www.imperva.com Open in urlscan Pro
45.60.76.225 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Submission: On June 18 via api (June 18th 2024, 1:19:05 am UTC) from US — Scanned from DE

Summary HTTP 195 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 25 domains to perform 195 HTTP transactions. The main IP is 45.60.76.225, located in United States and belongs to INCAPSULA, US. The main domain is www.imperva.com. The Cisco Umbrella rank of the primary domain is 256667.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 14th 2024. Valid for: a year.

This is the only time www.imperva.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
127	45.60.76.225 45.60.76.225	19551 (INCAPSULA) (INCAPSULA)
6	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:803::201b	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
2	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	95.101.111.170 95.101.111.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2603:1020:203... 2603:1020:203:3::489	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.245.46.25 18.245.46.25	16509 (AMAZON-02) (AMAZON-02)
1	18.245.86.77 18.245.86.77	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
5	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
1	2a02:26f0:310... 2a02:26f0:3100::1735:2823	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.185.232 142.250.185.232	15169 (GOOGLE) (GOOGLE)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	18.66.102.85 18.66.102.85	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:272... 2600:9000:2724:8e00:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:310... 2a02:26f0:3100::1735:2baa	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.245.86.73 18.245.86.73	16509 (AMAZON-02) (AMAZON-02)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
195	35

127 45.60.76.225 (United States)

ASN19551 (INCAPSULA, US)

www.imperva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.imperva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.101.111.170 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-170.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2603:1020:203:3::489 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

imperva.containers.piwik.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imperva.piwik.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-25.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-77.fra60.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:2823 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-85.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:8e00:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

727-wrl-406.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:2baa (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.86.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-73.fra60.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
129	imperva.com www.imperva.com — Cisco Umbrella Rank: 256667 go.imperva.com — Cisco Umbrella Rank: 715920	4 MB
9	6sc.co j.6sc.co — Cisco Umbrella Rank: 5930 c.6sc.co — Cisco Umbrella Rank: 8413 ipv6.6sc.co — Cisco Umbrella Rank: 6075 b.6sc.co — Cisco Umbrella Rank: 3843	20 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	138 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	418 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 352 px4.ads.linkedin.com — Cisco Umbrella Rank: 6457	2 KB
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 8814	26 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68	21 KB
4	piwik.pro imperva.containers.piwik.pro — Cisco Umbrella Rank: 882852 imperva.piwik.pro — Cisco Umbrella Rank: 597114	106 KB
3	driftt.com js.driftt.com — Cisco Umbrella Rank: 7352	62 KB
3	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2364 rs.fullstory.com — Cisco Umbrella Rank: 2143	76 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 296	921 B
2	company-target.com s.company-target.com — Cisco Umbrella Rank: 1561 api.company-target.com — Cisco Umbrella Rank: 4480	948 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 4509	6 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 90	10 KB
2	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 6161 tag-logger.demandbase.com — Cisco Umbrella Rank: 5445	26 KB
2	google.de www.google.de — Cisco Umbrella Rank: 8196	126 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 132	396 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3078 www.google.com — Cisco Umbrella Rank: 5	317 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 893	17 KB
1	mktoresp.com 727-wrl-406.mktoresp.com — Cisco Umbrella Rank: 843768	318 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 15566	204 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 892	98 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 958	17 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 638	306 B
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 394	2 KB
195	25

	Domain	Requested by
127	www.imperva.com	www.imperva.com
6	b.6sc.co	www.imperva.com
6	cdn.cookielaw.org	www.imperva.com
5	www.googletagmanager.com	www.imperva.com
4	cdn.bizible.com	www.imperva.com cdn.bizible.com
4	www.google-analytics.com	www.imperva.com
3	px.ads.linkedin.com	1 redirects www.imperva.com
3	imperva.piwik.pro	www.imperva.com imperva.piwik.pro
3	js.driftt.com	www.imperva.com
2	bam.nr-data.net	www.imperva.com
2	munchkin.marketo.net	www.imperva.com
2	www.youtube.com	www.imperva.com
2	www.google.de	www.imperva.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.imperva.com
2	edge.fullstory.com	www.imperva.com
2	go.imperva.com	www.imperva.com
1	js-agent.newrelic.com	www.imperva.com
1	ipv6.6sc.co	www.imperva.com
1	c.6sc.co	www.imperva.com
1	www.google.com	www.imperva.com
1	727-wrl-406.mktoresp.com	munchkin.marketo.net
1	tag-logger.demandbase.com	www.imperva.com
1	px4.ads.linkedin.com	www.imperva.com
1	cdn.bizibly.com	www.imperva.com
1	api.company-target.com	www.imperva.com
1	rs.fullstory.com	www.imperva.com
1	id.rlcdn.com	www.imperva.com
1	s.company-target.com	www.imperva.com
1	snap.licdn.com	www.imperva.com
1	tag.demandbase.com	www.imperva.com
1	imperva.containers.piwik.pro	www.imperva.com
1	j.6sc.co	www.imperva.com
1	geolocation.onetrust.com	www.imperva.com
1	region1.analytics.google.com	www.googletagmanager.com
1	storage.googleapis.com	www.imperva.com
195	35

This site contains links to these domains. Also see Links.

Domain
cpl.thalesgroup.com
community.imperva.com
support.imperva.com
docs.imperva.com
partners.imperva.com
www.linkedin.com
twitter.com
www.facebook.com
nvd.nist.gov
www.php.net
www.crowdstrike.com
cert.360.cn
www.sangfor.com
www.bleepingcomputer.com
x.com
status.imperva.com
www.youtube.com
www.glassdoor.com
soundcloud.com
vimeo.com

Subject Issuer	Validity	Valid
www.imperva.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-14` - `2025-03-20`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
go.imperva.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-29` - `2025-05-30`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-05-03` - `2024-08-01`	3 months	crt.sh
storage.googleapis.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google.de WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
6sc.co R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
*.containers.piwik.pro GlobeSSL DV CA	`2024-01-02` - `2025-01-01`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-07` - `2025-07-08`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.piwik.pro GlobeSSL DV CA	`2024-01-02` - `2025-01-28`	a year	crt.sh
*.company-target.com R11	`2024-06-16` - `2024-09-14`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-05-02` - `2024-07-31`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.demandbase.com Amazon RSA 2048 M02	`2024-06-10` - `2025-07-08`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Frame ID: A58AAB147AB2C9EA0AC2AF29C991DD94
Requests: 193 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 341835C82C83B00BE7198C6EEE3B5E6A
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=xrppvhbiz5n6&eId=xrppvhbiz5n6&region=US&forceShow=false&skipCampaigns=false&sessionId=8ff09ce0-efa8-47cb-81d7-0a4f1fd979fa&sessionStarted=1718673539.8&campaignRefreshToken=f7cb5324-7125-4d27-9da6-f451d7c04d2c&hideController=false&pageLoadStartTime=1718673536782&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F
Frame ID: 9C22716D192A99B87E2B99AFCD0BA496
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1718673536782
Frame ID: 72AB9BD3063701AD284F298917E90511
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware | Imperva

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

195
Requests

98 %
HTTPS

41 %
IPv6

25
Domains

35
Subdomains

35
IPs

5
Countries

4961 kB
Transfer

8691 kB
Size

47
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://cpl.thalesgroup.com/encryption/data-security-platform
Title: Data encryption and cryptographic solutions

Search URL Search Domain Scan URL

URL: https://community.imperva.com/home
Title: Community

Search URL Search Domain Scan URL

URL: https://support.imperva.com/
Title: Support Portal Login

Search URL Search Domain Scan URL

URL: https://docs.imperva.com/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://partners.imperva.com/
Title: Partner Portal Login

Search URL Search Domain Scan URL

URL: https://docs.imperva.com/bundle/articles/page/product-service-certifications.htm
Title: Imperva Certifications

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&text=Update:%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20%20Ransomware&hashtags=ImpervaResources

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2024-4577
Title: CVE-2024-4577

Search URL Search Domain Scan URL

URL: https://www.php.net/manual/en/function.system.php
Title: system

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/blog/tellyouthepass-ransomware-analysis-reveals-modern-reinterpretation-using-golang/
Title: various forms over the years

Search URL Search Domain Scan URL

URL: https://cert.360.cn/report/detail?id=65fceeb4c09f255b91b17f11
Title: [1]

Search URL Search Domain Scan URL

URL: https://www.sangfor.com/farsight-labs-threat-intelligence/cybersecurity/new-tellyouthepass-ransomware-variant-discovered
Title: [2]

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/forums/t/798060/tellyouthepass-ransomware-locked;-read-me9html-support-topic/
Title: Bleeping Computer Forums

Search URL Search Domain Scan URL

URL: https://x.com/robin840211/status/1800061751486210505
Title: X

Search URL Search Domain Scan URL

URL: https://status.imperva.com/
Title: System Status

Search URL Search Domain Scan URL

URL: https://docs.imperva.com/bundle/cloud-application-security/page/api/api.htm
Title: API Integration

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/imperva/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/imperva

Search URL Search Domain Scan URL

URL: https://twitter.com/imperva

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ImpervaChannel

Search URL Search Domain Scan URL

URL: https://www.glassdoor.com/Overview/Working-at-Imperva-EI_IE101738.11,18.htm

Search URL Search Domain Scan URL

URL: https://soundcloud.com/imperva

Search URL Search Domain Scan URL

URL: https://vimeo.com/user130735021

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 161

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3567372&time=1718673539266&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3567372&time=1718673539266&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&e_ipv6=AQJgdoNFePV7rAAAAZAo7QFDlK0Q_CIMhd7PS7RTkw4iP9w8fByi4GnPw5OdyB5F2A

195 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/ 266 KB
52 KB 458ms
406ms Document
text/html 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

85d6f3e0d9feacd555fef2eff513390f95de58483cb82f1b15b1053d102c0b9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: cdn.bizible.com *.imperva.com www.google.com.mx www.google.co.za *.onetrust.com adservice.google.com b.6sc.co tag.demandbase.com www.googletagmanager.com www.google.com *.gstatic.com www.google-analytics.com *.adroll.com www.google.co.ke www.google.com.sg www.google.ae *.optimizely.com www.google.com.vn js-agent.newrelic.com cdn.bizibly.com c.6sc.co cdn.cookielaw.org www.google.com.tr *.mktoutil.com secure.gravatar.com *.googleapis.com www.google.lk www.google.ca bam.nr-data.net www.google.com.pk munchkin.marketo.net www.google.co.id tag-logger.demandbase.com js.driftt.com www.google.de www.google.co.uk region1.analytics.google.com ipv6.6sc.co j.6sc.co www.brighttalk.com www.google.co.in www.google.co.jp www.google.com.au imperva.piwik.pro edge.fullstory.com *.licdn.com id.rlcdn.com s.company-target.com *.vimeo.com www.youtube.com imperva.containers.piwik.pro *.linkedin.com *.facebook.net rs.fullstory.com *.doubleclick.net api.company-target.com www.google.com.bd translate.google.com jscloud.net www.google.com.ph *.mktoresp.com analytics.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/html; charset=UTF-8
date: Tue, 18 Jun 2024 01:18:56 GMT
last-modified: Mon, 17 Jun 2024 22:48:41 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 8-30504694-30504697 2NNN RT(1718673535439 12) q(0 0 0 1) r(4 4) U18
x-slot: slot-1

GET
H2 200 strants-not-worstling-We-what-her-Lords-Thunderd Show response
www.imperva.com/ 228 KB
73 KB 35ms
34ms Script
text/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/strants-not-worstling-We-what-her-Lords-Thunderd

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e1a09602f219fce59e9d50730188a9cb6360b5fd96491ededd3f52f09457f692

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
x-cdn: Imperva
content-type: text/javascript
access-control-allow-origin: *
x-iinfo: 8-30504694-30504701 NNNN CT(3 4 0) RT(1718673535439 430) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
server-timing: bon, total;dur=12.930306000000002
content-length: 74506

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 141ms
17ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OKrCs7nhvutcs03VCUskmw==
age: 16725
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:30 GMT
server: cloudflare
etag: 0x8DC8B517E123FAA
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ae3a10ff-301e-004b-7bac-bda210000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 895772c508aebb61-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
99 KB 167ms
43ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7LFBNHR6BF

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4464fa36b9975d130806709a108eb29b0632a7ff3fd9313551ce28e273b51344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101479
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 01:18:56 GMT

GET
H2 200 logo.svg
www.imperva.com/wp-content/uploads/2018/12/ 2 KB
1 KB 98ms
0ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/wp-content/uploads/2018/12/logo.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c05540d0695ed6129ef63ef5fb8f8528e9ab4fbd49ef3f4052b295a8be077b87

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Sun, 30 Dec 2018 09:40:17 GMT
x-cdn: Imperva
etag: "5c289281-7f3"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 1558) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 1002

GET
H2 200 icomoon.ttf
www.imperva.com/wp-content/themes/impv/dist/fonts/icomoon/ 4 KB
3 KB 225ms
113ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/icomoon/icomoon.ttf?ucf6ha

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a88fa03a7f8faca508e17fe76108c5cb812e152e7af22ab1c9c2c791cbaa924c

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-fd8"
content-type: application/octet-stream
x-iinfo: 8-30504694-30504697 2VNN RT(1718673535439 664) q(0 0 0 -1) r(0 1)
cache-control: max-age=0
content-length: 2885

GET
H2 200 382BE0_0_0.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/fabricat/ 30 KB
30 KB 139ms
27ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/fabricat/382BE0_0_0.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bdaeb454f34af48fb87d4c74c39d5b7d6c26eb0a3b6dea349e3896634f71ddff

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-7670"
content-type: application/octet-stream
x-iinfo: 8-30504694-30504709 2CNN RT(1718673535439 675) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 30353

GET
H2 200 Inter-ExtraBold.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/ 105 KB
104 KB 146ms
35ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/Inter-ExtraBold.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0ef4267ef8c1d414d85062c3eca4a02270822af0e4dda820937a4577200d4d76

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-1a328"
content-type: application/octet-stream
x-iinfo: 8-30504694-30504711 2CNN RT(1718673535439 680) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 106427

GET
H2 200 Inter-Light.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/ 103 KB
102 KB 170ms
59ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Light.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0f7dfe72f016f723dffc551a4e3c0e17492acd9494d8d8392a53f6223c1eef83

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-19c54"
content-type: application/octet-stream
x-iinfo: 8-30504694-30504713 2CNN RT(1718673535439 684) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 104597

GET
H2 200 Inter-Regular.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/ 98 KB
99 KB 172ms
63ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Regular.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-18810"
content-type: application/octet-stream
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 688) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 99458

GET
H2 200 Inter-Medium.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/ 104 KB
103 KB 180ms
72ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Medium.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d308f3dc654f14af6a600482f41458efe0667eb639ec7bf7ddd784502b8fd55

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-19ff4"
content-type: application/octet-stream
x-iinfo: 8-30504694-30504717 2CNN RT(1718673535439 691) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 105552

GET
H2 200 Inter-Bold.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/ 105 KB
104 KB 181ms
74ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Bold.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f5e9a23c31da569497ae9c233b3a3176b33da9ecd52caa3b45dea57805a0cf8

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-1a288"
content-type: application/octet-stream
x-iinfo: 8-30504694-30504709 2CNN RT(1718673535439 695) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 106106

GET
H2 200 impv-vendors-cc6c6d3e07.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 113 KB
39 KB 176ms
75ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-vendors-cc6c6d3e07.min.js?ver=cc6c6d3e07

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0d5cc190ab17ffc4216e1bcf25e052261bbdc6a970d037d242dd9099d9e0b14a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-1c3da"
content-type: application/javascript
x-iinfo: 8-30504694-30504711 2CNN RT(1718673535439 699) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=0
content-length: 39097

GET
H2 200 impv-bt-vendors-c3619d0a8e.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 51 KB
15 KB 198ms
99ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-bt-vendors-c3619d0a8e.min.js?ver=c3619d0a8e

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8c3da68772482df35780186361a229c8c8e345d85ca905528b8026452387fb1a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-ca48"
content-type: application/javascript
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 705) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=0
content-length: 15199

