics.google.com
rs.fullstory.com
s.company-target.com
snap.licdn.com
stats.g.doubleclick.net
storage.googleapis.com
tag-logger.demandbase.com
tag.demandbase.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.imperva.com
www.youtube.com
snap.licdn.com
104.17.73.206
142.250.185.78
142.250.186.99
152.195.15.58
162.247.243.29
172.217.16.196
172.217.18.8
18.245.46.44
18.245.86.73
18.245.86.87
18.66.102.85
192.28.144.124
2.17.147.185
2001:4860:4802:34::36
2600:9000:2724:9600:1d:8d6d:3b40:93a1
2602:816:5001::39
2603:1020:203:3::489
2606:4700:4400::ac40:9b77
2606:4700::6813:b134
2a00:1450:4001:803::201b
2a00:1450:4001:810::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2008
2a00:1450:400c:c0d::9b
2a02:26f0:480:23::1726:629c
34.96.71.22
35.186.194.58
35.201.112.186
35.244.174.68
45.60.76.225
88.221.60.75
01ec196bf73e983ac57b3769fd71e3fcc07123f0cf6998e2ed095a7a75843e8a
025cc6517481d481a9204fd763b915871854a4d54b9634843020bf30948a0f5f
02a5ffe4365f65acb73ab862a060513d00d3fa2a0a6daa4b38670b4118a852d5
08ebe79e85ad2185d2d6136020e8a5e210b120f18e7f888fa2688b7dc589073d
099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23
0a2898376beb9b74ee46ddde4093f1b5e087a52d8a8019bdbbdd4f091662e01d
0bfe0a14e701c455113de0aa82cbd885a9b996eeded51638699e0edb229d4425
0c909725b0ea7da9994f16e47a4142783410c5aa25cdd7770f85dc61eb8a170c
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d5cc190ab17ffc4216e1bcf25e052261bbdc6a970d037d242dd9099d9e0b14a
0ef4267ef8c1d414d85062c3eca4a02270822af0e4dda820937a4577200d4d76
0f7dfe72f016f723dffc551a4e3c0e17492acd9494d8d8392a53f6223c1eef83
0fd475cdcbac9fea5b027f1a0dff6b1219f334a43498939d85e192854c466df4
11c49b3de0d29902106ba961bfd658b60943ff5a6aebbdb84fb5a71d837f3123
1201de885b688f12d49f204e83fc09ce059ecf797b355e3fae644539a26af244
15799e5551a532f329f20935f7f365968188541c2519369e70b6fed7b4c8f5e5
168ac2a75a081b9b182b5cdcd6fe36bc2f084a0c62875826845d990a681fa4c4
186af15ec062f321fbe5533ad143a258bfd0f985fa0f6d5a7d24d8d59cbb0a06
190c977f5cfffc6ef67ef2bba456e93cd32fd179dfbe76bc066ef943fce85446
1952ac23c6370fc246fa40dea69cea8a7a6a6d9f12546b5d96d3ecd34bce025a
1963572eed8be8c97ab280af3062931e628fe06c88f869423ad5c5a2bab0e807
19dacd1b053b27b37690f754cb92fcf60d2ab9e6ae065c8f4d69e914171224ee
1ad7c5088953b625985c922d458e308a91336b424d315635e8f5a2da96bed2eb
1c5a824e76c257d0d80730f8fa5ecd292f868f6d711612225b3e3cffa2335fad
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
20b0ae65f9b8f7bf3638714c157445fa3e0aef502864c93eb550f88f16f55917
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
23656e9957f57d4dc83395e4d3583e0320990e1274f97c133e2afd39d15a0d39
242961abafaf0f9f71d93dbfef73f3ce3573d1a7eb193c2301916f76295d8f8e
24688043f67a45e79662f6fc9b64ddf8ddccafaf458458fe066db7a1be89d05d
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2953b84b525efe8f1e83cfa4c993ce9b300774552b147acb2d5c17b202f67213
29ddbc7c5ee98f7a9a84f12ed4fac82d97a0127de386353564fee88ebb008125
