urlscan.io logo urlscan.io
SecurityTrails logo

kb.pulsesecure.net Open in urlscan Pro
85.222.140.11  Public Scan

Go To Rescan Add Verdict Report
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Submission: On September 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 7 domains to perform 56 HTTP transactions. The main IP is 85.222.140.11, located in United States and belongs to SALESFORCE, US. The main domain is kb.pulsesecure.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 13th 2022. Valid for: a year.
This is the only time kb.pulsesecure.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

39    85.222.140.11 (United States)

ASN14340 (SALESFORCE, US)
PTR: sledge3-fra.slb.sfdcsvc.net
kb.pulsesecure.net
1    2606:4700:20::681a:327 (United States)

ASN13335 (CLOUDFLARENET, US)
www.pulsesecure.net
6    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    35.170.137.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-137-104.compute-1.amazonaws.com
pulsesecure.satmetrix.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
developers.google.com
1    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2a00:1450:4001:82f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
2    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
Apex Domain
Subdomains		 Transfer
40 pulsesecure.net
kb.pulsesecure.net
www.pulsesecure.net — Cisco Umbrella Rank: 704228
997 KB
9 google.com
apis.google.com — Cisco Umbrella Rank: 98
developers.google.com — Cisco Umbrella Rank: 10919
accounts.google.com — Cisco Umbrella Rank: 77
130 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 748
142 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 290
17 KB
1 gstatic.com
ssl.gstatic.com
5 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
17 KB
1 satmetrix.com
pulsesecure.satmetrix.com
7 KB
56 7
Domain Requested by
39 kb.pulsesecure.net kb.pulsesecure.net
6 apis.google.com 1 redirects kb.pulsesecure.net
apis.google.com
accounts.google.com
2 static.xx.fbcdn.net www.facebook.com
2 accounts.google.com apis.google.com
kb.pulsesecure.net
2 ssl.google-analytics.com kb.pulsesecure.net
1 ssl.gstatic.com accounts.google.com
1 www.facebook.com kb.pulsesecure.net
1 developers.google.com apis.google.com
1 pulsesecure.satmetrix.com kb.pulsesecure.net
1 www.pulsesecure.net kb.pulsesecure.net
56 10

This site contains links to these domains. Also see Links.

Domain
twitter.com
portswigger.net
Subject Issuer Validity Valid
kb.pulsesecure.net
Go Daddy Secure Certificate Authority - G2		 2022-05-13 -
2023-06-14		 a year crt.sh
*.pulsesecure.net
E1		 2022-09-19 -
2022-12-18		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.satmetrix.com
Sectigo RSA Organization Validation Secure Server CA		 2022-08-22 -
2023-09-22		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-07 -
2022-10-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Frame ID: BAF913CAB02A2A132308A772FD39D03E
Requests: 46 HTTP requests in this frame

Frame: https://developers.google.com/
Frame ID: 3AE14004F8B925F70D197CF19962836B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=139593179453028&href=https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack&send=false&layout=button_count&width=54&show_faces=false&action=like&colorscheme=light&height=24
Frame ID: 1C25A3BD7DBA184C12FFE0FEF4F6548F
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkb.pulsesecure.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: B8ADB6C3F1B2AF3A38CEDED6C836E692
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pulse Security Advisory: SA45476 - Client Side Desync Attack (Informational)

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

98 %
HTTPS

80 %
IPv6

7
Domains

10
Subdomains

11
IPs

4
Countries

1315 kB
Transfer

5361 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&count=true&size=small&origin=https%3A%2F%2Fkb.pulsesecure.net&url=https%3A%2F%2Fkb.pulsesecure.net%2Farticles%2FPulse_Security_Advisories%2FClient-Side-Desync-Attack%2F%3FkA23Z000000GH59&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__ HTTP 301
  • https://developers.google.com/