GET
H2 200 impv-import-collapse-9ceab1220e.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 11 KB
4 KB 198ms
99ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-import-collapse-9ceab1220e.min.js?ver=9ceab1220e

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c72c77d9577203f6f39747d43be9ff438e7a2307dcab86f44e1c126abc83b227

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-2ce1"
content-type: application/javascript
x-iinfo: 8-30504694-30504725 2CNN RT(1718673535439 710) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=0
content-length: 3903

GET
H2 200 impv-import-modal-component-eda69920e1.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 43 KB
13 KB 889ms
790ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-import-modal-component-eda69920e1.min.js?ver=eda69920e1

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5cff80f1e7a1f5a2ec26e2bb7e497e16987c36538a01883101482afabb044fff

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-ad5c"
content-type: application/javascript
x-iinfo: 8-30504694-30504725 2VNN RT(1718673535439 715) q(0 7 7 -1) r(8 8) U18
cache-control: max-age=0
content-length: 13165

GET
H2 200 impv-import-progress-bar-371a9013da.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 1 KB
689 B 892ms
795ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-import-progress-bar-371a9013da.min.js?ver=371a9013da

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

be4288cf3f5721ff4da854fdc5d9574c32ef032248b320fb61554f0be5c14111

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-encoding: gzip
etag: "666176aa-4c9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-slot: slot-1
x-iinfo: 8-30504694-30504717 2NYN RT(1718673535439 719) q(0 7 7 -1) r(8 8) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 impv-main-815cb9ded7.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 40 KB
11 KB 792ms
704ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-main-815cb9ded7.min.js?ver=815cb9ded7

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e0cd6b0c598bdfc76e7fd1ed5514164b73380299ae62ac3cbcedc678ba5cb790

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-9fb4"
content-type: application/javascript
x-iinfo: 8-30504694-30504711 2CNN RT(1718673535439 723) q(0 7 7 -1) r(7 7) U18
cache-control: max-age=0
content-length: 11313

GET
H2 200 impv-marketo-upload-controller-3c4f096680.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 43 KB
13 KB 890ms
800ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-marketo-upload-controller-3c4f096680.min.js?ver=3c4f096680

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fed4127db2f052dd15ae8947eab6b8284218919ee5471e1c25e0fc8edcafd329

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: "666176aa-adb9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-slot: slot-1
x-iinfo: 8-30504694-30504709 2NNN RT(1718673535439 845) q(0 6 6 -1) r(7 7) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 impv-page-hero-c8802dc7af.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 26 KB
8 KB 894ms
804ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-page-hero-c8802dc7af.min.js?ver=c8802dc7af

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

77f06ac180bf184778f65c62016b98bcf72c46a07c6b48ae4c3ca61c1d89801a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-697c"
content-type: application/javascript
x-iinfo: 8-30504694-30504711 2VNN RT(1718673535439 849) q(0 6 6 -1) r(7 7) U18
cache-control: max-age=0
content-length: 8273

GET
H2 200 impv-new-design-header-27f539c0b0.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 77 KB
22 KB 801ms
713ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-new-design-header-27f539c0b0.min.js?ver=27f539c0b0

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0bfe0a14e701c455113de0aa82cbd885a9b996eeded51638699e0edb229d4425

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-132b3"
content-type: application/javascript
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 854) q(0 6 6 -1) r(6 6) U18
cache-control: max-age=0
content-length: 21796

GET
H2 200 impv-blog-single-7772e0aa89.min.js Show response
www.imperva.com/blog/wp-content/themes/impv-blog/dist/js/ 136 KB
38 KB 900ms
823ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/js/impv-blog-single-7772e0aa89.min.js?ver=7772e0aa89

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

93065f7f13b59b43e639a57b95be8d2274039a09a178181be67d96c854ec4a14

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-21fd1"
content-type: application/javascript
x-iinfo: 8-30504694-30504715 2VNN RT(1718673535439 857) q(0 6 6 -1) r(7 7) U18
cache-control: max-age=0
content-length: 38722

GET
H2 200 impv-blog-inner-awesome-3869b33dff.min.js Show response
www.imperva.com/blog/wp-content/themes/impv-blog/dist/js/ 96 KB
26 KB 966ms
889ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/js/impv-blog-inner-awesome-3869b33dff.min.js?ver=3869b33dff

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9b57b00465a54f13df71366f64eafa14ff55b0d5a28ae93b0c1e419f8f7de63b

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-17f8d"
content-type: application/javascript
x-iinfo: 8-30504694-30504697 2VNN RT(1718673535439 861) q(0 7 7 -1) r(8 8) U18
cache-control: max-age=0
content-length: 25817

GET
H2 200 impv-vendors-94d1fbc2c7.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 153 KB
23 KB 557ms
481ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

186af15ec062f321fbe5533ad143a258bfd0f985fa0f6d5a7d24d8d59cbb0a06

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: W/"666176aa-2627f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-slot: slot-1
x-iinfo: 8-30504694-30504709 2NNN RT(1718673535439 728) q(0 0 0 -1) r(4 4) U18
cache-control: max-age=0

GET
H2 200 impv-main-47a90affff.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 109 KB
12 KB 534ms
474ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-main-47a90affff.min.css?ver=47a90affff

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8435bb28fa650eaa8b3b37aa761b6bec783644870c0a2c57a23d4de005f0b59e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: W/"666176aa-1b3b8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-slot: slot-1
x-iinfo: 8-30504694-30504717 2NNN RT(1718673535439 733) q(0 0 0 -1) r(4 4) U18
cache-control: max-age=0

GET
H2 200 impv-import-layout-header-new-design-12e110f3c9.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 36 KB
6 KB 158ms
99ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-layout-header-new-design-12e110f3c9.min.css?ver=12e110f3c9

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

952808e318dddbd724fb132a120f6f6ba5ae78434b867d20452f112e480aec2f

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-908c"
content-type: text/css
x-iinfo: 8-30504694-30504725 2CNN RT(1718673535439 736) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=0
content-length: 6410

GET
H2 200 impv-import-layout-footer-new-design-d1d6f1be28.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 14 KB
3 KB 169ms
110ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-layout-footer-new-design-d1d6f1be28.min.css?ver=d1d6f1be28

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2ebabe1c299e39a1080c22169799148e969b4f0ad36340ec6aee4b3ed815a7eb

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-38ab"
content-type: text/css
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 739) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=0
content-length: 2551

GET
H2 200 impv-import-progress-bar-4f1acdc252.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 999 B
460 B 536ms
483ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-progress-bar-4f1acdc252.min.css?ver=4f1acdc252

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3172dc80c6e01ee4da30bb7958bea4576ecdb4d450f4a09168e66ffe894d0949

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: W/"666176aa-3e7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-slot: slot-1
x-iinfo: 8-30504694-30504725 2NNN RT(1718673535439 743) q(0 1 1 -1) r(5 5) U18
cache-control: max-age=0
content-length: 351

GET
H2 200 impv-import-share-buttons-943cb304e9.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 3 KB
1 KB 258ms
205ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-943cb304e9.min.css?ver=943cb304e9

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4aa93b95025b5dc2c78d84034aed7dffd0c72848d26798748fca9870097ce3c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: W/"666176aa-c0a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-slot: slot-1
x-iinfo: 8-30504694-30504697 2NNN RT(1718673535439 747) q(0 1 1 -1) r(2 2) U18
cache-control: max-age=0
content-length: 864

GET
H2 200 impv-import-tile_cards-c2a5bd96b9.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 9 KB
2 KB 184ms
131ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-tile_cards-c2a5bd96b9.min.css?ver=c2a5bd96b9

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

32c64c63b2b52bcc0f6ee7f41e3dc3bae3e9b07f8bbbf84671c318b74f1b77b9

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-2354"
content-type: text/css
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 752) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=0
content-length: 2060

GET
H2 200 impv-import-collapse-59a23b016c.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 683 B
449 B 564ms
512ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-collapse-59a23b016c.min.css?ver=59a23b016c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1201de885b688f12d49f204e83fc09ce059ecf797b355e3fae644539a26af244

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-2ab"
content-type: text/css
x-iinfo: 8-30504694-30504715 2VNN RT(1718673535439 756) q(0 1 1 -1) r(5 5) U18
cache-control: max-age=0
content-length: 344

GET
H2 200 impv-import-box-library-layout-35b34a5b30.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 22 KB
4 KB 652ms
601ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-box-library-layout-35b34a5b30.min.css?ver=35b34a5b30

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2953b84b525efe8f1e83cfa4c993ce9b300774552b147acb2d5c17b202f67213

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: W/"666176aa-56f0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-slot: slot-1
x-iinfo: 8-30504694-30504711 2NNN RT(1718673535439 760) q(0 1 1 -1) r(6 6) U18
cache-control: max-age=0

GET
H2 200 impv-import-related-cards-18ca1ad399.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 39 KB
6 KB 349ms
297ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-related-cards-18ca1ad399.min.css?ver=18ca1ad399

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9f0a1d965791097cae0ba04a221a2bc3de83f44128f303e0924fd4c586b067dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: W/"666176aa-9baa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-slot: slot-1
x-iinfo: 8-30504694-30504697 2NNN RT(1718673535439 764) q(0 1 1 -1) r(2 2) U18
cache-control: max-age=0

GET
H2 200 impv-blog-main-6c33702890.min.css
www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/ 18 KB
3 KB 353ms
301ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-main-6c33702890.min.css?ver=6c33702890

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

29ddbc7c5ee98f7a9a84f12ed4fac82d97a0127de386353564fee88ebb008125

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-4802"
content-type: text/css
x-iinfo: 8-30504694-30504697 2CNN RT(1718673535439 768) q(0 2 2 -1) r(2 2) U18
cache-control: max-age=0
content-length: 3114

GET
H2 200 impv-blog-inner-eff78ebd7a.min.css
www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/ 29 KB
5 KB 449ms
398ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-eff78ebd7a.min.css?ver=eff78ebd7a

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d749de182c99b390308480b94ea1b08dad2f6a82f6414bf0d4db99a6f0050f81

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-73e7"
content-type: text/css
x-iinfo: 8-30504694-30504697 2VNN RT(1718673535439 771) q(0 2 2 -1) r(3 3) U18
cache-control: max-age=0
content-length: 4986

GET
H2 200 impv-blog-inner-awesome-38776653f0.min.css
www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/ 51 KB
9 KB 538ms
487ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-awesome-38776653f0.min.css?ver=38776653f0

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6d83cc34a5c6764ba996aecd2fccf2f4e9d1bc272506eb5a0a0f7d9bccc8c7ec

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-ccf5"
content-type: text/css
x-iinfo: 8-30504694-30504697 2VNN RT(1718673535439 775) q(0 3 3 -1) r(4 4) U18
cache-control: max-age=0
content-length: 8995

GET
H2 200 forms2-theme-glow.css
go.imperva.com/js/forms2/css/ 3 KB
1 KB 483ms
25ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.imperva.com/js/forms2/css/forms2-theme-glow.css

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc4975bd5c8039a43c369b00294f4a971a4a70d94684c71f2f361a9ec24cd4f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 4939
etag: "a8125a-d92-619b21e0856c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 895772c79a5b0493-FRA
content-length: 952
expires: Tue, 18 Jun 2024 05:18:57 GMT

GET
H2 200 forms2.css
go.imperva.com/js/forms2/css/ 13 KB
3 KB 485ms
27ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.imperva.com/js/forms2/css/forms2.css

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 105
etag: "a81258-3437-619b21e0856c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 895772c79a5c0493-FRA
content-length: 2623
expires: Tue, 18 Jun 2024 05:18:57 GMT

GET
H2 200 impv-import-benefits-section-2bc17139e9.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 12 KB
2 KB 646ms
597ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-benefits-section-2bc17139e9.min.css?ver=2bc17139e9

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1c5a824e76c257d0d80730f8fa5ecd292f868f6d711612225b3e3cffa2335fad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: W/"666176aa-2efa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-slot: slot-1
x-iinfo: 8-30504694-30504717 2NNN RT(1718673535439 779) q(0 3 3 -1) r(4 4) U18
cache-control: max-age=0

GET
H2 200 impv-import-carousel-25dddd017d.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 4 KB
1 KB 530ms
484ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-carousel-25dddd017d.min.css?ver=25dddd017d

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

11c49b3de0d29902106ba961bfd658b60943ff5a6aebbdb84fb5a71d837f3123

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-ecd"
content-type: text/css
x-iinfo: 8-30504694-30504725 2CNN RT(1718673535439 784) q(0 4 4 -1) r(4 4) U18
cache-control: max-age=0
content-length: 946

GET
H2 200 impv-import-cases-section-47baa6657c.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 7 KB
2 KB 531ms
486ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-cases-section-47baa6657c.min.css?ver=47baa6657c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

025cc6517481d481a9204fd763b915871854a4d54b9634843020bf30948a0f5f

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-1a57"
content-type: text/css
x-iinfo: 8-30504694-30504725 2CNN RT(1718673535439 790) q(0 4 4 -1) r(4 4) U18
cache-control: max-age=0
content-length: 1497

GET
H2 200 impv-import-hero_section-e18316acf4.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 4 KB
1 KB 647ms
601ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-hero_section-e18316acf4.min.css?ver=e18316acf4

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a54f347a323cc9b7d405444751908944155cdbd50910a3f2e2b2aa73dfe88cb7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: W/"666176aa-e98"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-slot: slot-1
x-iinfo: 8-30504694-30504725 2NNN RT(1718673535439 795) q(0 4 4 -1) r(5 5) U18
cache-control: max-age=0
content-length: 915

GET
H2 200 impv-import-heros-c3d8b8e3fb.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 47 KB
7 KB 651ms
607ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-heros-c3d8b8e3fb.min.css?ver=c3d8b8e3fb

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bc3eacab2ecefdf1a12c8911d2771b441ba51126a8a825698fa2e1dc66dba1bc

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-bd0e"
content-type: text/css
x-iinfo: 8-30504694-30504697 2VNN RT(1718673535439 799) q(0 4 4 -1) r(5 5) U18
cache-control: max-age=0
content-length: 7255

GET
H2 200 impv-import-logos_section-97238874d7.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 2 KB
558 B 557ms
513ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-logos_section-97238874d7.min.css?ver=97238874d7

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e87fdfba924f8be5ac5df3763aa8e84b1b4d813e87b029c343f51fc218c26c28

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-6b4"
content-type: text/css
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 803) q(0 4 4 -1) r(4 4) U18
cache-control: max-age=0
content-length: 452

GET
H2 200 impv-import-message_section-9dceaf4492.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 1 KB
516 B 661ms
617ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-message_section-9dceaf4492.min.css?ver=9dceaf4492

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

65f088faec558ce0131e258fb36accced15a7ab999416312d9d6e58d32569c86

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-5cb"
content-type: text/css
x-iinfo: 8-30504694-30504715 2VNN RT(1718673535439 807) q(0 4 4 -1) r(5 5) U18
cache-control: max-age=0
content-length: 411

GET
H2 200 impv-import-page-tabs-30d6487978.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 11 KB
3 KB 731ms
688ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-page-tabs-30d6487978.min.css?ver=30d6487978

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

84753e5282482f8f00338058509c3e3b92da49a91309ed30273975cdce989031

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-2df5"
content-type: text/css
x-iinfo: 8-30504694-30504717 2VNN RT(1718673535439 811) q(0 4 4 -1) r(6 6) U18
cache-control: max-age=0
content-length: 2096

GET
H2 200 impv-import-pagination-3820d4c90e.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 5 KB
1 KB 725ms
682ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-pagination-3820d4c90e.min.css?ver=3820d4c90e

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

02a5ffe4365f65acb73ab862a060513d00d3fa2a0a6daa4b38670b4118a852d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: W/"666176aa-137b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-slot: slot-1
x-iinfo: 8-30504694-30504725 2NNN RT(1718673535439 815) q(0 5 5 -1) r(6 6) U18
cache-control: max-age=0
content-length: 1159

GET
H2 200 impv-import-quote_section-e9f78b498a.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 18 KB
3 KB 736ms
694ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-quote_section-e9f78b498a.min.css?ver=e9f78b498a

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5755a49b2a8ced97cc096160b7b822dfe5f0fbe6f03ccc76d3b4b02a6461e046