2ad83efd3b3987100da97f634d1cf0f23ba332b8ecb510a2af3883d224272216
2ebabe1c299e39a1080c22169799148e969b4f0ad36340ec6aee4b3ed815a7eb
30f890a763ef761e59cf09a86be14e655e72a5231f76b32fd6a0e6114264b329
3172dc80c6e01ee4da30bb7958bea4576ecdb4d450f4a09168e66ffe894d0949
32c64c63b2b52bcc0f6ee7f41e3dc3bae3e9b07f8bbbf84671c318b74f1b77b9
37978492749251dbeab1f130ebbc19a190d4c77887c1d2e919c0830858d8953d
383665614c348aeef8e025136d1d7aef83df0e8f3c8ab9f015a2dae65c91a6aa
3846421d9c73536b2869ff117ea84f6b0e6b764406b34523836d47d306ae4fed
38554267ba75a7b93bb74f00a8eb68a7bb3fcb4d60277b914ffec4ec05812c71
3cce4475cf10e16d044494898f8ea352a7852252609164b9ee0ed7c18fdda7ea
3d225dda4cd22627a45339769c1713dd1b1b012e2a0cd0c45e51c584fde0950e
3dabd756c34ec4ab838c2232c13156e3b8918bf1911b34f206718e9cf6963791
3f9b804bf0a80e939b00167e70064895ce600b862cdd1d0eb8269763bd98dee0
416fca9cbc59fa0b065d0940c8e03a1aebd919693e1edc93d9baee1910e3eb1c
45d5183688616d1f2731c59e3b1330ef5ecd0aeb63c875321fc4a12757e0424a
4715b778c68a28824f2bd8d54e0a761a279d40b71f5def3be36aeabfc014ec45
49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964
4aa93b95025b5dc2c78d84034aed7dffd0c72848d26798748fca9870097ce3c0
4aef0e07111798b1a34d6d447e22b83080f3a0bc3f8cba65a536460121ea4a32
513d397da9e7d8bb90ac27ec17e78f9a4c5490a9b506846a42ccecc6503b0ca4
51cc5cc0737cbfcc7c7e35a142af498e9784a6bf6fb14815834d8b934b2319f3
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
572fc3f2622c098a73b18498911c07b22d8246e5513b78704866c8b9b3a6d7cc
5755a49b2a8ced97cc096160b7b822dfe5f0fbe6f03ccc76d3b4b02a6461e046
596f24a4c1ca10df756d9b6293582a99f10d1becd6cbb50f3e8a8c74f4d17505
5ac23e65f56d87a6e399a571e99f008a360d3e8de6fbe3c5de92464ae93d419b
5cff80f1e7a1f5a2ec26e2bb7e497e16987c36538a01883101482afabb044fff
5d308f3dc654f14af6a600482f41458efe0667eb639ec7bf7ddd784502b8fd55
5d3a7fd1356e747fac0fbffe52717d1f839d20da639548280999b2efb245c7ed
5d8fc31bf912e9e3fc7f2107ff41f6287a93cbb6414ee4497519a4416616e829
5dc69b358f9db055e7cc13e75cd82bff68f8548a10b5f12d67c0e4682c6f06d4
6010e83fe72ef2cd176adaca67ac9c6e3d9c92a159199eeeaf782a3331f2a0d5
60f0b9f12ce4c118f6e794e479a77e96f4690560ee4ff9487f67cfe307c7b8f6
63b6594d3b25f2fb489e20a56dc4134520399bf34380abb0c2a5ae82631f2f0a
65f088faec558ce0131e258fb36accced15a7ab999416312d9d6e58d32569c86
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88
6c6e1030b23653adf9efc4d7cea424664bb37b95ff72d0cfbc6237806ec676df
6c8d043959c8141f082282f3e70f8ccceec0405e72f60c5dcdbb005e31550107
6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6
6d83cc34a5c6764ba996aecd2fccf2f4e9d1bc272506eb5a0a0f7d9bccc8c7ec
6f2a6ab5d73300a5d6dfdb80988511d6159e3e63a574a7aec57b25d516e9e6cb
6f5e9a23c31da569497ae9c233b3a3176b33da9ecd52caa3b45dea57805a0cf8
6f704a7156ec50c34bba729b656133b6099c5ee960d8271af5f8be8863b91b66
6f718bffcdd41642b71ca3b768a29cdf3584c0cb45941f70105076bb67bd61f6