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/ 		216 KB
128 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge / Salesforce.com ApexPages
Resource Hash
8b202ad0f5aa81f72fe56b9d4db20f9d5ab63a718cd97dbafcc10a9bccc6ab99
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Tue, 27 Sep 2022 16:35:53 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
CP="CUR OTR STA"
Server
sfdcedge
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-FRAME-OPTIONS
SAMEORIGIN
X-Powered-By
Salesforce.com ApexPages
X-SFDC-Request-Id
8e529d5a0523c6f15d9897abb1391a05
X-XSS-Protection
0
stub.js
kb.pulsesecure.net/static/111213/js/perf/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/static/111213/js/perf/stub.js
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Dec 2014 19:28:42 GMT
Server
sfdcedge
X-SFDC-Request-Id
537f8578a3fa73ba47d0e3bcf54dfcfb
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Wed, 25 Jan 2023 09:33:02 GMT
3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript
kb.pulsesecure.net/faces/a4j/g/ 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1663618999000
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
e2caeb89b440c1260fd3105e4b1474666ee12ae51636e9464a962c9357043cb6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Sep 2022 02:42:38 GMT
Server
sfdcedge
X-SFDC-Request-Id
32957efebb1acc883582de07eb039db4
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/javascript
Cache-Control
private,max-age=3888000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Length
19446
Expires
Fri, 11 Nov 2022 16:35:54 GMT
eAFzNbn668Lel7cBFaAFmg__
kb.pulsesecure.net/faces/a4j/s/3_3_3.Finalorg/richfaces/renderkit/html/css/table.xcss/DATB/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/faces/a4j/s/3_3_3.Finalorg/richfaces/renderkit/html/css/table.xcss/DATB/eAFzNbn668Lel7cBFaAFmg__
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
df8a224bfeafbe6e4e2b354a3a64a6531c4c35de1d6eedd39625165fe43f5219
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:53 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Sep 2022 02:24:56 GMT
Server
sfdcedge
X-SFDC-Request-Id
1436036d3198d0d6a08e129c9a50f4e5
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css
Cache-Control
private,max-age=3888000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Length
610
Expires
Fri, 11 Nov 2022 16:35:53 GMT
functions.js
kb.pulsesecure.net/static/111213/js/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/static/111213/js/functions.js
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
10a45d9c8050a745d63519ba2782511020978010f7f980c14c4db261ae17a506
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Sep 2018 01:08:08 GMT
Server
sfdcedge
X-SFDC-Request-Id
089c163efb7e09ffb26c35a24e4c7525
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Wed, 25 Jan 2023 16:10:58 GMT
main.js
kb.pulsesecure.net/jslibrary/1646649014238/sfdc/ 		858 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/jslibrary/1646649014238/sfdc/main.js
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
3cb66eb5534fc7bd819fcf913bb086beb15ec2d2f5d8934cc9e2a19701673203
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 21:34:52 GMT
Server
sfdcedge
X-SFDC-Request-Id
615b24b401da884344d8fc85ceb9e982
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Wed, 25 Jan 2023 13:54:46 GMT
en_US.js
kb.pulsesecure.net/jslibrary/jslabels/1663623284000/ 		224 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/jslibrary/jslabels/1663623284000/en_US.js
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
fcaa28c051d0b0224ee162003b7b607c65e37a0c83adae041d121454417004d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 21:34:44 GMT
Server
sfdcedge
X-SFDC-Request-Id
58374beda8e44b0179391b71624468c3
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/javascript;charset=UTF-8
Expires
Fri, 11 Nov 2022 13:42:44 GMT
desktopAjax.js
kb.pulsesecure.net/static/111213/desktop/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/static/111213/desktop/desktopAjax.js
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
2ae9edda35d97cbd39d1b0b16c784f37a09d4da155969b0b6087d41c57579869
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Jan 2012 20:29:10 GMT
Server