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-4897"
content-type: text/css
x-iinfo: 8-30504694-30504711 2VNN RT(1718673535439 819) q(0 5 5 -1) r(6 6) U18
cache-control: max-age=0
content-length: 2870

GET
H2 200 impv-import-round_filters-8d1b29afee.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 8 KB
2 KB 654ms
616ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-round_filters-8d1b29afee.min.css?ver=8d1b29afee

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3f9b804bf0a80e939b00167e70064895ce600b862cdd1d0eb8269763bd98dee0

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-1f1c"
content-type: text/css
x-iinfo: 8-30504694-30504709 2CNN RT(1718673535439 822) q(0 5 5 -1) r(5 5) U18
cache-control: max-age=0
content-length: 1658

GET
H2 200 impv-import-search_form-6b996aacbb.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 14 KB
3 KB 720ms
681ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-search_form-6b996aacbb.min.css?ver=6b996aacbb

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

85fcd9458c2c585266ac90353442dd2edec3160b65e2e8fd5c5e39cfe9cfd741

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-38fa"
content-type: text/css
x-iinfo: 8-30504694-30504697 2VNN RT(1718673535439 826) q(0 5 5 -1) r(6 6) U18
cache-control: max-age=0
content-length: 2726

GET
H2 200 impv-import-tiles_section-20b642e07c.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 4 KB
1 KB 736ms
698ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-tiles_section-20b642e07c.min.css?ver=20b642e07c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

720db8ff50e5cf3a5d38c99b3c65ffc8426721384343448e59ee9d8e36e10fc3

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-11f7"
content-type: text/css
x-iinfo: 8-30504694-30504709 2VNN RT(1718673535439 830) q(0 5 5 -1) r(6 6) U18
cache-control: max-age=0
content-length: 967

GET
H2 200 impv-import-web_testimonials_section-75288470c8.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 13 KB
2 KB 654ms
617ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-web_testimonials_section-75288470c8.min.css?ver=75288470c8

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

96ee59eab1bfbaad9d975ffa1065e65085a86de74b8f78e8a477fed645e6be78

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-32bc"
content-type: text/css
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 833) q(0 5 5 -1) r(5 5) U18
cache-control: max-age=0
content-length: 1743

GET
H2 200 impv-import-read-next-section-44fb9fe415.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 13 KB
2 KB 746ms
711ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-read-next-section-44fb9fe415.min.css?ver=44fb9fe415

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4aef0e07111798b1a34d6d447e22b83080f3a0bc3f8cba65a536460121ea4a32

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: W/"666176aa-3458"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-slot: slot-1
x-iinfo: 8-30504694-30504715 2NNN RT(1718673535439 836) q(0 5 5 -1) r(6 6) U18
cache-control: max-age=0
content-length: 1781

GET
H2 200 impv-import-stycky-pagination-a572a14521.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 1 KB
619 B 725ms
689ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-stycky-pagination-a572a14521.min.css?ver=a572a14521

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3cce4475cf10e16d044494898f8ea352a7852252609164b9ee0ed7c18fdda7ea

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-497"
content-type: text/css
x-iinfo: 8-30504694-30504725 2CNN RT(1718673535439 839) q(0 6 6 -1) r(6 6) U18
cache-control: max-age=0
content-length: 513

GET
H2 200 impv-import-see-how-we-can-help-banner-efb116bf58.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 6 KB
1 KB 814ms
781ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-see-how-we-can-help-banner-efb116bf58.min.css?ver=efb116bf58

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

19dacd1b053b27b37690f754cb92fcf60d2ab9e6ae065c8f4d69e914171224ee

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: W/"666176aa-16d5"
content-type: text/css
x-iinfo: 8-30504694-30504697 2VNN RT(1718673535439 842) q(0 6 6 -1) r(6 6) U18
cache-control: max-age=0
content-length: 1158

GET
H2 200 impv-import-page-tabs-0c223d8bd6.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 1 KB
707 B 200ms
60ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-import-page-tabs-0c223d8bd6.min.js?ver=0c223d8bd6

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

513d397da9e7d8bb90ac27ec17e78f9a4c5490a9b506846a42ccecc6503b0ca4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-encoding: gzip
etag: "666176aa-40c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-slot: slot-1
x-iinfo: 8-30504694-30504711 2NYN RT(1718673535439 1562) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 impv-import-search-window-366eb3374e.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 857 B
674 B 192ms
52ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-import-search-window-366eb3374e.min.js?ver=366eb3374e

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5dc69b358f9db055e7cc13e75cd82bff68f8548a10b5f12d67c0e4682c6f06d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-encoding: gzip
etag: "666176aa-359"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-slot: slot-1
x-iinfo: 8-30504694-30504715 2NYN RT(1718673535439 1566) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 imperva-a-thales-company-light.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 8 KB
3 KB 937ms
905ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/imperva-a-thales-company-light.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ddca2fed65acd63744a897327877281b3a9e7de698c5fa1bff889d0c90940be3

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 04 Dec 2023 06:00:20 GMT
x-cdn: Imperva
etag: "656d6af4-21a6"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504725 2VNN RT(1718673535439 864) q(0 6 6 -1) r(7 7) U18
cache-control: max-age=0
content-length: 3400

GET
H2 200 application-performance-icon.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 2 KB
1 KB 938ms
906ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/application-performance-icon.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

242961abafaf0f9f71d93dbfef73f3ce3573d1a7eb193c2301916f76295d8f8e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Sun, 05 Feb 2023 18:02:43 GMT
x-cdn: Imperva
etag: "63dfef43-8c7"
vary: Accept-Encoding
x-slot: slot-1
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 8-30504694-30504717 2NNN RT(1718673535439 867) q(0 6 6 -1) r(7 7) U18
cache-control: max-age=0
accept-ranges: bytes
content-length: 1023

GET
H2 200 application-security.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 2 KB
944 B 84ms
0ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/application-security.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f2a6ab5d73300a5d6dfdb80988511d6159e3e63a574a7aec57b25d516e9e6cb

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Sun, 05 Feb 2023 18:52:15 GMT
x-cdn: Imperva
etag: "63dffadf-6f0"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 1546) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=0
content-length: 799

GET
H2 200 data-security.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 5 KB
3 KB 96ms
0ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/data-security.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

08ebe79e85ad2185d2d6136020e8a5e210b120f18e7f888fa2688b7dc589073d

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 06 Feb 2023 10:21:09 GMT
x-cdn: Imperva
etag: "63e0d495-1366"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504711 2CNN RT(1718673535439 1551) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=0
content-length: 1818

GET
H2 200 network-security.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 3 KB
2 KB 193ms
52ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/network-security.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

924c77f09e3343d5e33569b1bf5d498d26dc31b5ef00b99ea59e89953da42c86

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 06 Feb 2023 10:28:17 GMT
x-cdn: Imperva
etag: "63e0d641-dea"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504709 2VNN RT(1718673535439 1555) q(0 1 1 -1) r(2 2) U18
cache-control: max-age=0
content-length: 1565

GET
H2 200 cdn.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 3 KB
1 KB 206ms
66ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/cdn.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

37978492749251dbeab1f130ebbc19a190d4c77887c1d2e919c0830858d8953d

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Sun, 05 Feb 2023 18:45:32 GMT
x-cdn: Imperva
etag: "63dff94c-d4e"
vary: Accept-Encoding
x-slot: slot-1
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 8-30504694-30504717 2NNN RT(1718673535439 1571) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=0
accept-ranges: bytes
content-length: 1362

GET
H2 200 waiting-room.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
1 KB 157ms
18ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/waiting-room.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

63b6594d3b25f2fb489e20a56dc4134520399bf34380abb0c2a5ae82631f2f0a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Sun, 05 Feb 2023 18:46:49 GMT
x-cdn: Imperva
etag: "63dff999-e2c"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504725 2CNN RT(1718673535439 1575) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=0
content-length: 1197

GET
H2 200 waf.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
1 KB 158ms
20ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/waf.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

88ce1403cc1906c46cdbaf38a96b3d30842c04fc8c6c93a4e4b0d57cd4f86360

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Sun, 05 Feb 2023 18:55:07 GMT
x-cdn: Imperva
etag: "63dffb8b-f11"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504725 2CNN RT(1718673535439 1579) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=0
content-length: 1352

GET
H2 200 advanced-bot-protection.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
2 KB 160ms
22ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/advanced-bot-protection.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5ac23e65f56d87a6e399a571e99f008a360d3e8de6fbe3c5de92464ae93d419b

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Sun, 05 Feb 2023 18:56:14 GMT
x-cdn: Imperva
etag: "63dffbce-1033"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504725 2CNN RT(1718673535439 1582) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=0
content-length: 1765

GET
H2 200 api-security.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 6 KB
2 KB 217ms
80ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/api-security.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6010e83fe72ef2cd176adaca67ac9c6e3d9c92a159199eeeaf782a3331f2a0d5

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Sun, 05 Feb 2023 19:03:25 GMT
x-cdn: Imperva
etag: "63dffd7d-16f0"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504725 2VNN RT(1718673535439 1586) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=0
content-length: 2238

GET
H2 200 ddos-protection.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
1 KB 212ms
75ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/ddos-protection.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6c6e1030b23653adf9efc4d7cea424664bb37b95ff72d0cfbc6237806ec676df

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Sun, 05 Feb 2023 19:04:37 GMT
x-cdn: Imperva
etag: "63dffdc5-e14"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504697 2VNN RT(1718673535439 1589) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=0
content-length: 1370

GET
H2 200 client-side-protection.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 9 KB
4 KB 197ms
60ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/client-side-protection.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

76fea9e6dfec1fb360e9e76af8ecb7057cd1f7806ab67555c52a77fdb730079e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Sun, 05 Feb 2023 19:05:56 GMT
x-cdn: Imperva
etag: "63dffe14-244e"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 1593) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=0
content-length: 3109

GET
H2 200 runtime-protection.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 8 KB
3 KB 300ms
164ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/runtime-protection.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7aa92f916531c82fc0110c402faacc2fd5b1e2c0b8bb85448e898f8144a2b7d9

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Sun, 05 Feb 2023 19:06:58 GMT
x-cdn: Imperva
etag: "63dffe52-21d9"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504709 2VNN RT(1718673535439 1597) q(0 1 1 -1) r(2 2) U18
cache-control: max-age=0
content-length: 2849

GET
H2 200 serverless-protection.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
2 KB 204ms
36ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/serverless-protection.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4715b778c68a28824f2bd8d54e0a761a279d40b71f5def3be36aeabfc014ec45

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Sun, 05 Feb 2023 19:08:21 GMT
x-cdn: Imperva
etag: "63dffea5-1082"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504711 2CNN RT(1718673535439 1636) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=0
content-length: 1604

GET
H2 200 attack-analytics.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 3 KB
1 KB 211ms
43ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/attack-analytics.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b43cb8a4c12407c7253b29667f3d47ea80f3d080616d896b546bbba7146802e8

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Sun, 05 Feb 2023 19:08:48 GMT
x-cdn: Imperva
etag: "63dffec0-c27"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 1641) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=0
content-length: 1277

GET
H2 200 data-security-fabric.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 7 KB
3 KB 318ms
151ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/data-security-fabric.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d8fc31bf912e9e3fc7f2107ff41f6287a93cbb6414ee4497519a4416616e829

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 06 Feb 2023 10:26:44 GMT
x-cdn: Imperva
etag: "63e0d5e4-1c5a"
vary: Accept-Encoding
x-slot: slot-1
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 8-30504694-30504717 2NNN RT(1718673535439 1645) q(0 1 1 -1) r(2 2) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 icon_data_security.3b69d8d2-2-1.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 2 KB
1 KB 319ms
152ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_data_security.3b69d8d2-2-1.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d1e9b122158ad5d4c0d60b7c0f552dc1392e60dcaf649c3827582bf4319e88f3

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Fri, 08 Dec 2023 19:23:46 GMT
x-cdn: Imperva
etag: "65736d42-8d3"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504711 2VNN RT(1718673535439 1649) q(0 1 1 -1) r(2 2) U18
cache-control: max-age=0
content-length: 968

GET
H2 200 icon_multicloud.5be4b003-1.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 2 KB
1 KB 317ms
150ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_multicloud.5be4b003-1.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e0ca2c05025cef9c01b466b3d0f40d6064e5fa2da6a2d10230dc9fbc0f523961

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Fri, 08 Dec 2023 19:24:19 GMT
x-cdn: Imperva
etag: "65736d63-861"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504715 2VNN RT(1718673535439 1652) q(0 1 1 -1) r(2 2) U18
cache-control: max-age=0
content-length: 968

GET
H2 200 Data-Risk-Analytics_black.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 3 KB
3 KB 309ms
149ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/Data-Risk-Analytics_black.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f2562c9a71dd954899c607befc794d81e8353bd20df9b1b8b516f9d140a96641

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Fri, 08 Dec 2023 19:24:55 GMT
x-cdn: Imperva
etag: "65736d87-b2c"
vary: Accept-Encoding
x-slot: slot-1
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 8-30504694-30504697 2NNN RT(1718673535439 1654) q(0 1 1 -1) r(2 2) U18
cache-control: max-age=0
accept-ranges: bytes
content-length: 1219

GET
H2 200 icon_brief.4af47836.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 2 KB
946 B 215ms
56ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_brief.4af47836.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3dabd756c34ec4ab838c2232c13156e3b8918bf1911b34f206718e9cf6963791

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Fri, 08 Dec 2023 19:25:44 GMT
x-cdn: Imperva
etag: "65736db8-8d4"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504725 2CNN RT(1718673535439 1656) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=0
content-length: 817

GET
H2 200 icon_discover_classify.ca96a429.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 3 KB
1 KB 317ms
158ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_discover_classify.ca96a429.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bc880ae1ec3a729f651a2c6aae829de1a1c61c461187730b401018260a172e2b

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Fri, 08 Dec 2023 19:26:10 GMT
x-cdn: Imperva
etag: "65736dd2-d7b"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504725 2VNN RT(1718673535439 1660) q(0 1 1 -1) r(2 2) U18
cache-control: max-age=0
content-length: 1332

GET
H2 200 cloud-data-security.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 3 KB
1 KB 317ms
159ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/cloud-data-security.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f505512f270809bc07274043af94b12df1c40a727917863590c288de39b3d9fc

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 06 Feb 2023 10:27:34 GMT
x-cdn: Imperva
etag: "63e0d616-d80"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504725 2CNN RT(1718673535439 1662) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=0
content-length: 1362

GET
H2 200 icon_coverage_black.845bc853-1.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 5 KB
2 KB 429ms
273ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_coverage_black.845bc853-1.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

20b0ae65f9b8f7bf3638714c157445fa3e0aef502864c93eb550f88f16f55917

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Fri, 08 Dec 2023 19:28:42 GMT
x-cdn: Imperva
etag: "65736e6a-1387"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504725 2VNN RT(1718673535439 1665) q(0 1 1 -1) r(2 2) U18
cache-control: max-age=0
content-length: 2172

GET
H2 200 icon_protect_data_black.c2346606.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 5 KB
2 KB 428ms
272ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_protect_data_black.c2346606.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

caf5734ae4166937cfbc7aeb501797b357daff07085043a0688764b7120c8aea

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Fri, 08 Dec 2023 19:29:22 GMT
x-cdn: Imperva
etag: "65736e92-127f"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504717 2CNN RT(1718673535439 1667) q(0 2 2 -1) r(2 2) U18
cache-control: max-age=0
content-length: 1882

GET
H2 200 icon_integrate_black.fbdab592-1.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 2 KB
982 B 564ms
408ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_integrate_black.fbdab592-1.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

45d5183688616d1f2731c59e3b1330ef5ecd0aeb63c875321fc4a12757e0424a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Fri, 08 Dec 2023 19:29:56 GMT
x-cdn: Imperva
etag: "65736eb4-71c"
vary: Accept-Encoding
x-slot: slot-1
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 8-30504694-30504709 2NNN RT(1718673535439 1670) q(0 2 2 -1) r(3 3) U18
cache-control: max-age=0
accept-ranges: bytes
content-length: 849