6f7678f7b01be55f3f8c4d9675f07e8303f1bd076f6852d8c296dbaaac2f0002
705c3290daf1d027804c910e3191f12c0103711c94a5b4c5fcd90e5c06ebcc38
70646e818443036aae5c3225e22f261b9bb71f5213f5de814f12c6f73f83cf4f
71b1a3e3da3d092a081225f5b6272e4ccfe9b32d81575fb33a015a1a22dbb7d9
720db8ff50e5cf3a5d38c99b3c65ffc8426721384343448e59ee9d8e36e10fc3
75b0b86ee3f9471a0bf00b9865b960f306a530af65be4115cb4b5cfa7bd62b1f
7662f910f71930fd17446eedb1e9670446fb6d6959e51a8049dbd0bad3bc0bd8
76fea9e6dfec1fb360e9e76af8ecb7057cd1f7806ab67555c52a77fdb730079e
77f06ac180bf184778f65c62016b98bcf72c46a07c6b48ae4c3ca61c1d89801a
7832f4a3c9cdc8ef1259fd500526f9d7bde88361e75340f2d74a6dfbf2afc3a5
78949eac36ad0be444962fa0a2885a20503fae47cd999442d301d61a5e4be0bb
7aa92f916531c82fc0110c402faacc2fd5b1e2c0b8bb85448e898f8144a2b7d9
7fd2e4240a153a2c752737589c0edc9833390bfa287647b41f56315ef7b7cd2d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8435bb28fa650eaa8b3b37aa761b6bec783644870c0a2c57a23d4de005f0b59e
84753e5282482f8f00338058509c3e3b92da49a91309ed30273975cdce989031
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fcd9458c2c585266ac90353442dd2edec3160b65e2e8fd5c5e39cfe9cfd741
88ce1403cc1906c46cdbaf38a96b3d30842c04fc8c6c93a4e4b0d57cd4f86360
89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814
8be60165f00625f3116094377a58246b598c01d24bb7e27d2983733a27e53ff3
8c3da68772482df35780186361a229c8c8e345d85ca905528b8026452387fb1a
8e768be304cb57069ff9e61716ff1dd571e7d88f1dc18f00852a8fda9d0cd22a
924c77f09e3343d5e33569b1bf5d498d26dc31b5ef00b99ea59e89953da42c86
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
93065f7f13b59b43e639a57b95be8d2274039a09a178181be67d96c854ec4a14
930c9d4853d5c7b9587f01dfbd1c1a3f2d4087fd8f3fad25275d4160fdda555c
952808e318dddbd724fb132a120f6f6ba5ae78434b867d20452f112e480aec2f
96ee59eab1bfbaad9d975ffa1065e65085a86de74b8f78e8a477fed645e6be78
98be7f90961273d4d6305bf6df5a8d482540e9974fc19f3498398e004abc7b71
9b2c624a45d0935f9b6a6c34ace88f60da27db9db482ceca3067554f4de19f6b
9b558120de2b2c5887d865396c37584e2c59c8ef3ffc3f684b91c5ee2c180abd
9b57b00465a54f13df71366f64eafa14ff55b0d5a28ae93b0c1e419f8f7de63b
9ea04bbcb32373fe616a45ebd0f89246420fb1836005dd508bdd24c35deb42d7
9f0a1d965791097cae0ba04a221a2bc3de83f44128f303e0924fd4c586b067dc
a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81
a54f347a323cc9b7d405444751908944155cdbd50910a3f2e2b2aa73dfe88cb7
a88fa03a7f8faca508e17fe76108c5cb812e152e7af22ab1c9c2c791cbaa924c
aafd1810c5d11078e73acbff122e10a7f8073e3c1ac5bdb24bd6bdd81cc496c4
ac63f437d99ab6b64b14d6a8ec86d56269d067448fe958e23aa13464221c0493
ae662bc47f598b1deec34ecd7a9432c766c4db2f2ae8a951fa76336b6c001f85
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b160daffaa522a02b24a9c260a50bc4c5ff7b081162f517fe343255f5d7ac5c2
b43cb8a4c12407c7253b29667f3d47ea80f3d080616d896b546bbba7146802e8
b4e0a2eeebd67075fbd67f5e79fb5eec2a1b1a6e870774c685527505b746f923
b918b707a508860c2b406f484adeee93cfa42bd84a896744fcd598c1865521f5