sfdcedge
X-SFDC-Request-Id
2580f37ce5057565dd808c3e33d02104
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Wed, 25 Jan 2023 16:10:58 GMT
picklist4.js
kb.pulsesecure.net/static/111213/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/static/111213/js/picklist4.js
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
7da058a4e1bd6368be16eb513d108c61e9016968c859b28bc24ac2629e401773
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Sep 2018 01:08:08 GMT
Server
sfdcedge
X-SFDC-Request-Id
727bbd4dc752b5dcec9ce8d485e3d729
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Wed, 25 Jan 2023 16:35:54 GMT
InternalDialogs.js
kb.pulsesecure.net/jslibrary/1635874030238/sfdc/ 		989 B
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/jslibrary/1635874030238/sfdc/InternalDialogs.js
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
76105d94db8ec2d78eae1289b7ff1e6157f8410c3d9509dfeb96ef1b93b17973
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 21:34:50 GMT
Server
sfdcedge
X-SFDC-Request-Id
56234f46f042eb8876ef5a3b1f5f14e5
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Wed, 25 Jan 2023 16:35:54 GMT
forcesniffer
kb.pulsesecure.net/resource/1459181543000/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/resource/1459181543000/forcesniffer
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
62033df680552a8de8429f30817cbd259a9b4f26061964a07339c79bc30d1e7b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Mar 2016 16:12:23 GMT
Server
sfdcedge
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
17b66f20d233c5e322980d9c23d27261
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/x-javascript
Content-Length
851
X-XSS-Protection
0
Expires
Fri, 11 Nov 2022 16:25:27 GMT
VFState.js
kb.pulsesecure.net/jslibrary/1635874030238/sfdc/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/jslibrary/1635874030238/sfdc/VFState.js
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
9ed858d6c2cf2798f74f21dcbcd5f8528df9ae12ec15e7d5f246a3b3b592e8d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 21:34:52 GMT
Server
sfdcedge
X-SFDC-Request-Id
160f11835217c044cdd9474f504f3828
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Wed, 25 Jan 2023 14:29:05 GMT
ext.js
kb.pulsesecure.net/EXT/ext-3.3.3/ 		728 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/EXT/ext-3.3.3/ext.js
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
c1d334a690bee1fcede977f9bcb97584f35f11b096d6a922d6160847de022fec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Mar 2015 21:32:14 GMT
Server
sfdcedge
X-SFDC-Request-Id
abca756d42e9eab67ee21160d124eb06
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Wed, 25 Jan 2023 16:35:54 GMT
Knowledge.js
kb.pulsesecure.net/jslibrary/1635874030238/sfdc/ 		147 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/jslibrary/1635874030238/sfdc/Knowledge.js
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
b8e802aa98c1fb6887fc4dcc07311fe1ba21abd51991b18266057ab8b6959a9e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 21:34:50 GMT
Server
sfdcedge
X-SFDC-Request-Id
f88d3d8571929a13dcadde09db8256c7
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Wed, 25 Jan 2023 16:04:24 GMT
zen-componentsCompatible.css
kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/ 		47 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/zen-componentsCompatible.css
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
289e7b81fedb81dc4f639d186183e024e0b6a2f307ce6dc895e1207e96887519
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jul 2022 18:30:12 GMT
Server
sfdcedge
X-SFDC-Request-Id
54bbd736c819ad8df62ca3bb69e0989d
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
private,max-age=3888000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Content-Length
8666
Expires
Fri, 11 Nov 2022 16:35:53 GMT
elements.css
kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/elements.css
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
724b779f5a6b56f9cbb1762cb5c55662117c3e58ff44a51b4f96288415d6a699
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jul 2022 18:30:12 GMT
Server
sfdcedge
X-SFDC-Request-Id
169e0b92d94d77ceb17de8dc75e501ea
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