GET
H2 200 icon_unify_black.fe30fb89.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 3 KB
1 KB 562ms
406ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_unify_black.fe30fb89.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9b2c624a45d0935f9b6a6c34ace88f60da27db9db482ceca3067554f4de19f6b

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Fri, 08 Dec 2023 19:30:26 GMT
x-cdn: Imperva
etag: "65736ed2-b5e"
vary: Accept-Encoding
x-slot: slot-1
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 8-30504694-30504717 2NNN RT(1718673535439 1673) q(0 2 2 -1) r(3 3) U18
cache-control: max-age=0
accept-ranges: bytes
content-length: 1220

GET
H2 200 ddos-protection-1.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
1 KB 429ms
274ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/ddos-protection-1.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f718bffcdd41642b71ca3b768a29cdf3584c0cb45941f70105076bb67bd61f6

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 06 Feb 2023 10:31:10 GMT
x-cdn: Imperva
etag: "63e0d6ee-e06"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504725 2CNN RT(1718673535439 1675) q(0 2 2 -1) r(2 2) U18
cache-control: max-age=0
content-length: 1365

GET
H2 200 shutterstock_1071270287-30.jpg.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 16 KB
16 KB 510ms
355ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/shutterstock_1071270287-30.jpg.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

da9761274419298d253f018be249d1b154a78343a894053701aed3b74dd4fe47

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 10 Jun 2024 18:37:26 GMT
x-cdn: Imperva
etag: "666747e6-40cc"
content-type: image/webp
x-iinfo: 8-30504694-30504725 2VNN RT(1718673535439 1679) q(0 2 2 -1) r(3 3) U18
cache-control: max-age=0
content-length: 16626

GET
H2 200 Code-1.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 11 KB
10 KB 581ms
426ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/Code-1.png.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

168ac2a75a081b9b182b5cdcd6fe36bc2f084a0c62875826845d990a681fa4c4

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 10 Jun 2024 17:58:09 GMT
x-cdn: Imperva
etag: "66673eb1-2a60"
content-type: image/webp
x-iinfo: 8-30504694-30504697 2VNN RT(1718673535439 1681) q(0 3 3 -1) r(4 4) U18
cache-control: max-age=0
content-length: 10480

GET
H2 200 Code-2.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 45 KB
45 KB 506ms
352ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/Code-2.png.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fe3bc6c1baee7759b08ccf7ac0f1cbcaf7dce2a23da472bba7f6268fd7e94ed0

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 10 Jun 2024 18:02:21 GMT
x-cdn: Imperva
etag: "66673fad-b2de"
content-type: image/webp
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 1684) q(0 3 3 -1) r(3 3) U18
cache-control: max-age=0
content-length: 45467

GET
H2 200 Code-3.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 67 KB
67 KB 542ms
390ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/Code-3.png.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1963572eed8be8c97ab280af3062931e628fe06c88f869423ad5c5a2bab0e807

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 10 Jun 2024 18:12:28 GMT
x-cdn: Imperva
etag: "6667420c-10a86"
content-type: image/webp
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 1686) q(0 3 3 -1) r(3 3) U18
cache-control: max-age=0
content-length: 68278

GET
H2 200 Code-4.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 48 KB
47 KB 863ms
711ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/Code-4.png.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

572fc3f2622c098a73b18498911c07b22d8246e5513b78704866c8b9b3a6d7cc

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 10 Jun 2024 18:17:24 GMT
x-cdn: Imperva
etag: "66674334-be9e"
content-type: image/webp
x-iinfo: 8-30504694-30504725 2VNN RT(1718673535439 1689) q(0 3 3 -1) r(4 4) U18
cache-control: max-age=0
content-length: 47704

GET
H2 200 Code-5.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 6 KB
6 KB 862ms
710ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/Code-5.png.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1ad7c5088953b625985c922d458e308a91336b424d315635e8f5a2da96bed2eb

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 10 Jun 2024 18:22:10 GMT
x-cdn: Imperva
etag: "66674452-1856"
content-type: image/webp
x-iinfo: 8-30504694-30504715 2VNN RT(1718673535439 1691) q(0 3 3 -1) r(4 4) U18
cache-control: max-age=0
content-length: 6168

GET
H2 200 UI-Screen.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 27 KB
26 KB 869ms
717ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/UI-Screen.png.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

705c3290daf1d027804c910e3191f12c0103711c94a5b4c5fcd90e5c06ebcc38

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 10 Jun 2024 18:22:21 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: "6667445d-6c62"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
x-slot: slot-1
x-iinfo: 8-30504694-30504717 2NNN RT(1718673535439 1694) q(0 3 3 -1) r(4 4) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 Code-6.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 23 KB
22 KB 922ms
771ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/Code-6.png.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

caaacfc0b6b5777311b562143269916b0009f7bb44ecdf2486118a9bfdc31e84

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 10 Jun 2024 18:32:46 GMT
x-cdn: Imperva
etag: "666746ce-5a76"
content-type: image/webp
x-iinfo: 8-30504694-30504709 2VNN RT(1718673535439 1697) q(0 3 3 -1) r(4 4) U18
cache-control: max-age=0
content-length: 21914

GET
H2 200 Server-Damage.png
www.imperva.com/blog/wp-content/uploads/sites/9/2024/04/ 867 KB
872 KB 582ms
430ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/04/Server-Damage.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d0509a71cdb270f4cf7bd1ec96a46c2dfc5a3a8c222360fd7e930d70dbd6cbf7

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Fri, 05 Apr 2024 00:25:21 GMT
x-cdn: Imperva
etag: "660f44f1-d8d1c"
content-type: image/png
x-iinfo: 8-30504694-30504697 2CNN RT(1718673535439 1699) q(0 4 4 -1) r(4 4) U18
cache-control: max-age=0
content-length: 888357

GET
H2 200 Chatbots-AI-Gen.png
www.imperva.com/blog/wp-content/uploads/sites/9/2024/03/ 650 KB
651 KB 928ms
777ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/03/Chatbots-AI-Gen.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b918b707a508860c2b406f484adeee93cfa42bd84a896744fcd598c1865521f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 28 Mar 2024 17:15:46 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: "6605a5c2-a2618"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
x-slot: slot-1
x-iinfo: 8-30504694-30504697 2NNN RT(1718673535439 1702) q(0 4 4 -1) r(5 5) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 app-delivery.jpg
www.imperva.com/wp-content/themes/impv-blog/dist/imgs/default-thumbnail/ 142 KB
140 KB 861ms
713ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/wp-content/themes/impv-blog/dist/imgs/default-thumbnail/app-delivery.jpg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0fd475cdcbac9fea5b027f1a0dff6b1219f334a43498939d85e192854c466df4

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-23870"
content-type: image/jpeg
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 1705) q(0 4 4 -1) r(4 4)
cache-control: max-age=0
content-length: 143382

GET
H2 200 Screenshot-2024-02-15-at-5.48-1.jpg
www.imperva.com/blog/wp-content/uploads/sites/9/2024/02/ 246 KB
247 KB 931ms
784ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/02/Screenshot-2024-02-15-at-5.48-1.jpg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f7678f7b01be55f3f8c4d9675f07e8303f1bd076f6852d8c296dbaaac2f0002

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 22:51:47 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: "65ce9583-3d78c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-slot: slot-1
x-iinfo: 8-30504694-30504725 2NNN RT(1718673535439 1708) q(0 4 4 -1) r(5 5) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 shutterstock_1071270287-14.jpg
www.imperva.com/blog/wp-content/uploads/sites/9/2024/01/ 97 KB
97 KB 866ms
721ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/01/shutterstock_1071270287-14.jpg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

822ccb8b3a94abd89038b6f98547cf568d11f0cd9fcd110e7077b5dc05892198

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 11 Jan 2024 16:31:16 GMT
x-cdn: Imperva
etag: "65a017d4-1822c"
content-type: image/jpeg
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 1711) q(0 4 4 -1) r(4 4) U18
cache-control: max-age=0
content-length: 98731

GET
H2 200 shutterstock_1071270287-4-1.jpg
www.imperva.com/blog/wp-content/uploads/sites/9/2023/12/ 98 KB
98 KB 940ms
795ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2023/12/shutterstock_1071270287-4-1.jpg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d7676dcc4877667d730b94c74113c71e02d2aa29c397f6cf2a5308da1457b964

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 12:33:31 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: "65818d9b-18665"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-slot: slot-1
x-iinfo: 8-30504694-30504709 2NNN RT(1718673535439 1714) q(0 5 5 -1) r(6 6) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 shape.svg
www.imperva.com/wp-content/uploads/2020/12/ 1 KB
728 B 920ms
775ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/wp-content/uploads/2020/12/shape.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3d225dda4cd22627a45339769c1713dd1b1b012e2a0cd0c45e51c584fde0950e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Wed, 02 Dec 2020 15:09:03 GMT
x-cdn: Imperva
etag: "5fc7ae0f-53f"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 1717) q(0 5 5 -1) r(5 5)
cache-control: max-age=0
content-length: 591

GET
H2 200 logo-imperva-a-thales-company.svg
www.imperva.com/blog/wp-content/themes/impv/img/ 8 KB
3 KB 937ms
792ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/img/logo-imperva-a-thales-company.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ddca2fed65acd63744a897327877281b3a9e7de698c5fa1bff889d0c90940be3

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-21a6"
vary: Accept-Encoding
x-slot: slot-1
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 8-30504694-30504715 2NNN RT(1718673535439 1720) q(0 5 5 -1) r(6 6) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 Group-2554.svg
www.imperva.com/wp-content/uploads/2021/03/ 782 B
2 KB 930ms
786ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/wp-content/uploads/2021/03/Group-2554.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

23656e9957f57d4dc83395e4d3583e0320990e1274f97c133e2afd39d15a0d39

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 01 Mar 2021 15:32:23 GMT
x-cdn: Imperva
etag: "603d0907-30e"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504717 2CNN RT(1718673535439 1723) q(0 5 5 -1) r(5 5)
cache-control: max-age=0
content-length: 405

GET
H2 200 _Incapsula_Resource Show response
www.imperva.com/ 149 KB
21 KB 217ms
73ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=438240577

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8839f56e94b0c1f7beac48413d379f4f9e37a959df8fa7d39044f27161833623

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
cache-control: no-cache, no-store
content-encoding: gzip
x-content-type-options: nosniff
x-robots-tag: noindex
content-length: 21304
content-type: application/javascript

GET
H2 200 091ebf04-8283-4c90-a26c-86623781f703.json Show response
cdn.cookielaw.org/consent/091ebf04-8283-4c90-a26c-86623781f703/ 4 KB
2 KB 313ms
35ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/091ebf04-8283-4c90-a26c-86623781f703/091ebf04-8283-4c90-a26c-86623781f703.json

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0bf6a4ee3d2efc3e49a3a705b3b1530ea8a1dd295cf42f18972e3100350ead8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5608
content-md5: gFTd45fYgTDS2Dcaa+ogsg==
content-length: 1642
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 15:04:52 GMT
server: cloudflare
etag: 0x8DBB9EAF165DE56
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d42dfe1e-f01e-0004-393a-23b484000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 895772c6f9fd3830-FRA
expires: Wed, 19 Jun 2024 01:18:57 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 273 KB
74 KB 158ms
12ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ae662bc47f598b1deec34ecd7a9432c766c4db2f2ae8a951fa76336b6c001f85

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:14:09 GMT
content-encoding: br
age: 288
x-guploader-uploadid: ACJd0NqoDct9x31NYZOfW_XspR4xk9wsRdMOX1OAKr1uapxwA4TySL9dutAPVWDTqviMY81WEwg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75362
last-modified: Thu, 06 Jun 2024 13:11:57 GMT
server: UploadServer
etag: "505d5df439fda0ef6083305f079651ff"
vary: Accept-Encoding
x-goog-generation: 1717679517113319
x-goog-hash: crc32c=dZHqrA==, md5=UF1d9Dn9oO9ggzBfB5ZR/w==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 75362
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 18 Jun 2024 02:14:09 GMT

GET
H2 200 workbox-window.prod.mjs Show response
storage.googleapis.com/workbox-cdn/releases/6.1.1/ 3 KB
2 KB 83ms
11ms Script
application/javascript 2a00:1450:4001:803::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/workbox-cdn/releases/6.1.1/workbox-window.prod.mjs
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3846421d9c73536b2869ff117ea84f6b0e6b764406b34523836d47d306ae4fed

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 00:27:01 GMT
content-encoding: gzip
age: 3115
x-guploader-uploadid: ABPtcPpuhifHyNtGQYkhCyVK3yx3w1HNvPa9CbID95kl46hnim0OTidOGBS96MZujtl6FUby_tjzEY-bEA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1299
last-modified: Mon, 22 Feb 2021 19:16:41 GMT
server: UploadServer
etag: "ce7ffaa7ad1f21523b407426d8cbecd6"
vary: Accept-Encoding
x-goog-generation: 1614021401665338
x-goog-hash: crc32c=eSkeUw==, md5=zn/6p60fIVI7QHQm2Mvs1g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1299
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 18 Jun 2025 00:27:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
74 KB 169ms
24ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-114236658-1&l=dataLayer&cx=c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9db8897dbd0028072dcf9371bcfc8140bf586f1e9e3f6b35baca98a7a3e08a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75360
x-xss-protection: 0
last-modified: Tue, 18 Jun 2024 00:28:23 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Jun 2024 01:18:57 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 42ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7LFBNHR6BF&gtm=45je46c0v9116219100za200&_p=1718673536836&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1315331729.1718673537&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1718673536&sct=1&seg=0&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&dt=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=975&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LFBNHR6BF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:18:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imperva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 91ms
33ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7LFBNHR6BF&cid=1315331729.1718673537&gtm=45je46c0v9116219100za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LFBNHR6BF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:18:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imperva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 142ms
33ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7LFBNHR6BF&cid=1315331729.1718673537&gtm=45je46c0v9116219100za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1293386102

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:18:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 87ms
28ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 895772c79ca903e4-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/ 407 KB
98 KB 160ms
18ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 12zQcT/rVMicuxojEvnp3g==
age: 21373
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 100389
x-ms-lease-status: unlocked
last-modified: Tue, 18 Apr 2023 02:32:15 GMT
server: cloudflare
etag: 0x8DB3FB51FD9A927
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 28d3babc-501e-0022-05ac-12fc9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 895772cb2c41bb61-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 222 KB
75 KB 166ms
25ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KF4BJ8

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63f2f7d564921bcdf8b9a61515863e53070dedb20755e6cf37ad24924a04ff64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76969
x-xss-protection: 0
last-modified: Tue, 18 Jun 2024 00:28:23 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Jun 2024 01:18:57 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 66 KB
18 KB 157ms
15ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4d3dab569c7b9e24ba3484873769a6b4a34bd3ab4ef6ff53b1c5a5c60f7d5663

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Jun 2024 00:42:44 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "666b9204-10980"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 18315
expires: Tue, 18 Jun 2024 01:18:57 GMT

GET
H2 200 5601c189-ca1e-4728-80a2-9f7d7e128eb9.js Show response
imperva.containers.piwik.pro/ 303 KB
83 KB 187ms
29ms Script
application/javascript 2603:1020:203:3::489
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://imperva.containers.piwik.pro/5601c189-ca1e-4728-80a2-9f7d7e128eb9.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2603:1020:203:3::489 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0a2898376beb9b74ee46ddde4093f1b5e087a52d8a8019bdbbdd4f091662e01d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
referrer-policy: origin
etag: W/"9d548891fbcd1224-e85c20a4cb74d110"
vary: Accept-Encoding, Cookie
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate
x-robots-tag: none
x-cached: HIT

GET
H2 200 cdn-report-background.jpeg
www.imperva.com/blog/wp-content/uploads/2023/02/ 24 KB
24 KB 897ms
785ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/cdn-report-background.jpeg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bd97a1ba1726d0e2dc8aa6e3628a2eb68032b2a3607c4d9239d0bd56b6e75b1e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Sun, 05 Feb 2023 18:03:04 GMT
x-cdn: Imperva
etag: "63dfef58-5e22"
content-type: image/jpeg
x-iinfo: 8-30504694-30504717 2CNN RT(1718673535439 1733) q(0 5 5 -1) r(5 5) U18
cache-control: max-age=0
content-length: 24063