bc3eacab2ecefdf1a12c8911d2771b441ba51126a8a825698fa2e1dc66dba1bc
bc880ae1ec3a729f651a2c6aae829de1a1c61c461187730b401018260a172e2b
bd97a1ba1726d0e2dc8aa6e3628a2eb68032b2a3607c4d9239d0bd56b6e75b1e
bdaeb454f34af48fb87d4c74c39d5b7d6c26eb0a3b6dea349e3896634f71ddff
be4288cf3f5721ff4da854fdc5d9574c32ef032248b320fb61554f0be5c14111
c05540d0695ed6129ef63ef5fb8f8528e9ab4fbd49ef3f4052b295a8be077b87
c72c77d9577203f6f39747d43be9ff438e7a2307dcab86f44e1c126abc83b227
caaacfc0b6b5777311b562143269916b0009f7bb44ecdf2486118a9bfdc31e84
caf5734ae4166937cfbc7aeb501797b357daff07085043a0688764b7120c8aea
d0509a71cdb270f4cf7bd1ec96a46c2dfc5a3a8c222360fd7e930d70dbd6cbf7
d081e7326a89fb9807555ebb1ec32b18a0af6fb6c159acc98aea83e66cf821a3
d1e9b122158ad5d4c0d60b7c0f552dc1392e60dcaf649c3827582bf4319e88f3
d37b4b075815b666679e52c8064db9533be103d107c15f861db348ea48b4865b
d3cfdc0aeea2b41a0bf11c2ed24e615f84abd0d9495e5c66fb328540819b9cb3
d749de182c99b390308480b94ea1b08dad2f6a82f6414bf0d4db99a6f0050f81
d780ea58706b7a21b1db69f47c3c575c1f952291cc7963ae7ea050e78d1b1e6b
da9761274419298d253f018be249d1b154a78343a894053701aed3b74dd4fe47
dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddca2fed65acd63744a897327877281b3a9e7de698c5fa1bff889d0c90940be3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ca2c05025cef9c01b466b3d0f40d6064e5fa2da6a2d10230dc9fbc0f523961
e0cd6b0c598bdfc76e7fd1ed5514164b73380299ae62ac3cbcedc678ba5cb790
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87fdfba924f8be5ac5df3763aa8e84b1b4d813e87b029c343f51fc218c26c28
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd6a1f2e73f6eda2b9943988d1bdeead35f3436aa3802cedc0b6fdd7ee66bd8
f0bf6a4ee3d2efc3e49a3a705b3b1530ea8a1dd295cf42f18972e3100350ead8
f1b0c9f12e3f83451f52481a3ebae6297c15b10b3a0e71f686bff534a5f62979
f2562c9a71dd954899c607befc794d81e8353bd20df9b1b8b516f9d140a96641
f505512f270809bc07274043af94b12df1c40a727917863590c288de39b3d9fc
fc4975bd5c8039a43c369b00294f4a971a4a70d94684c71f2f361a9ec24cd4f7
fcdb22620f909077f661195acde0f59c08f9436643c9efc79371763f02c932af
fd0606fc49a674cbb1ef84a9ddf674912de6cf9adee3fe838acfe0de0dede6c5
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe3bc6c1baee7759b08ccf7ac0f1cbcaf7dce2a23da472bba7f6268fd7e94ed0
fed4127db2f052dd15ae8947eab6b8284218919ee5471e1c25e0fc8edcafd329

www.imperva.com Open in urlscan Pro 45.60.76.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

196 Requests

99 %HTTPS

39 %IPv6

24 Domains

33 Subdomains

32 IPs

6 Countries

5098 kBTransfer

9031 kBSize

44 Cookies

25 Outgoing links

Redirected requests

196 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.imperva.com Open in urlscan Pro
45.60.76.225 Public Scan

Screenshot
Live screenshot

Full Image

196
Requests

99 %
HTTPS

39 %
IPv6

24
Domains

33
Subdomains

32
IPs

6
Countries

5098 kB
Transfer

9031 kB
Size

44
Cookies

196 HTTP transactions
1 data transactions