private,max-age=3888000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Content-Length
7172
Expires
Fri, 11 Nov 2022 16:35:53 GMT
common.css
kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/ 		206 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/common.css
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
83286a77685480bcc4d7bfb69c1214180405d7ad2932fda55bfd14e828553d27
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jul 2022 18:30:12 GMT
Server
sfdcedge
X-SFDC-Request-Id
4bab1b71a78ac851713746c146c7eea0
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
private,max-age=3888000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Expires
Fri, 11 Nov 2022 16:35:53 GMT
dStandard.css
kb.pulsesecure.net/sCSS/55.0/sprites/1660248136000/Theme3/gc/ 		1 MB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/sCSS/55.0/sprites/1660248136000/Theme3/gc/dStandard.css
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
a8864ce13abbf923efdaf60533db6dcc3025db283e5a9704e2a90c153a687072
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Aug 2022 20:02:16 GMT
Server
sfdcedge
X-SFDC-Request-Id
7aa3ac463b80ed64dba84ee9de1fdc92
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
private,max-age=3888000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Expires
Fri, 11 Nov 2022 16:35:53 GMT
dCustom0.css
kb.pulsesecure.net/sCSS/55.0/sprites/1660248136000/Theme3/00Dj0000000JY1U/005j000000CM6F0/gc/ 		79 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/sCSS/55.0/sprites/1660248136000/Theme3/00Dj0000000JY1U/005j000000CM6F0/gc/dCustom0.css
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
d1e129686801850312c4fcf49ed37c296370b3a42d866f5bf5d49c249b815bf0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Aug 2022 20:02:16 GMT
Server
sfdcedge
X-SFDC-Request-Id
45d83f0f0ffc6174510fe2d114655557
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
private,max-age=3888000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Content-Length
6680
Expires
Fri, 11 Nov 2022 16:35:53 GMT
dCustom1.css
kb.pulsesecure.net/sCSS/55.0/sprites/1660248136000/Theme3/00Dj0000000JY1U/005j000000CM6F0/gc/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/sCSS/55.0/sprites/1660248136000/Theme3/00Dj0000000JY1U/005j000000CM6F0/gc/dCustom1.css
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
80c5873ec96999440914c1dd2c62d5fdb339f2011a8d3913e4226f5fa7376a85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Aug 2022 20:02:16 GMT
Server
sfdcedge
X-SFDC-Request-Id
59f9850e5d76b8a16817a9743e4e29e3
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
private,max-age=3888000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Content-Length
1546
Expires
Fri, 11 Nov 2022 16:35:53 GMT
extended.css
kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/ 		90 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/extended.css
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
96babbdcbe86bc969e21ce6cf7f7cef0d45d7887934b01684155eeef57939d85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jul 2022 18:30:12 GMT
Server
sfdcedge
X-SFDC-Request-Id
843061738b831f66a5fe57789a58f438
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
private,max-age=3888000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Content-Length
17323
Expires
Fri, 11 Nov 2022 16:35:53 GMT
setup.css
kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/ 		26 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/setup.css
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
bbb4b32c2a0c64792ca923928138453f21fd235ec20e0532bab61e64a34b1503
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jul 2022 18:30:12 GMT
Server
sfdcedge
X-SFDC-Request-Id
60e68a61e2ef7e202bb54bf5c1b140f1
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
private,max-age=3888000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Content-Length
6411
Expires
Fri, 11 Nov 2022 16:35:54 GMT
ext-all-notheme.css
kb.pulsesecure.net/EXT/ext-3.3.3/resources/css/ 		80 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/EXT/ext-3.3.3/resources/css/ext-all-notheme.css
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
10c358ac0db30cf0788fe437ce41ec34b188f94509ecb17bb45bcc614f5da619