GET
H2 200 navbar-promotion-channel-program.png
www.imperva.com/blog/wp-content/uploads/2023/06/ 33 KB
34 KB 903ms
794ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/06/navbar-promotion-channel-program.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8e768be304cb57069ff9e61716ff1dd571e7d88f1dc18f00852a8fda9d0cd22a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Wed, 07 Jun 2023 12:23:03 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: "648076a7-851c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
x-slot: slot-1
x-iinfo: 8-30504694-30504717 2NNN RT(1718673535439 1736) q(0 5 5 -1) r(6 6) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 customers-application-security-banner.png
www.imperva.com/blog/wp-content/uploads/2023/02/ 29 KB
29 KB 900ms
791ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/customers-application-security-banner.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

596f24a4c1ca10df756d9b6293582a99f10d1becd6cbb50f3e8a8c74f4d17505

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 06 Feb 2023 10:50:06 GMT
x-cdn: Imperva
etag: "63e0db5e-7387"
content-type: image/png
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 1739) q(0 6 6 -1) r(6 6) U18
cache-control: max-age=0
content-length: 29608

GET
H2 200 Blog-banner.png
www.imperva.com/blog/wp-content/uploads/2023/02/ 104 KB
104 KB 913ms
805ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/Blog-banner.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b160daffaa522a02b24a9c260a50bc4c5ff7b081162f517fe343255f5d7ac5c2

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Mon, 06 Feb 2023 11:00:29 GMT
x-cdn: Imperva
etag: "63e0ddcd-19e17"
content-type: image/png
x-iinfo: 8-30504694-30504715 2VNN RT(1718673535439 1743) q(0 6 6 -1) r(7 7) U18
cache-control: max-age=0
content-length: 106065

GET
H2 200 esg-nevbar.png
www.imperva.com/blog/wp-content/uploads/2023/07/ 53 KB
55 KB 906ms
799ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/07/esg-nevbar.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d37b4b075815b666679e52c8064db9533be103d107c15f861db348ea48b4865b

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jul 2023 11:19:05 GMT
x-cdn: Imperva
etag: "64a6a329-d366"
content-type: image/png
x-iinfo: 8-30504694-30504711 2CNN RT(1718673535439 1746) q(0 6 6 -1) r(6 6) U18
cache-control: max-age=0
content-length: 54161

GET
H2 200 linkedin-black.svg
www.imperva.com/blog/wp-content/themes/impv/dist/imgs/ 744 B
507 B 915ms
809ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/imgs/linkedin-black.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-943cb304e9.min.css?ver=943cb304e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7662f910f71930fd17446eedb1e9670446fb6d6959e51a8049dbd0bad3bc0bd8

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-943cb304e9.min.css?ver=943cb304e9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-encoding: gzip
etag: "666176aa-2e8"
vary: Accept-Encoding
x-slot: slot-1
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 8-30504694-30504717 2NYN RT(1718673535439 1749) q(0 6 6 -1) r(7 7) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 twitter-black.svg
www.imperva.com/blog/wp-content/themes/impv/dist/imgs/ 372 B
392 B 907ms
801ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/imgs/twitter-black.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-943cb304e9.min.css?ver=943cb304e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ac63f437d99ab6b64b14d6a8ec86d56269d067448fe958e23aa13464221c0493

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-943cb304e9.min.css?ver=943cb304e9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-174"
content-type: image/svg+xml
x-iinfo: 8-30504694-30504711 2CNN RT(1718673535439 1752) q(0 6 6 -1) r(6 6) U18
cache-control: max-age=0
content-length: 275

GET
H2 200 facebook-black.svg
www.imperva.com/blog/wp-content/themes/impv/dist/imgs/ 894 B
594 B 915ms
810ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/imgs/facebook-black.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-943cb304e9.min.css?ver=943cb304e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7fd2e4240a153a2c752737589c0edc9833390bfa287647b41f56315ef7b7cd2d

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-943cb304e9.min.css?ver=943cb304e9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
content-encoding: gzip
etag: "666176aa-37e"
vary: Accept-Encoding
x-slot: slot-1
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 8-30504694-30504711 2NYN RT(1718673535439 1754) q(0 6 6 -1) r(7 7) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 bg-dots01.svg
www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/ 34 KB
13 KB 993ms
888ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/bg-dots01.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-eff78ebd7a.min.css?ver=eff78ebd7a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d3a7fd1356e747fac0fbffe52717d1f839d20da639548280999b2efb245c7ed

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-eff78ebd7a.min.css?ver=eff78ebd7a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-8650"
vary: Accept-Encoding
x-slot: slot-1
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 8-30504694-30504715 2NNN RT(1718673535439 1757) q(0 7 7 -1) r(8 8) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 bg-dots02.svg
www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/ 18 KB
7 KB 994ms
889ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/bg-dots02.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-eff78ebd7a.min.css?ver=eff78ebd7a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6c8d043959c8141f082282f3e70f8ccceec0405e72f60c5dcdbb005e31550107

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-eff78ebd7a.min.css?ver=eff78ebd7a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-4823"
vary: Accept-Encoding
x-slot: slot-1
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 8-30504694-30504709 2NNN RT(1718673535439 1760) q(0 7 7 -1) r(8 8) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 bg-dotted03.svg
www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/ 34 KB
13 KB 992ms
890ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/bg-dotted03.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-eff78ebd7a.min.css?ver=eff78ebd7a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8be60165f00625f3116094377a58246b598c01d24bb7e27d2983733a27e53ff3

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-eff78ebd7a.min.css?ver=eff78ebd7a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-8985"
vary: Accept-Encoding
x-slot: slot-1
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 8-30504694-30504717 2NNN RT(1718673535439 1763) q(0 6 6 -1) r(7 7) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 Inter-Regular.woff2
www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/ 98 KB
98 KB 140ms
135ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Regular.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-18810"
content-type: application/octet-stream
x-iinfo: 8-30504694-30504709 2CNN RT(1718673535439 1766) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=0
content-length: 99458

GET
H2 200 Inter-Medium.woff2
www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/ 104 KB
104 KB 258ms
254ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Medium.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d308f3dc654f14af6a600482f41458efe0667eb639ec7bf7ddd784502b8fd55

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-19ff4"
content-type: application/octet-stream
x-iinfo: 8-30504694-30504709 2VNN RT(1718673535439 1769) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=0
content-length: 105552

GET
H2 200 Inter-Bold.woff2
www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/ 105 KB
104 KB 238ms
233ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Bold.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f5e9a23c31da569497ae9c233b3a3176b33da9ecd52caa3b45dea57805a0cf8

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-1a288"
vary: Accept-Encoding
x-slot: slot-1
content-type: application/octet-stream
access-control-allow-origin: *
x-iinfo: 8-30504694-30504697 2NNN RT(1718673535439 1771) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 fontello.woff2
www.imperva.com/blog/wp-content/themes/impv/dist/fonts/fontello/ 2 KB
4 KB 272ms
267ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/fonts/fontello/fontello.woff2?6965835

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

190c977f5cfffc6ef67ef2bba456e93cd32fd179dfbe76bc066ef943fce85446

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-94d1fbc2c7.min.css?ver=94d1fbc2c7
Origin: https://www.imperva.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-978"
vary: Accept-Encoding
x-slot: slot-1
content-type: application/octet-stream
access-control-allow-origin: *
x-iinfo: 8-30504694-30504717 2NNN RT(1718673535439 1774) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 gabi-stapel-36x36.jpg.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2022/09/ 794 B
931 B 153ms
149ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2022/09/gabi-stapel-36x36.jpg.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

75b0b86ee3f9471a0bf00b9865b960f306a530af65be4115cb4b5cfa7bd62b1f

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 23:15:02 GMT
x-cdn: Imperva
etag: "63377876-31a"
content-type: image/webp
x-iinfo: 8-30504694-30504715 2CNN RT(1718673535439 1776) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=0
content-length: 794

GET
H2 200 DanielJohnston-150x150.jpg.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2019/09/ 14 KB
15 KB 268ms
264ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2019/09/DanielJohnston-150x150.jpg.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fd0606fc49a674cbb1ef84a9ddf674912de6cf9adee3fe838acfe0de0dede6c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Fri, 28 Aug 2020 19:28:37 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
etag: "5f495ae5-3920"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
x-slot: slot-1
x-iinfo: 8-30504694-30504715 2NNN RT(1718673535439 1778) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 d7cdb24c.min.js Show response
tag.demandbase.com/ 101 KB
26 KB 55ms
10ms Script
application/javascript 18.245.46.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/d7cdb24c.min.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-25.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

416fca9cbc59fa0b065d0940c8e03a1aebd919693e1edc93d9baee1910e3eb1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: IUKtkw9s6pjsMkj5NLjcG2NeJaW4Yr7A
content-encoding: gzip
via: 1.1 e47c87f8fd9c4c08ac7559d0bcc2b4c2.cloudfront.net (CloudFront)
date: Tue, 18 Jun 2024 01:10:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 1360
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Jun 2024 22:02:48 GMT
server: AmazonS3
etag: W/"f613de7908816f798731a1eeba48c232"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: uBDFBF0O_brQdj5HasJLrR309H24wZpxb6HNsa0sPjd_TDrN3Jl6nQ==

GET
H2 200 xrppvhbiz5n6.js Show response
js.driftt.com/include/1718673600000/ 221 KB
62 KB 220ms
139ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1718673600000/xrppvhbiz5n6.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

24688043f67a45e79662f6fc9b64ddf8ddccafaf458458fe066db7a1be89d05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vYj2QwoXuDHoMr32TIXJRIEgPcZmsDr0
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 18 Jun 2024 01:18:57 GMT
via: 1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 35
last-modified: Thu, 30 May 2024 18:54:04 GMT
server: istio-envoy
etag: W/"ae4f24426ae40aec8481b3eedc7098e8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: c1azTRhxhBeEOzjoM5smhPQN1d7RJ751Lfa31ghDZgV9p-ZSw6dP4g==

GET
H2 200 shape.svg
www.imperva.com/wp-content/uploads/2020/12/ 1 KB
105 B 801ms
21ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/wp-content/uploads/2020/12/shape.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3d225dda4cd22627a45339769c1713dd1b1b012e2a0cd0c45e51c584fde0950e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:57 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 15:09:03 GMT
x-cdn: Imperva
etag: "5fc7ae0f-53f"
content-type: image/svg+xml
x-iinfo: 8-30504694-0 0CNN RT(1718673535439 2458) q(0 -1 -1 -1) r(1 -1)
cache-control: max-age=0
content-length: 591

GET
H2 200 geo Show response
www.imperva.com/wp-json/geoLocationData/v1/ 144 B
605 B 779ms
775ms XHR
application/json 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-json/geoLocationData/v1/geo

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3464f8e3f55a81d8c22945424e15ff1beaee5fe31565564e19ce7b20f900920f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
tracestate: 402762@nr=0-1-322172-969995084-6f5e1090706ec317----1718673537799
traceparent: 00-db8fa411d667d00ec4cb6e51f9596780-6f5e1090706ec317-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjE3MiIsImFwIjoiOTY5OTk1MDg0IiwiaWQiOiI2ZjVlMTA5MDcwNmVjMzE3IiwidHIiOiJkYjhmYTQxMWQ2NjdkMDBlYzRjYjZlNTFmOTU5Njc4MCIsInRpIjoxNzE4NjczNTM3Nzk5LCJ0ayI6IjQwMjc2MiJ9fQ==
Accept: */*
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
x-cdn: Imperva
x-iinfo: 8-30504694-30504847 NNNN CT(92 209 0) RT(1718673535439 1781) q(0 0 3 -1) r(5 5) U12
content-length: 124
referrer-policy: same-origin
allow: GET, POST
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-slot: slot-1
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://www.imperva.com/wp-json/>; rel="https://api.w.org/"

GET
H2 200 geo Show response
www.imperva.com/wp-json/geoLocationData/v1/ 144 B
636 B 983ms
257ms XHR
application/json 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-json/geoLocationData/v1/geo

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3464f8e3f55a81d8c22945424e15ff1beaee5fe31565564e19ce7b20f900920f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
tracestate: 402762@nr=0-1-322172-969995084-f769e85714bc5ddb----1718673537859
traceparent: 00-8304e4eb71b370820ecb3cce5002f360-f769e85714bc5ddb-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjE3MiIsImFwIjoiOTY5OTk1MDg0IiwiaWQiOiJmNzY5ZTg1NzE0YmM1ZGRiIiwidHIiOiI4MzA0ZTRlYjcxYjM3MDgyMGVjYjNjY2U1MDAyZjM2MCIsInRpIjoxNzE4NjczNTM3ODU5LCJ0ayI6IjQwMjc2MiJ9fQ==
Accept: */*
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
x-cdn: Imperva
x-iinfo: 8-30504694-30504847 PNNN RT(1718673535439 2473) q(0 0 0 -1) r(2 2) U12
content-length: 124
referrer-policy: same-origin
allow: GET, POST
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-slot: slot-1
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://www.imperva.com/wp-json/>; rel="https://api.w.org/"

GET
H2 200 geo Show response
www.imperva.com/wp-json/geoLocationData/v1/ 144 B
357 B 1274ms
293ms XHR
application/json 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-json/geoLocationData/v1/geo

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3464f8e3f55a81d8c22945424e15ff1beaee5fe31565564e19ce7b20f900920f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
tracestate: 402762@nr=0-1-322172-969995084-7b6c7e379bd9addd----1718673537869
traceparent: 00-c49177bce1c39a616d3c4657c2a38550-7b6c7e379bd9addd-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjE3MiIsImFwIjoiOTY5OTk1MDg0IiwiaWQiOiI3YjZjN2UzNzliZDlhZGRkIiwidHIiOiJjNDkxNzdiY2UxYzM5YTYxNmQzYzQ2NTdjMmEzODU1MCIsInRpIjoxNzE4NjczNTM3ODY5LCJ0ayI6IjQwMjc2MiJ9fQ==
Accept: */*
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
x-cdn: Imperva
x-iinfo: 8-30504694-30504847 PNNN RT(1718673535439 2736) q(0 0 0 -1) r(3 3) U12
content-length: 124
referrer-policy: same-origin
allow: GET, POST
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-slot: slot-1
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://www.imperva.com/wp-json/>; rel="https://api.w.org/"

GET
H2 200 web Show response
edge.fullstory.com/s/settings/Y5R7X/v1/ 4 KB
1 KB 119ms
118ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/Y5R7X/v1/web
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 71b1a3e3da3d092a081225f5b6272e4ccfe9b32d81575fb33a015a1a22dbb7d9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ACJd0NpTMIxfAC6EnX7r5AYkStezejwTwJcX5V6uNU-Rzv8WMMhQzbYsUbOI5J7pllZJk5pyiUQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1198
last-modified: Wed, 21 Jun 2023 11:08:06 GMT
server: UploadServer
etag: "ec2c68ea8d76de6f93aa55d2dd62e952"
x-goog-generation: 1687345685956137
x-goog-hash: crc32c=DuKRaA==, md5=7Cxo6o123m+TqlXS3WLpUg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1198
accept-ranges: bytes
content-type: application/json
expires: Tue, 18 Jun 2024 01:33:58 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/091ebf04-8283-4c90-a26c-86623781f703/76ec43e5-0519-49c8-abbd-3a014a11c1ea/ 113 KB
23 KB 66ms
53ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/091ebf04-8283-4c90-a26c-86623781f703/76ec43e5-0519-49c8-abbd-3a014a11c1ea/en.json

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30f890a763ef761e59cf09a86be14e655e72a5231f76b32fd6a0e6114264b329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 64129
content-md5: +1Hlg87bcMDnScZwyCRcdQ==
content-length: 23140
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 15:04:56 GMT
server: cloudflare
etag: 0x8DBB9EAF3D17A5A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ddd14160-101e-008a-2c58-796232000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 895772ce1f0c3830-FRA
expires: Wed, 19 Jun 2024 01:18:58 GMT

