The negative impact of incorrect CSP implementations | Invicti
Tags
| attack-pattern: | Data Domains - T1583.001 Domains - T1584.001 Javascript - T1059.007 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Scripting - T1064 Scripting |
Common Information
| Type | Value |
|---|---|
| UUID | 20aee812-3646-452a-b449-db49bf19df5d |
| Fingerprint | b580891248f11f8c |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 1, 2018, 4:01 p.m. |
| Added to db | Jan. 18, 2023, 11:31 p.m. |
| Last updated | Nov. 18, 2024, 2:36 a.m. |
| Headline | The dangers of incorrect CSP implementations |
| Title | The negative impact of incorrect CSP implementations | Invicti |
| Detected Hints/Tags/Attributes | 48/1/41 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | capture.condenastdigital.com |
|
| Details | Domain | 707 | google.com |
|
| Details | Domain | 15 | google-analytics.com |
|
| Details | Domain | 8 | gstatic.com |
|
| Details | Domain | 6 | googlesyndication.com |
|
| Details | Domain | 10 | blogger.com |
|
| Details | Domain | 18 | googleapis.com |
|
| Details | Domain | 1 | uds.googleusercontent.com |
|
| Details | Domain | 28 | ytimg.com |
|
| Details | Domain | 1 | i18n-cloud.appspot.com |
|
| Details | Domain | 1 | www-onepick-opensocial.googleusercontent.com |
|
| Details | Domain | 1 | www-bloggervideo-opensocial.googleusercontent.com |
|
| Details | Domain | 1 | www-blogger-opensocial.googleusercontent.com |
|
| Details | Domain | 1 | www.blogblog.com |
|
| Details | Domain | 2 | www.victim.com |
|
| Details | Domain | 1 | static.example.com |
|
| Details | Domain | 1 | scripts.example.com |
|
| Details | Domain | 206 | www.example.com |
|
| Details | Domain | 1 | cdn.example.net |
|
| Details | Domain | 39 | example.org |
|
| Details | Domain | 1 | partially-trusted.org |
|
| Details | Domain | 831 | example.com |
|
| Details | Domain | 78 | attacker.com |
|
| Details | File | 1206 | index.php |
|
| Details | File | 1 | bar.js |
|
| Details | File | 62 | script.js |
|
| Details | File | 11 | angular.js |
|
| Details | File | 2 | map.js |
|
| Details | File | 1 | redirectme.php |
|
| Details | File | 2 | bad.js |
|
| Details | File | 365 | console.log |
|
| Details | sha1 | 2 | b92e8649b6cf4886241a3e0825bd36a262b24933 |
|
| Details | sha1 | 1 | b0a48531d5c5eb3f8503430e6d75c83e23b7ae36 |
|
| Details | Url | 1 | https://capture.condenastdigital.com/csp/the-new-yorker |
|
| Details | Url | 1 | https://s.ytimg.com |
|
| Details | Url | 1 | https://i18n-cloud.appspot.com |
|
| Details | Url | 1 | https://www.blogblog.com |
|
| Details | Url | 14 | http://www.example.com |
|
| Details | Url | 1 | https://cdn.example.net |
|
| Details | Url | 1 | http://attacker.com/bad.js |
|
| Details | Url | 1 | http://example.com/map.js |