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Apr 2012 17:30:36 GMT
Server
sfdcedge
X-SFDC-Request-Id
78abbb906a29ff988307a1be4dec5f02
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Wed, 25 Jan 2023 02:30:00 GMT
ExtCSS-SFDC.css
kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/ 		43 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/ExtCSS-SFDC.css
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
c81d4039c271676b51f6caa1a2b1255abcbda0a215408b7692168029b8b11a55
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jul 2022 18:30:12 GMT
Server
sfdcedge
X-SFDC-Request-Id
1000efef00a310b62827fd2c02da581e
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
private,max-age=3888000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Content-Length
6980
Expires
Fri, 11 Nov 2022 16:35:54 GMT
knowledge.css
kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/knowledge.css
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
4b555989a13d0be05d4968e30c8b49b9747e7a8f944394360bcfa34377bb4dcb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jul 2022 18:30:12 GMT
Server
sfdcedge
X-SFDC-Request-Id
d5fd69f2efa955d834914bb9109ad796
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
private,max-age=3888000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Content-Length
4516
Expires
Fri, 11 Nov 2022 16:35:53 GMT
knowledgeHome.css
kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/knowledgeHome.css
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
6a44aec44976c7a726d7be591b8bb8b542c808d84ad0dc83f4e0715182bb3413
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jul 2022 18:30:12 GMT
Server
sfdcedge
X-SFDC-Request-Id
dbd767730c3b98afc11ece4adcd21558
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
private,max-age=3888000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Content-Length
2296
Expires
Fri, 11 Nov 2022 16:35:53 GMT
NetworkTracking.js
kb.pulsesecure.net/jslibrary/1647410350238/sfdc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/jslibrary/1647410350238/sfdc/NetworkTracking.js
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
d1d7fb6c349a1fe4910a2de362836654baa46a4df1756af9c6624be3039e9d73
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 21:34:50 GMT
Server
sfdcedge
X-SFDC-Request-Id
775c1afd61c650399b129629229f80ab
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Wed, 25 Jan 2023 14:58:48 GMT
pkb_jquery_1_6_2
kb.pulsesecure.net/resource/1436817666000/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/resource/1436817666000/pkb_jquery_1_6_2
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Jul 2015 20:01:06 GMT
Server
sfdcedge
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
0dbf19895d71b39561d51f469ee22640
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/x-javascript
Content-Length
32111
X-XSS-Protection
0
Expires
Fri, 11 Nov 2022 16:35:54 GMT
pkb_jquery_simplemodal_1_4_1
kb.pulsesecure.net/resource/1436817666000/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kb.pulsesecure.net/resource/1436817666000/pkb_jquery_simplemodal_1_4_1
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
70b5a6613f03d3c015d826185e39839e6dbc2d03871f151bafbed5cc58503f69
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Jul 2015 20:01:06 GMT
Server
sfdcedge
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
ab547195229e1c746122270f6a95bee2
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/x-javascript
Content-Length
3037
X-XSS-Protection
0
Expires
Fri, 11 Nov 2022 16:35:54 GMT
logo.png
www.pulsesecure.net/base/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pulsesecure.net/base/images/logo.png
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:327 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9d6bd170a4388cf6d72df87ac5a4b7a9da39c1f5b9c4e778796181fba9a9de
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ivanti.com *.ivanti.com.cn *.ivanti.co.jp *.ivanti.de *.ivanti.fr
Strict-Transport-Security max-age=31622400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 16:35:55 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
content-length
20547
last-modified
Thu, 20 Jul 2017 23:49:06 GMT
server
cloudflare
etag
"100081-5043-554c864ddc080"
strict-transport-security