GET
DATA 200
OK truncated
/ 210 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51cc5cc0737cbfcc7c7e35a142af498e9784a6bf6fb14815834d8b934b2319f3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 130ms
0ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 23:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5875
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 18 Jun 2024 01:41:03 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 176ms
31ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc050003a767b23097b3f9566be0c33c3655ded698e06605e4b6708ee7f7cc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 18 Jun 2024 01:18:58 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 150ms
18ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 01:18:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 156ms
11ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D4) /

Resource Hash

2423c36666060a11ae7a7bc76fd25db6f7cb003beb5a5d1f6076e01edd9dd000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Sun, 16 Jun 2024 16:27:29 GMT
server: ECS (frb/67D4)
age: 14613
etag: "bf17d15ac0da1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25394

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 210ms
37ms Script
application/javascript 2a02:26f0:3100::1735:2823
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2823 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 May 2024 16:52:20 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=78017
accept-ranges: bytes
content-length: 16683

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
85 KB 70ms
68ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-991406091

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a4740e4cdafda4d13475d05cd756f317e9d88fff01e006adcb19ba884ce4ef1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86609
x-xss-protection: 0
last-modified: Tue, 18 Jun 2024 00:28:23 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Jun 2024 01:18:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
85 KB 49ms
37ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-991406091&l=dataLayer&cx=c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3a541c75bf614fe95fa5eabbcdaf65811a59e1827df0dba3c5744064a9b4585d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86535
x-xss-protection: 0
last-modified: Tue, 18 Jun 2024 00:28:23 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Jun 2024 01:18:58 GMT

GET
H2 200 ppms.js Show response
imperva.piwik.pro/ 60 KB
24 KB 106ms
24ms Script
application/javascript 2603:1020:203:3::489
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://imperva.piwik.pro/ppms.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2603:1020:203:3::489 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d780ea58706b7a21b1db69f47c3c575c1f952291cc7963ae7ea050e78d1b1e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Wed, 29 May 2024 11:49:19 GMT
referrer-policy: origin
etag: W/"6657163f-efb3"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=21600
expires: Tue, 18 Jun 2024 07:18:58 GMT

GET
H2 200 sync
s.company-target.com/s/ Frame 3418 0
0 203ms
97ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Tue, 18 Jun 2024 01:18:58 GMT
via: 1.1 google

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 92ms
26ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 202 page Show response
rs.fullstory.com/rec/ 75 B
282 B 197ms
126ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

d3cfdc0aeea2b41a0bf11c2ed24e615f84abd0d9495e5c66fb328540819b9cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.imperva.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75

GET
H2 200 _Incapsula_Resource
www.imperva.com/ 1 B
1 KB 14ms
11ms Image
text/plain 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6112104699641652

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
cache-control: no-cache, no-store
x-content-type-options: nosniff
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/ 13 KB
3 KB 56ms
34ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otFlat.json

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jun 2024 01:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QSeDXFW8Ey6Sps1UWSFoNg==
age: 15730
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Tue, 18 Apr 2023 02:32:07 GMT
server: cloudflare
etag: 0x8DB3FB51B21D3A6
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 559b483f-201e-0028-60a6-21582b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 895772d36a4c3830-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/ 21 KB
4 KB 57ms
35ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otCommonStyles.css

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jun 2024 01:18:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 9413
x-ms-lease-status: unlocked
last-modified: Tue, 18 Apr 2023 02:32:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 0d8297c8-101e-0041-58cd-216167000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 895772d36a4d3830-FRA

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 456 B
948 B 175ms
49ms XHR
application/json 18.66.102.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&page_title=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-85.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: a8bf87e9954ff307c0ed5aff9e697455b1e6f85882d395847990883f1276ff16

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 18 Jun 2024 01:18:59 GMT
content-encoding: gzip
identification-source: CENTRAL
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: db37aca4-3611-4502-b654-0b0682b2c97d
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.imperva.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1aE-95EQGk35W8YVUXUSJL6P0TVIoxAwAwjB12vQtIqTwIJUv4N9JQ==
expires: Mon, 17 Jun 2024 01:18:59 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 86ms
15ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=149179859&t=pageview&_s=1&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&ul=de-de&de=UTF-8&dt=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2094423536&gjid=452789725&cid=1315331729.1718673537&tid=UA-114236658-1&_gid=10751067.1718673539&_r=1&gtm=457e46c0z89116219100za200zb9116219100&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=425586119

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:18:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imperva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/590f65a6/www-widgetapi.vflset/ 24 KB
8 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/590f65a6/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9a72654f03de616b6fd58b742dff09a02588726c80f6a1fca5809365b591930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 00:00:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8237
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 04:19:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 18 Jun 2025 00:00:15 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 12ms
11ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 01:18:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Thu, 26 Sep 2024 01:18:59 GMT

GET
H2 200 ipv
cdn.bizible.com/ 43 B
328 B 11ms
8ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=0fdba730c0be4b12f88dafa64b31a02b&_biz_l=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&_biz_t=1718673539205&_biz_i=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva&_biz_n=0&rnd=564865&cdn_o=a&_biz_z=1718673539208

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:18:59 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 14 Jun 2024 21:15:25 GMT
server: ECS (frb/67BA)
age: 273814
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
204 B 56ms
8ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizibly.com/u?_biz_u=0fdba730c0be4b12f88dafa64b31a02b&_biz_l=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&_biz_t=1718673539213&_biz_i=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva&rnd=22486&cdn_o=a&_biz_z=1718673539214

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:18:59 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 14 Jun 2024 21:15:27 GMT
server: ECS (frb/6752)
age: 273812
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

POST
H2 202 ppms.php
imperva.piwik.pro/ 0
0 23ms
21ms Ping
text/html 2603:1020:203:3::489
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://imperva.piwik.pro/ppms.php
Requested by: Host: imperva.piwik.pro
URL: https://imperva.piwik.pro/ppms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2603:1020:203:3::489 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
813 B 154ms
120ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=3567372&time=1718673539266&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:58 GMT
content-encoding: gzip
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 58E18DABCD82494298D2F34F3EE48446 Ref B: FRAEDGE1318 Ref C: 2024-06-18T01:18:59Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lva1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYbH93MPB6V71urd1Xhnw==
x-fs-uuid: 00061b1fddcc3c1e95ef5bab7755e19f

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3567372&time=1718673539266&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomw...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3567372&time=1718673539266&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransom...

0
266 B

237ms
197ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3567372&time=1718673539266&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&e_ipv6=AQJgdoNFePV7rAAAAZAo7QFDlK0Q_CIMhd7PS7RTkw4iP9w8fByi4GnPw5OdyB5F2A
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 18 Jun 2024 01:18:59 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D02B0F93D031478E82380CA65F04CF12 Ref B: DUS30EDGE0416 Ref C: 2024-06-18T01:18:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYbH93QoO6PLk7dBKqz4g==

Redirect headers

date: Tue, 18 Jun 2024 01:18:58 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 95515FDD504B4008B5878DE2F3C6E758 Ref B: FRAEDGE1712 Ref C: 2024-06-18T01:18:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3567372&time=1718673539266&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&e_ipv6=AQJgdoNFePV7rAAAAZAo7QFDlK0Q_CIMhd7PS7RTkw4iP9w8fByi4GnPw5OdyB5F2A
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYbH93M0+xTSaDTd5A1lg==

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 84 B
294 B 124ms
123ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=0fdba730c0be4b12f88dafa64b31a02b&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.06.13

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6711) /

Resource Hash

6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
server: ECS (frb/6711)
etag: EFEDFBC3
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 186

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 22ms
19ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-114236658-1&cid=1315331729.1718673537&jid=2094423536&gjid=452789725&_gid=10751067.1718673539&npa=1&_u=YADAAUAAAAAAACAAI~&z=1424182629

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jun 2024 01:18:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imperva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
420 B 438ms
398ms XHR
text/html 2600:9000:2724:8e00:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=1aE-95EQGk35W8YVUXUSJL6P0TVIoxAwAwjB12vQtIqTwIJUv4N9JQ==&api-version=v2
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:8e00:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Mon, 17 Jun 2024 04:47:20 GMT
via: 1.1 7f26f4279546775ace8410d89a15a960.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 73907
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: -1l09VrCBICwFeSJANbvpZyXsgn8HTE7ONJi71ZrMhwWxDJJ8BpDEw==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=149179859&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&ul=de-de&de=UTF-8&dt=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aDDAAUABAAAAACAAI~&jid=&gjid=&cid=1315331729.1718673537&tid=UA-114236658-1&_gid=10751067.1718673539&gtm=457e46c0z89116219100za200zb9116219100&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&cd2=Residential&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=Germany&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=(Non-Company%20Visitor)&cd13=(Non-Company%20Visitor)&npa=1&z=115433875

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 21:58:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12036
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK visitWebPage
727-wrl-406.mktoresp.com/webevents/ 2 B
318 B 870ms
233ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://727-wrl-406.mktoresp.com/webevents/visitWebPage?_mchNc=1718673539413&_mchCn=&_mchId=727-WRL-406&_mchTk=_mch-imperva.com-1718673539412-80960&_mchHo=www.imperva.com&_mchPo=&_mchRu=%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 01:19:00 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 7b183ccb-0d1e-4685-b317-592145642e72

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 61ms
26ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114236658-1&cid=1315331729.1718673537&jid=2094423536&npa=1&_u=YADAAUAAAAAAACAAI~&z=1488652077

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:18:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 20ms
20ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114236658-1&cid=1315331729.1718673537&jid=2094423536&npa=1&_u=YADAAUAAAAAAACAAI~&z=1488652077

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:18:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 strants-not-worstling-We-what-her-Lords-Thunderd Show response
www.imperva.com/ 735 B
878 B 49ms
47ms Fetch
application/json 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/strants-not-worstling-We-what-her-Lords-Thunderd?d=www.imperva.com

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/strants-not-worstling-We-what-her-Lords-Thunderd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d64fa760cba018ba5b8ece319f6d03aa187a23187867dfb61cfe55c789503a05

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8
Accept: application/json; charset=utf-8
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:59 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
x-content-type-options: nosniff
content-encoding: gzip
x-cdn: Imperva
content-type: application/json
access-control-allow-origin: *
x-iinfo: 8-30504694-30504701 PNYN RT(1718673535439 3658) q(0 1 1 -1) r(1 1) U6
cache-control: no-cache, no-store
server-timing: bon, total;dur=35.123924

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
196 B 192ms
190ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:59 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 40FC37BD5C2642CE8EC68EBA90D6DAD8 Ref B: FRAEDGE1712 Ref C: 2024-06-18T01:18:59Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://www.imperva.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYbH93UT3BkNykpIlGqlw==

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 22ms
12ms XHR
text/html 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:59 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.imperva.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 15 B
302 B 165ms
31ms XHR
text/html 2a02:26f0:3100::1735:2baa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2baa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6295b1732dc3969338c1245a75f5bf00276f29e91036e3dd9fdfb603d980b91a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:18:59 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.imperva.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:5a::10
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1718673539883_389360550_579415831_25_1012_34_67_219";dur=1
content-length: 15
expires: Tue, 18 Jun 2024 01:18:59 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 133ms
105ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7c877db4-bba2-4d51-8db9-710c8b22d4c0&session=1c254be9-8311-4f2a-8b51-269aa8d533fc&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2018%20Jun%202024%2001%3A18%3A57%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=91f8d8e6-0fc6-4c98-87a7-528bc8119f90&v=1.1.21

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:18:59 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 18 Jun 2024 01:18:59 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 337ms
311ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7c877db4-bba2-4d51-8db9-710c8b22d4c0&session=1c254be9-8311-4f2a-8b51-269aa8d533fc&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2018%20Jun%202024%2001%3A18%3A57%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%226ba0a5170b7bdf842e22ba6f114c37d0%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2018%20Jun%202024%2001%3A18%3A57%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2018%20Jun%202024%2001%3A18%3A57%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=91f8d8e6-0fc6-4c98-87a7-528bc8119f90&v=1.1.21

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:19:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 18 Jun 2024 01:19:00 GMT

GET
H2 200 core
js.driftt.com/ Frame 9C22 0
0 467ms
441ms Document
text/html 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=xrppvhbiz5n6&eId=xrppvhbiz5n6&region=US&forceShow=false&skipCampaigns=false&sessionId=8ff09ce0-efa8-47cb-81d7-0a4f1fd979fa&sessionStarted=1718673539.8&campaignRefreshToken=f7cb5324-7125-4d27-9da6-f451d7c04d2c&hideController=false&pageLoadStartTime=1718673536782&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 18 Jun 2024 01:19:00 GMT
etag: W/"5bb8e97d035f5bbf7dbcf6acec56024f"
last-modified: Thu, 30 May 2024 18:53:57 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 fc486e72455da7c1d3be4472dd5ba8b2.cloudfront.net (CloudFront)
x-amz-cf-id: GI0byOurei8cp2k2ED9sfVXKbLCANUX1698e12MwejnJnSXs5WfIeg==
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: ZQPLXKU2LF9qHSvtQBhI5fOuyTbAKL0d
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 23

GET
H2 200 chat
js.driftt.com/core/ Frame 72AB 0
0 141ms
115ms Document
text/html 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1718673536782

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 18 Jun 2024 01:18:59 GMT
etag: W/"5bb8e97d035f5bbf7dbcf6acec56024f"
last-modified: Thu, 30 May 2024 18:53:57 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 fc486e72455da7c1d3be4472dd5ba8b2.cloudfront.net (CloudFront)
x-amz-cf-id: LPiHFhpxk2cAH2eFdZ5eSYYV2smQ7DOUqm_2jEnHPlwy-w6HFNwuyQ==
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: ZQPLXKU2LF9qHSvtQBhI5fOuyTbAKL0d
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 19

GET
H2 200 nr-spa-1209.min.js Show response
js-agent.newrelic.com/ 42 KB
17 KB 32ms
7ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1209.min.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: KgzCtiOnqYr340UnH7uEeaW1TwZyFYCF
content-encoding: br
via: 1.1 varnish
date: Tue, 18 Jun 2024 01:18:59 GMT
strict-transport-security: max-age=300
x-amz-request-id: 4WAVF7EV2C8X5SKF
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16548
x-amz-id-2: nrPfOhTAbGmiGdZ3temoXOUezULyXarv/l0MilURebHvuHRdUgCMM4PmXzNnBWeuHmi8/LbWH6c=
x-served-by: cache-fra-etou8220062-FRA
last-modified: Wed, 18 Oct 2023 21:31:08 GMT
server: AmazonS3
etag: "0a1d4ac0ed6107cdf844f28cc3ba3b82"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 1698

GET
H/1.1 200 09b953aa28 Show response
bam.nr-data.net/1/ 79 B
579 B 1597ms
1260ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/09b953aa28?a=969995084&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=3907&ck=1&ref=https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/&be=596&fe=3738&dc=1821&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1718673536074,%22n%22:0,%22f%22:0,%22dn%22:33,%22dne%22:33,%22c%22:33,%22s%22:42,%22ce%22:54,%22rq%22:54,%22rp%22:460,%22rpe%22:708,%22dl%22:469,%22di%22:1781,%22ds%22:1800,%22de%22:1883,%22dc%22:3715,%22l%22:3737,%22le%22:3767%7D,%22navigation%22:%7B%7D%7D&fp=1739&fcp=1739&jsonp=NREUM.setToken
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c909725b0ea7da9994f16e47a4142783410c5aa25cdd7770f85dc61eb8a170c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:19:01 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: *
Content-Length: 79
x-served-by: cache-wie-etou8220165-WIE

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 103ms
102ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7c877db4-bba2-4d51-8db9-710c8b22d4c0&session=1c254be9-8311-4f2a-8b51-269aa8d533fc&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A5a%3A%3A10%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=91f8d8e6-0fc6-4c98-87a7-528bc8119f90&v=1.1.21

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:19:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 18 Jun 2024 01:19:00 GMT

GET
H2 200 Code-1.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/ 11 KB
106 B 159ms
147ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/06/Code-1.png.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

168ac2a75a081b9b182b5cdcd6fe36bc2f084a0c62875826845d990a681fa4c4

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:18:59 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Jun 2024 17:58:09 GMT
x-cdn: Imperva
etag: "66673eb1-2a60"
content-type: image/webp
x-iinfo: 8-30504694-0 0CNN RT(1718673535439 4162) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 10480