max-age=31622400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJjqPsHQANViAn2NiajBQ6A0H%2FCQmUms537jKSUlviH%2Fh2%2B4hbZVQbiPBZqKVVuywM7vYB9iGpyB2JfC8qii0XRvqz8YAVrEkFUklLFbAez9KDv8BlKrYjCGbZJClXlLUJ6ykOjw4jMR6tt658YaCr8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=3600
content-security-policy
frame-ancestors 'self' *.ivanti.com *.ivanti.com.cn *.ivanti.co.jp *.ivanti.de *.ivanti.fr
accept-ranges
bytes
cf-ray
7515a7bb5c0a91f6-FRA
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d94a090aaa1d4e8ff711a478d0c1bc1a91f0d196503683ead7308f88c048b1e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Tue, 27 Sep 2022 16:35:54 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"77de80bac492065f"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 16:35:54 GMT
rss.png
kb.pulsesecure.net/resource/1436817666000/pkb_icons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb.pulsesecure.net/resource/1436817666000/pkb_icons/rss.png
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
f45539fc7c2316dfd9b33fb8670dc44eb297001a67bd5be1c933660a06dff763
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:55 GMT
Last-Modified
Mon, 13 Jul 2015 20:01:06 GMT
Server
sfdcedge
X-SFDC-Request-Id
55a756151200b11186cc588d3844a517
X-FRAME-OPTIONS
SAMEORIGIN
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/png
Content-Length
6684
X-XSS-Protection
0
Expires
Fri, 11 Nov 2022 13:42:45 GMT
twitter.png
kb.pulsesecure.net/resource/1436817666000/pkb_icons/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb.pulsesecure.net/resource/1436817666000/pkb_icons/twitter.png
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
cb1d4c2847c8477d274518ea1effd27e35b7ea6eaf66e0e00afa469fc37b9a2b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:55 GMT
Last-Modified
Mon, 13 Jul 2015 20:01:06 GMT
Server
sfdcedge
X-SFDC-Request-Id
b85a86e0b483323b8454df2b54f78559
X-FRAME-OPTIONS
SAMEORIGIN
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/png
Content-Length
6519
X-XSS-Protection
0
Expires
Fri, 11 Nov 2022 16:25:27 GMT
print.png
kb.pulsesecure.net/resource/1436817666000/pkb_icons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb.pulsesecure.net/resource/1436817666000/pkb_icons/print.png
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
5e2dd554d0dbd8be01cf294b0e4609e9aeb35c749ff6c4bb30b3ba90b6251366
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:55 GMT
Last-Modified
Mon, 13 Jul 2015 20:01:06 GMT
Server
sfdcedge
X-SFDC-Request-Id
ac6f602de38336530d56268c29d49650
X-FRAME-OPTIONS
SAMEORIGIN
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/png
Content-Length
6717
X-XSS-Protection
0
Expires
Fri, 11 Nov 2022 16:35:55 GMT
email.png
kb.pulsesecure.net/resource/1436817666000/pkb_icons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb.pulsesecure.net/resource/1436817666000/pkb_icons/email.png
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
b038f2a79dabc38a3d29075be0e5609f8eb4789022b74c3c1b6eff84ef0e38a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:55 GMT
Last-Modified
Mon, 13 Jul 2015 20:01:06 GMT
Server
sfdcedge
X-SFDC-Request-Id
78c6d6a4e7656d6abd133b00aa8f35a7
X-FRAME-OPTIONS
SAMEORIGIN
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/png
Content-Length
6781
X-XSS-Protection
0
Expires
Fri, 11 Nov 2022 15:41:39 GMT
s.gif
kb.pulsesecure.net/img/ 		43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb.pulsesecure.net/img/s.gif
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:55 GMT
Last-Modified
Wed, 25 Jan 2006 02:03:00 GMT
Server
sfdcedge
X-SFDC-Request-Id
9a6c8fd57b75e72055a7fef04bd77c1a
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/gif
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 25 Jan 2023 16:35:55 GMT
pkb_loadingdots
kb.pulsesecure.net/resource/1436817666000/ 		514 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb.pulsesecure.net/resource/1436817666000/pkb_loadingdots
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
8db60c6d616c234b70b7b94fb9342347ceed9328e96e229fd8bdd60338492dcb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:55 GMT
Last-Modified
Mon, 13 Jul 2015 20:01:06 GMT
Server
sfdcedge
X-SFDC-Request-Id
4f488d5db18b21b4403528383e2f34cf
X-FRAME-OPTIONS
SAMEORIGIN
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/gif
Content-Length
514
X-XSS-Protection
0
Expires
Fri, 11 Nov 2022 04:05:40 GMT
popupsurvey_pulsesecure_150377_8506.js
pulsesecure.satmetrix.com/satmetrix/enterprise/pulsesecure/app/cx/resources/datacollection/pulsesecure_150377/popup/pulsesecure_150377_8506/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pulsesecure.satmetrix.com/satmetrix/enterprise/pulsesecure/app/cx/resources/datacollection/pulsesecure_150377/popup/pulsesecure_150377_8506/popupsurvey_pulsesecure_150377_8506.js?a=1664296555247
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.137.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-137-104.compute-1.amazonaws.com
Software
Apache /
Resource Hash
58f10b5e78c83cfd2f48efad0d8db0c7488165de8cd14a3b8c16c3d9d6f78579
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.satmetrix.com *.whatfix.com *.desk.com *.google-analytics.com connect.facebook.net js.stripe.com; style-src 'self' 'unsafe-inline' *.satmetrix.com *.desk.com fonts.googleapis.com *.google-analytics.com connect.facebook.net *.facebook.com; object-src 'self'; media-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 16:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Sep 2019 20:40:08 GMT
server
Apache
etag
"681e-591d453d20f5b-gzip"
vary
Accept-Encoding
content-type
text/javascript
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.satmetrix.com *.whatfix.com *.desk.com *.google-analytics.com connect.facebook.net js.stripe.com; style-src 'self' 'unsafe-inline' *.satmetrix.com *.desk.com fonts.googleapis.com *.google-analytics.com connect.facebook.net *.facebook.com; object-src 'self'; media-src 'self' blob:
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
6368
x-xss-protection
1; mode=block
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a877d18de61f68a6bf3f8240fa730e23e2d80ffbc4b5e1293e5697dc6a585d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 12:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51176
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Sep 2023 12:58:55 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a26e0ef1a9127e2334ff49ab0edfc68dd41ef01379a478a419e1641ded4f2ee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 12:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34614
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Sep 2023 12:58:55 GMT
/
developers.google.com/ Frame 3AE1
Redirect Chain
  • https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&count=true&size=small&origin=https%3A%2F%2Fkb.pulsesecure.net&url=https%3A%2F%2Fkb.pulsesecure.net%2Farticles%2FPulse_Security_Advisories%...
  • https://developers.google.com/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://developers.google.com/
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-MPF/Boz2J2rcVSYhz+IoM3xVASIJFk' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://kb.pulsesecure.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
22496
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-MPF/Boz2J2rcVSYhz+IoM3xVASIJFk' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
content-type
text/html; charset=utf-8
date
Tue, 27 Sep 2022 16:35:55 GMT
expires
0
last-modified
Fri, 23 Sep 2022 00:53:33 GMT
pragma
no-cache
server
Google Frontend
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-cloud-trace-context
7969d45526626e7c8a463c6527d2b6de
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1800
content-length
226
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 16:35:55 GMT
expires
Tue, 27 Sep 2022 17:05:55 GMT
location
http://developers.google.com/
server
sffe
x-content-type-options
nosniff
x-xss-protection
0
like.php
www.facebook.com/plugins/ Frame 1C25 		46 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?app_id=139593179453028&href=https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack&send=false&layout=button_count&width=54&show_faces=false&action=like&colorscheme=light&height=24
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
05802c8951ece83e8e0859a1dae7c9a1e6cf40d79ba01f05a02e7f7042177c63
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kb.pulsesecure.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Tue, 27 Sep 2022 16:35:55 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