GET
H2 200 u
cdn.bizible.com/ 43 B
109 B 290ms
289ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A727-WRL-406%26token%3A_mch-imperva.com-1718673539412-80960&_biz_u=0fdba730c0be4b12f88dafa64b31a02b&_biz_l=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&_biz_t=1718673540214&_biz_i=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva&_biz_n=1&rnd=608256&cdn_o=a&_biz_z=1718673540215

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:19:00 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 14 Jun 2024 21:15:27 GMT
server: ECS (frb/6752)
age: 273813
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 107ms
105ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7c877db4-bba2-4d51-8db9-710c8b22d4c0&session=1c254be9-8311-4f2a-8b51-269aa8d533fc&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2018%20Jun%202024%2001%3A19%3A00%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2018%20Jun%202024%2001%3A18%3A57%20GMT%22%2C%22timeSpent%22%3A%222942%22%2C%22totalTimeSpent%22%3A%222942%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=91f8d8e6-0fc6-4c98-87a7-528bc8119f90&v=1.1.21

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:19:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 18 Jun 2024 01:19:00 GMT

GET
H2 200 favicon.png
www.imperva.com/wp-content/themes/impv/icons/ 415 B
524 B 120ms
118ms Other
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/icons/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

01ec196bf73e983ac57b3769fd71e3fcc07123f0cf6998e2ed095a7a75843e8a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:19:01 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-19f"
content-type: image/png
x-iinfo: 8-30504694-30504717 2VNN RT(1718673535439 5485) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 415

GET
H2 200 favicon.icns
www.imperva.com/wp-content/themes/impv/icons/ 802 B
919 B 120ms
119ms Other
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/icons/favicon.icns

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

15799e5551a532f329f20935f7f365968188541c2519369e70b6fed7b4c8f5e5

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:19:01 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-322"
content-type: application/octet-stream
x-iinfo: 8-30504694-30504717 2VNN RT(1718673535439 5608) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 802

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 104ms
104ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7c877db4-bba2-4d51-8db9-710c8b22d4c0&session=1c254be9-8311-4f2a-8b51-269aa8d533fc&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2018%20Jun%202024%2001%3A19%3A01%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2018%20Jun%202024%2001%3A19%3A00%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223944%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=91f8d8e6-0fc6-4c98-87a7-528bc8119f90&v=1.1.21

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:19:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 18 Jun 2024 01:19:01 GMT

GET
H2 200 favicon.ico
www.imperva.com/ 1 KB
1 KB 122ms
121ms Other
image/x-icon 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

78949eac36ad0be444962fa0a2885a20503fae47cd999442d301d61a5e4be0bb

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:19:01 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-47e"
content-type: image/x-icon
x-iinfo: 8-30504694-30504717 2VNN RT(1718673535439 5734) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 1150

GET
H2 200 favicon.ico
www.imperva.com/wp-content/themes/impv/icons/ 1 KB
1 KB 123ms
122ms Other
image/x-icon 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/icons/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

78949eac36ad0be444962fa0a2885a20503fae47cd999442d301d61a5e4be0bb

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:19:01 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-47e"
content-type: image/x-icon
x-iinfo: 8-30504694-30504717 2VNN RT(1718673535439 5860) q(0 1 1 -1) r(2 2)
cache-control: max-age=0
content-length: 1150

GET
H2 200 favicon-32.png
www.imperva.com/wp-content/themes/impv/icons/ 629 B
2 KB 130ms
129ms Other
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/icons/favicon-32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f704a7156ec50c34bba729b656133b6099c5ee960d8271af5f8be8863b91b66

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:19:01 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com *.demandbase.com *.company-target.com id.rlcdn.com yoast.com *.hcaptcha.com demostack.app snap.licdn.com *.linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 08:43:22 GMT
x-cdn: Imperva
etag: "666176aa-275"
content-type: image/png
x-iinfo: 8-30504694-30504717 2VNN RT(1718673535439 5983) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 629

POST
H2 202 ppms.php
imperva.piwik.pro/ 0
0 25ms
24ms Ping
text/html 2603:1020:203:3::489
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://imperva.piwik.pro/ppms.php
Requested by: Host: imperva.piwik.pro
URL: https://imperva.piwik.pro/ppms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2603:1020:203:3::489 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=149179859&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&ul=de-de&de=UTF-8&dt=Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%202242516&_u=aDDAAUABAAAAACAAI~&jid=&gjid=&cid=1315331729.1718673537&tid=UA-114236658-1&_gid=10751067.1718673539&gtm=457e46c0z89116219100za200zb9116219100&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&cd2=Residential&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=Germany&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=(Non-Company%20Visitor)&cd13=(Non-Company%20Visitor)&npa=1&z=915835020

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 21:58:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12039
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 111ms
111ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7c877db4-bba2-4d51-8db9-710c8b22d4c0&session=1c254be9-8311-4f2a-8b51-269aa8d533fc&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2018%20Jun%202024%2001%3A19%3A02%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2018%20Jun%202024%2001%3A19%3A01%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224945%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=91f8d8e6-0fc6-4c98-87a7-528bc8119f90&v=1.1.21

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:19:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 18 Jun 2024 01:19:02 GMT

POST
H/1.1 200 09b953aa28 Show response
bam.nr-data.net/events/1/ 24 B
342 B 205ms
204ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/09b953aa28?a=969995084&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=7533&ck=1&ref=https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 18 Jun 2024 01:19:03 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.imperva.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-wie-etou8220174-WIE

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
0 107ms
107ms Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7c877db4-bba2-4d51-8db9-710c8b22d4c0&session=1c254be9-8311-4f2a-8b51-269aa8d533fc&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2018%20Jun%202024%2001%3A19%3A03%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2018%20Jun%202024%2001%3A19%3A02%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225946%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=91f8d8e6-0fc6-4c98-87a7-528bc8119f90&v=1.1.21

Protocol

Server

-, , ASN (),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:19:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 18 Jun 2024 01:19:03 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
0 108ms
108ms Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=7c877db4-bba2-4d51-8db9-710c8b22d4c0&session=1c254be9-8311-4f2a-8b51-269aa8d533fc&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2018%20Jun%202024%2001%3A19%3A04%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2018%20Jun%202024%2001%3A19%3A03%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226947%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Update%3A%20CVE-2024-4577%20quickly%20weaponized%20to%20distribute%20%E2%80%9CTellYouThePass%E2%80%9D%20Ransomware%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&pageViewId=91f8d8e6-0fc6-4c98-87a7-528bc8119f90&v=1.1.21

Protocol

Server

-, , ASN (),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 01:19:04 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 18 Jun 2024 01:19:04 GMT

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imperva.com/	1969-12-31 23:59:59	Name: nlbi_2439_1706812 Value: +k5ZaxvJOnk4GGpsDugsBAAAAACpE0Njd+p2m3ONJXRJAP2H
.imperva.com/	1970-01-21 06:10:02	Name: visid_incap_2439 Value: grzNcYZYTnOcFhHtpSnM93/gcGYAAAAAQUIPAAAAAACKri8xQGAUl0PwIBAB9+QW
.imperva.com/	1969-12-31 23:59:59	Name: incap_ses_1515_2439 Value: 7z5qeK448kYeZLbQi1wGFX/gcGYAAAAAo3dwnjvkWrqN2p23+2hcMA==
www.imperva.com/	1969-12-31 23:59:59	Name: isEuropeUser Value: true
www.imperva.com/	1969-12-31 23:59:59	Name: cookieconsent_status Value: europe-user
.imperva.com/	1970-01-21 07:00:33	Name: _ga_7LFBNHR6BF Value: GS1.1.1718673536.1.0.1718673536.60.0.0
.go.imperva.com/	1970-01-20 21:24:35	Name: __cf_bm Value: xNhZ7kcTEgc40AFMOEzd8BF3Y9Ql0kJ0yApLAzSzG2k-1718673537-1.0.1.1-rsjDdO82ShzjZaACcppqxFBmU5u2NVFkXs7B2Ppgtm3UlQR0n6hZn01A.02VayTaW6lFsHczdVmYVzWm_clgNw
www.imperva.com/	1970-01-21 06:10:09	Name: isReturningUser Value: true
www.imperva.com/	1970-01-20 21:24:35	Name: stg_traffic_source_priority Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: SMFsLGtMrxY
.youtube.com/	1970-01-21 01:43:45	Name: VISITOR_INFO1_LIVE Value: _ULevWvq4qs
.youtube.com/	1970-01-21 01:43:45	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgQg%3D%3D
.company-target.com/	1970-01-21 07:00:33	Name: tuuid Value: a46dae1c-9a7f-4df3-83eb-1de1cbb73808
.company-target.com/	1970-01-21 07:00:33	Name: tuuid_lu Value: 1718673538\|ix:0\|mctv:0\|rp:0
www.imperva.com/	1970-01-21 06:10:09	Name: stg_last_interaction Value: Tue%2C%2018%20Jun%202024%2001:18:59%20GMT
www.imperva.com/	1970-01-21 06:10:09	Name: stg_returning_visitor Value: Tue%2C%2018%20Jun%202024%2001:18:59%20GMT
.imperva.com/	1970-01-21 07:00:33	Name: _ga Value: GA1.2.1315331729.1718673537
.imperva.com/	1970-01-20 21:25:59	Name: _gid Value: GA1.2.10751067.1718673539
.imperva.com/	1970-01-20 21:24:33	Name: _gat_gtag_UA_114236658_1 Value: 1
www.imperva.com/	1970-01-20 21:24:35	Name: ppwp_wp_session Value: 55a2a7b0c956e8b8132c9935daa3bca1%7C%7C1718675338%7C%7C1718674978
.imperva.com/	1970-01-21 06:10:09	Name: _biz_uid Value: 0fdba730c0be4b12f88dafa64b31a02b
.bizible.com/	1970-01-21 06:10:09	Name: _BUID Value: 0fdba730c0be4b12f88dafa64b31a02b
.casalemedia.com/	1970-01-21 06:10:09	Name: CMID Value: ZnDgg7mqPXIAAFMxAaucwQAA
.casalemedia.com/	1970-01-20 23:34:09	Name: CMPS Value: 3213
.casalemedia.com/	1970-01-20 23:34:09	Name: CMPRO Value: 3213
.imperva.com/	1970-01-20 23:34:09	Name: _gcl_au Value: 1.1.707445876.1718673539
.imperva.com/	1970-01-20 21:24:35	Name: _pk_ses.5601c189-ca1e-4728-80a2-9f7d7e128eb9.4f80 Value: *
.bizibly.com/	1970-01-21 06:10:09	Name: _BUID Value: 289eb3d4c492b376d22bab279ead6f4c
.imperva.com/	1970-01-21 01:43:45	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Jun+18+2024+03%3A18%3A59+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202303.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=8f68fbdd-e367-4cb3-b30a-706c82b80c3d&interactionCount=0&landingPath=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fupdate-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.imperva.com/	1970-01-21 07:00:33	Name: _mkto_trk Value: id:727-WRL-406&token:_mch-imperva.com-1718673539412-80960
.tremorhub.com/	1970-01-21 06:10:30	Name: tvid Value: 4cc108d4feb84440834a5ec7bf39ce83
.tremorhub.com/	1970-01-21 07:00:33	Name: tv_UIDM Value: a46dae1c-9a7f-4df3-83eb-1de1cbb73808
.linkedin.com/	1970-01-21 06:10:09	Name: bcookie Value: "v=2&0a1037ad-2cff-4560-8fbb-bc2db80004e9"
.linkedin.com/	1970-01-21 01:43:45	Name: li_gc Value: MTswOzE3MTg2NzM1Mzk7MjswMjFW4r/RmkpHcN/h0irLvTgqYRTXSWRBakT4kL8mpK5/dg==
.linkedin.com/	1970-01-20 21:25:59	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2897:u=1:x=1:i=1718673539:t=1718759939:v=2:sig=AQEQRZ5SmxDknicLC0BlS8HjMzfeDywr"
www.imperva.com/	1970-01-21 07:00:33	Name: _gd_visitor Value: 7c877db4-bba2-4d51-8db9-710c8b22d4c0
www.imperva.com/	1970-01-20 21:24:47	Name: _gd_session Value: 1c254be9-8311-4f2a-8b51-269aa8d533fc
www.imperva.com/	1970-01-20 21:24:35	Name: drift_campaign_refresh Value: f7cb5324-7125-4d27-9da6-f451d7c04d2c
.imperva.com/	1969-12-31 23:59:59	Name: nlbi_2439_2147483392 Value: elNRXwjwXggtWR8TDugsBAAAAADWA4MQf94DddxjSBb6tWHC
.www.imperva.com/	1970-01-20 22:07:45	Name: reese84 Value: 3:a6PDYDBz8xVJmmGHL1KftA==:GSQ3Ck3gQfeXSZAmBaisrh8g7pUVi0ZeqbEPRoL00kQ3b04aQCD8hfWe0NAH0WvT/RuGO466wzpZ9Vs5YYpu1a2/e+6l1gOyeZ02biiSpV52inU8R4LCcSIbVS5jM8lSOIlUQ0Sfr2PX39uJXH95or/KP/0Y5WragSSKYFEMiBPJSU4Rfpm0wbpvLBsSi9eq7xspt082jo82wHKwytpyJh0PZkdBmmI30mXUEPqteM+7NUU5ZJtWKhlHnWAysVr8ET71v1m7BhLDX/Nt133zXpz3G6fK7RSjzZ7EkCYcDBaqocI86IsQ5jgCmX2Znqp0V1g93FV5qx+Ghc5ejel6r4lxPdgkY/Do+T4TENfX6ULY1GVhDT1UaQC8/vGvKfXZOFpQM0aPVj+XTCoJCPHyFq/loJ3jjnU1GooPZqKb8zISu48kJMnSCK+X8o/JRGHHL41H0bi9dc4QVhk991e33xpuZ85uYAHHASyGohXccaw5QmUNvnMEAL/zS1k9kCau87/F7TpUq93AfnH4YtLBrgKLp7mdGxSit/RHgYzHeIkj2X3/TdK75cT1X97mIB4M/0ojjEC9ihI8poqtuD2fFA==:AOn9T3XUeEPL7fvZw5s2OUOi2IWbyo3NwL8a17IMI3o=
.imperva.com/	1970-01-21 06:10:09	Name: _biz_nA Value: 2
.imperva.com/	1970-01-21 06:10:09	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%2C%22Mkto%22%3A%221%22%7D
.imperva.com/	1970-01-21 06:10:09	Name: _biz_pendingA Value: %5B%5D
www.imperva.com/	1970-01-21 07:00:33	Name: drift_aid Value: d4c0c27e-d98a-4326-b208-3d5bddfe863f
www.imperva.com/	1970-01-21 07:00:33	Name: driftt_aid Value: d4c0c27e-d98a-4326-b208-3d5bddfe863f
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: b9091645c2ed5b90
.imperva.com/	1970-01-21 06:50:28	Name: _pk_id.5601c189-ca1e-4728-80a2-9f7d7e128eb9.4f80 Value: db7cdb83688a6de2.1718673539.1.1718673543.1718673539.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://js.driftt.com/include/1718673600000/xrppvhbiz5n6.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com .demandbase.com .company-target.com id.rlcdn.com yoast.com .hcaptcha.com demostack.app snap.licdn.com .linkedin.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com demostack.app ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

727-wrl-406.mktoresp.com
api.company-target.com
b.6sc.co
bam.nr-data.net
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
edge.fullstory.com
geolocation.onetrust.com
go.imperva.com
id.rlcdn.com
imperva.containers.piwik.pro
imperva.piwik.pro
ipv6.6sc.co
j.6sc.co
js-agent.newrelic.com
js.driftt.com
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
rs.fullstory.com
s.company-target.com
snap.licdn.com
stats.g.doubleclick.net
storage.googleapis.com
tag-logger.demandbase.com
tag.demandbase.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.imperva.com
www.youtube.com
104.17.72.206
13.107.42.14
142.250.184.238
142.250.185.196
142.250.185.232
142.250.186.67
152.195.15.58
162.247.243.29
18.245.46.25
18.245.86.73
18.245.86.77
18.66.102.85
192.28.144.124
2001:4860:4802:32::36
2600:9000:2724:8e00:1d:8d6d:3b40:93a1
2602:816:5001::39
2603:1020:203:3::489
2606:4700:4400::6812:2089
2606:4700::6813:b234
2620:1ec:21::14
2a00:1450:4001:801::200e
2a00:1450:4001:803::201b
2a00:1450:4001:813::2008
2a00:1450:4001:813::200e
2a00:1450:400c:c06::9b
2a02:26f0:3100::1735:2823
2a02:26f0:3100::1735:2baa
34.96.71.22
35.186.194.58
35.201.112.186
35.244.174.68
45.60.76.225
88.221.60.75
95.101.111.170
01ec196bf73e983ac57b3769fd71e3fcc07123f0cf6998e2ed095a7a75843e8a
025cc6517481d481a9204fd763b915871854a4d54b9634843020bf30948a0f5f
02a5ffe4365f65acb73ab862a060513d00d3fa2a0a6daa4b38670b4118a852d5
08ebe79e85ad2185d2d6136020e8a5e210b120f18e7f888fa2688b7dc589073d
099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23
0a2898376beb9b74ee46ddde4093f1b5e087a52d8a8019bdbbdd4f091662e01d
0bfe0a14e701c455113de0aa82cbd885a9b996eeded51638699e0edb229d4425
0c909725b0ea7da9994f16e47a4142783410c5aa25cdd7770f85dc61eb8a170c
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d5cc190ab17ffc4216e1bcf25e052261bbdc6a970d037d242dd9099d9e0b14a
0ef4267ef8c1d414d85062c3eca4a02270822af0e4dda820937a4577200d4d76
0f7dfe72f016f723dffc551a4e3c0e17492acd9494d8d8392a53f6223c1eef83
0fd475cdcbac9fea5b027f1a0dff6b1219f334a43498939d85e192854c466df4
11c49b3de0d29902106ba961bfd658b60943ff5a6aebbdb84fb5a71d837f3123
1201de885b688f12d49f204e83fc09ce059ecf797b355e3fae644539a26af244
15799e5551a532f329f20935f7f365968188541c2519369e70b6fed7b4c8f5e5
168ac2a75a081b9b182b5cdcd6fe36bc2f084a0c62875826845d990a681fa4c4
186af15ec062f321fbe5533ad143a258bfd0f985fa0f6d5a7d24d8d59cbb0a06
190c977f5cfffc6ef67ef2bba456e93cd32fd179dfbe76bc066ef943fce85446
1963572eed8be8c97ab280af3062931e628fe06c88f869423ad5c5a2bab0e807
19dacd1b053b27b37690f754cb92fcf60d2ab9e6ae065c8f4d69e914171224ee
1ad7c5088953b625985c922d458e308a91336b424d315635e8f5a2da96bed2eb
1c5a824e76c257d0d80730f8fa5ecd292f868f6d711612225b3e3cffa2335fad
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
20b0ae65f9b8f7bf3638714c157445fa3e0aef502864c93eb550f88f16f55917
23656e9957f57d4dc83395e4d3583e0320990e1274f97c133e2afd39d15a0d39
2423c36666060a11ae7a7bc76fd25db6f7cb003beb5a5d1f6076e01edd9dd000
242961abafaf0f9f71d93dbfef73f3ce3573d1a7eb193c2301916f76295d8f8e
24688043f67a45e79662f6fc9b64ddf8ddccafaf458458fe066db7a1be89d05d
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2953b84b525efe8f1e83cfa4c993ce9b300774552b147acb2d5c17b202f67213
29ddbc7c5ee98f7a9a84f12ed4fac82d97a0127de386353564fee88ebb008125
2ebabe1c299e39a1080c22169799148e969b4f0ad36340ec6aee4b3ed815a7eb
30f890a763ef761e59cf09a86be14e655e72a5231f76b32fd6a0e6114264b329
3172dc80c6e01ee4da30bb7958bea4576ecdb4d450f4a09168e66ffe894d0949
32c64c63b2b52bcc0f6ee7f41e3dc3bae3e9b07f8bbbf84671c318b74f1b77b9
3464f8e3f55a81d8c22945424e15ff1beaee5fe31565564e19ce7b20f900920f
37978492749251dbeab1f130ebbc19a190d4c77887c1d2e919c0830858d8953d
3846421d9c73536b2869ff117ea84f6b0e6b764406b34523836d47d306ae4fed
3a541c75bf614fe95fa5eabbcdaf65811a59e1827df0dba3c5744064a9b4585d
3cce4475cf10e16d044494898f8ea352a7852252609164b9ee0ed7c18fdda7ea
3d225dda4cd22627a45339769c1713dd1b1b012e2a0cd0c45e51c584fde0950e
3dabd756c34ec4ab838c2232c13156e3b8918bf1911b34f206718e9cf6963791
3f9b804bf0a80e939b00167e70064895ce600b862cdd1d0eb8269763bd98dee0
416fca9cbc59fa0b065d0940c8e03a1aebd919693e1edc93d9baee1910e3eb1c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4464fa36b9975d130806709a108eb29b0632a7ff3fd9313551ce28e273b51344
45d5183688616d1f2731c59e3b1330ef5ecd0aeb63c875321fc4a12757e0424a
4715b778c68a28824f2bd8d54e0a761a279d40b71f5def3be36aeabfc014ec45
49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964
4aa93b95025b5dc2c78d84034aed7dffd0c72848d26798748fca9870097ce3c0
4aef0e07111798b1a34d6d447e22b83080f3a0bc3f8cba65a536460121ea4a32
4d3dab569c7b9e24ba3484873769a6b4a34bd3ab4ef6ff53b1c5a5c60f7d5663
513d397da9e7d8bb90ac27ec17e78f9a4c5490a9b506846a42ccecc6503b0ca4
51cc5cc0737cbfcc7c7e35a142af498e9784a6bf6fb14815834d8b934b2319f3
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
572fc3f2622c098a73b18498911c07b22d8246e5513b78704866c8b9b3a6d7cc
5755a49b2a8ced97cc096160b7b822dfe5f0fbe6f03ccc76d3b4b02a6461e046
596f24a4c1ca10df756d9b6293582a99f10d1becd6cbb50f3e8a8c74f4d17505
5ac23e65f56d87a6e399a571e99f008a360d3e8de6fbe3c5de92464ae93d419b
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
5cff80f1e7a1f5a2ec26e2bb7e497e16987c36538a01883101482afabb044fff
5d308f3dc654f14af6a600482f41458efe0667eb639ec7bf7ddd784502b8fd55
5d3a7fd1356e747fac0fbffe52717d1f839d20da639548280999b2efb245c7ed
5d8fc31bf912e9e3fc7f2107ff41f6287a93cbb6414ee4497519a4416616e829
5dc69b358f9db055e7cc13e75cd82bff68f8548a10b5f12d67c0e4682c6f06d4
6010e83fe72ef2cd176adaca67ac9c6e3d9c92a159199eeeaf782a3331f2a0d5
6295b1732dc3969338c1245a75f5bf00276f29e91036e3dd9fdfb603d980b91a
63b6594d3b25f2fb489e20a56dc4134520399bf34380abb0c2a5ae82631f2f0a
63f2f7d564921bcdf8b9a61515863e53070dedb20755e6cf37ad24924a04ff64
65f088faec558ce0131e258fb36accced15a7ab999416312d9d6e58d32569c86
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6c6e1030b23653adf9efc4d7cea424664bb37b95ff72d0cfbc6237806ec676df
6c8d043959c8141f082282f3e70f8ccceec0405e72f60c5dcdbb005e31550107
6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6
6d83cc34a5c6764ba996aecd2fccf2f4e9d1bc272506eb5a0a0f7d9bccc8c7ec
6f2a6ab5d73300a5d6dfdb80988511d6159e3e63a574a7aec57b25d516e9e6cb
6f5e9a23c31da569497ae9c233b3a3176b33da9ecd52caa3b45dea57805a0cf8
6f704a7156ec50c34bba729b656133b6099c5ee960d8271af5f8be8863b91b66
6f718bffcdd41642b71ca3b768a29cdf3584c0cb45941f70105076bb67bd61f6
6f7678f7b01be55f3f8c4d9675f07e8303f1bd076f6852d8c296dbaaac2f0002
705c3290daf1d027804c910e3191f12c0103711c94a5b4c5fcd90e5c06ebcc38
71b1a3e3da3d092a081225f5b6272e4ccfe9b32d81575fb33a015a1a22dbb7d9
720db8ff50e5cf3a5d38c99b3c65ffc8426721384343448e59ee9d8e36e10fc3
75b0b86ee3f9471a0bf00b9865b960f306a530af65be4115cb4b5cfa7bd62b1f
7662f910f71930fd17446eedb1e9670446fb6d6959e51a8049dbd0bad3bc0bd8
76fea9e6dfec1fb360e9e76af8ecb7057cd1f7806ab67555c52a77fdb730079e
77f06ac180bf184778f65c62016b98bcf72c46a07c6b48ae4c3ca61c1d89801a
78949eac36ad0be444962fa0a2885a20503fae47cd999442d301d61a5e4be0bb
7aa92f916531c82fc0110c402faacc2fd5b1e2c0b8bb85448e898f8144a2b7d9
7fd2e4240a153a2c752737589c0edc9833390bfa287647b41f56315ef7b7cd2d
822ccb8b3a94abd89038b6f98547cf568d11f0cd9fcd110e7077b5dc05892198
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8435bb28fa650eaa8b3b37aa761b6bec783644870c0a2c57a23d4de005f0b59e
84753e5282482f8f00338058509c3e3b92da49a91309ed30273975cdce989031
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85d6f3e0d9feacd555fef2eff513390f95de58483cb82f1b15b1053d102c0b9d
85fcd9458c2c585266ac90353442dd2edec3160b65e2e8fd5c5e39cfe9cfd741
8839f56e94b0c1f7beac48413d379f4f9e37a959df8fa7d39044f27161833623
88ce1403cc1906c46cdbaf38a96b3d30842c04fc8c6c93a4e4b0d57cd4f86360
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814
8be60165f00625f3116094377a58246b598c01d24bb7e27d2983733a27e53ff3
8c3da68772482df35780186361a229c8c8e345d85ca905528b8026452387fb1a
8e768be304cb57069ff9e61716ff1dd571e7d88f1dc18f00852a8fda9d0cd22a
924c77f09e3343d5e33569b1bf5d498d26dc31b5ef00b99ea59e89953da42c86
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
93065f7f13b59b43e639a57b95be8d2274039a09a178181be67d96c854ec4a14
952808e318dddbd724fb132a120f6f6ba5ae78434b867d20452f112e480aec2f
96ee59eab1bfbaad9d975ffa1065e65085a86de74b8f78e8a477fed645e6be78
9b2c624a45d0935f9b6a6c34ace88f60da27db9db482ceca3067554f4de19f6b
9b57b00465a54f13df71366f64eafa14ff55b0d5a28ae93b0c1e419f8f7de63b
9db8897dbd0028072dcf9371bcfc8140bf586f1e9e3f6b35baca98a7a3e08a95
9f0a1d965791097cae0ba04a221a2bc3de83f44128f303e0924fd4c586b067dc
a4740e4cdafda4d13475d05cd756f317e9d88fff01e006adcb19ba884ce4ef1b
a54f347a323cc9b7d405444751908944155cdbd50910a3f2e2b2aa73dfe88cb7
a88fa03a7f8faca508e17fe76108c5cb812e152e7af22ab1c9c2c791cbaa924c
a8bf87e9954ff307c0ed5aff9e697455b1e6f85882d395847990883f1276ff16
a9a72654f03de616b6fd58b742dff09a02588726c80f6a1fca5809365b591930
ac63f437d99ab6b64b14d6a8ec86d56269d067448fe958e23aa13464221c0493
ae662bc47f598b1deec34ecd7a9432c766c4db2f2ae8a951fa76336b6c001f85
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b160daffaa522a02b24a9c260a50bc4c5ff7b081162f517fe343255f5d7ac5c2
b43cb8a4c12407c7253b29667f3d47ea80f3d080616d896b546bbba7146802e8
b918b707a508860c2b406f484adeee93cfa42bd84a896744fcd598c1865521f5
bc3eacab2ecefdf1a12c8911d2771b441ba51126a8a825698fa2e1dc66dba1bc
bc880ae1ec3a729f651a2c6aae829de1a1c61c461187730b401018260a172e2b
bd97a1ba1726d0e2dc8aa6e3628a2eb68032b2a3607c4d9239d0bd56b6e75b1e
bdaeb454f34af48fb87d4c74c39d5b7d6c26eb0a3b6dea349e3896634f71ddff
be4288cf3f5721ff4da854fdc5d9574c32ef032248b320fb61554f0be5c14111
c05540d0695ed6129ef63ef5fb8f8528e9ab4fbd49ef3f4052b295a8be077b87
c72c77d9577203f6f39747d43be9ff438e7a2307dcab86f44e1c126abc83b227
caaacfc0b6b5777311b562143269916b0009f7bb44ecdf2486118a9bfdc31e84
caf5734ae4166937cfbc7aeb501797b357daff07085043a0688764b7120c8aea
d0509a71cdb270f4cf7bd1ec96a46c2dfc5a3a8c222360fd7e930d70dbd6cbf7
d1e9b122158ad5d4c0d60b7c0f552dc1392e60dcaf649c3827582bf4319e88f3
d37b4b075815b666679e52c8064db9533be103d107c15f861db348ea48b4865b
d3cfdc0aeea2b41a0bf11c2ed24e615f84abd0d9495e5c66fb328540819b9cb3
d64fa760cba018ba5b8ece319f6d03aa187a23187867dfb61cfe55c789503a05
d749de182c99b390308480b94ea1b08dad2f6a82f6414bf0d4db99a6f0050f81
d7676dcc4877667d730b94c74113c71e02d2aa29c397f6cf2a5308da1457b964
d780ea58706b7a21b1db69f47c3c575c1f952291cc7963ae7ea050e78d1b1e6b
da9761274419298d253f018be249d1b154a78343a894053701aed3b74dd4fe47
dc050003a767b23097b3f9566be0c33c3655ded698e06605e4b6708ee7f7cc15
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddca2fed65acd63744a897327877281b3a9e7de698c5fa1bff889d0c90940be3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ca2c05025cef9c01b466b3d0f40d6064e5fa2da6a2d10230dc9fbc0f523961
e0cd6b0c598bdfc76e7fd1ed5514164b73380299ae62ac3cbcedc678ba5cb790
e1a09602f219fce59e9d50730188a9cb6360b5fd96491ededd3f52f09457f692
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87fdfba924f8be5ac5df3763aa8e84b1b4d813e87b029c343f51fc218c26c28
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bf6a4ee3d2efc3e49a3a705b3b1530ea8a1dd295cf42f18972e3100350ead8
f2562c9a71dd954899c607befc794d81e8353bd20df9b1b8b516f9d140a96641
f505512f270809bc07274043af94b12df1c40a727917863590c288de39b3d9fc
fc4975bd5c8039a43c369b00294f4a971a4a70d94684c71f2f361a9ec24cd4f7
fd0606fc49a674cbb1ef84a9ddf674912de6cf9adee3fe838acfe0de0dede6c5
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe3bc6c1baee7759b08ccf7ac0f1cbcaf7dce2a23da472bba7f6268fd7e94ed0
fed4127db2f052dd15ae8947eab6b8284218919ee5471e1c25e0fc8edcafd329

www.imperva.com Open in urlscan Pro 45.60.76.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

195 Requests

98 %HTTPS

41 %IPv6

25 Domains

35 Subdomains

35 IPs

5 Countries

4961 kBTransfer

8691 kBSize

47 Cookies

25 Outgoing links

Redirected requests

195 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.imperva.com Open in urlscan Pro
45.60.76.225 Public Scan

Screenshot
Live screenshot

Full Image

195
Requests

98 %
HTTPS

41 %
IPv6

25
Domains

35
Subdomains

35
IPs

5
Countries

4961 kB
Transfer

8691 kB
Size

47
Cookies

195 HTTP transactions
1 data transactions