A2Lfz52erkNWAq7DpqvAod1VQQP5nbDyv/XagDwA8+qIutVzGC2f3XtQKCLeLsrU4QXUsH9NVUXifdpMs3Wk4A==
x-fb-rlafr
0
x-xss-protection
0
pkb_reset_icon
kb.pulsesecure.net/resource/1436817666000/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb.pulsesecure.net/resource/1436817666000/pkb_reset_icon
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
2eea5f38a5c2b899bc7605cef7407c56a3f49dc6143f4533a8628020a319752b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:55 GMT
Last-Modified
Mon, 13 Jul 2015 20:01:06 GMT
Server
sfdcedge
X-SFDC-Request-Id
713f6314cf7c8093453e40a000fe5114
X-FRAME-OPTIONS
SAMEORIGIN
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/png
Content-Length
1507
X-XSS-Protection
0
Expires
Fri, 11 Nov 2022 13:42:45 GMT
btnlrg_sprite.png
kb.pulsesecure.net/resource/1436817667000/pkb_sprites/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb.pulsesecure.net/resource/1436817667000/pkb_sprites/btnlrg_sprite.png
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
8e6dac18b3a3480fbb3a0c3cd1b19711408f8a31ddaf83a3aaa3d195351188f7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:55 GMT
Last-Modified
Mon, 13 Jul 2015 20:01:07 GMT
Server
sfdcedge
X-SFDC-Request-Id
de8167b04919e5667b6eb67b1b1cd935
X-FRAME-OPTIONS
SAMEORIGIN
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/png
Content-Length
1314
X-XSS-Protection
0
Expires
Fri, 11 Nov 2022 16:07:47 GMT
pkb_search_icon
kb.pulsesecure.net/resource/1436817667000/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb.pulsesecure.net/resource/1436817667000/pkb_search_icon
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
73a2c2d74eef77be2af1e4a1488e54d8bf75d6a106ee871c44330012496267b1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:55 GMT
Last-Modified
Mon, 13 Jul 2015 20:01:07 GMT
Server
sfdcedge
X-SFDC-Request-Id
d03e71a34582cb262bfaedc0d23fe89d
X-FRAME-OPTIONS
SAMEORIGIN
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/png
Content-Length
1227
X-XSS-Protection
0
Expires
Fri, 11 Nov 2022 13:42:45 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kb.pulsesecure.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
852
date
Tue, 27 Sep 2022 16:21:43 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 27 Sep 2022 18:21:43 GMT
btn_sprite.png
kb.pulsesecure.net/img/alohaSkin/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb.pulsesecure.net/img/alohaSkin/btn_sprite.png
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/extended.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
86b9b9c9eca30d078fb0e8428c307eef3ad91486870c479430c95df15ac53446
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/sCSS/55.0/sprites/1658428212000/Theme3/default/gc/extended.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 16:35:55 GMT
Last-Modified
Sun, 30 Jun 2019 07:17:12 GMT
Server
sfdcedge
X-SFDC-Request-Id
1ac32966ba94e49994545c3dc01fd650
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/png
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 25 Jan 2023 16:35:55 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame B8AD 		566 B
905 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkb.pulsesecure.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_1?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
34b42f312b7d85725544c00ecab7adeb9ab8a2a08b9f7b236ed8238677cf6785
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-WKc1yzfMqbINmIPhI1B6vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kb.pulsesecure.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-WKc1yzfMqbINmIPhI1B6vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type
text/html; charset=utf-8
date
Tue, 27 Sep 2022 16:35:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=27415456&utmhn=kb.pulsesecure.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pulse%20Security%20Advisory%3A%20SA45476%20-%20Client%20Side%20Desync%20Attack%20(Informational)&utmhid=804578028&utmr=-&utmp=%2Farticles%2FPulse_Security_Advisories%2FClient-Side-Desync-Attack%2F%3FkA23Z000000GH59&utmht=1664296555431&utmac=UA-101100098-1&utmcc=__utma%3D1.1268929754.1664296555.1664296555.1664296555.1%3B%2B__utmz%3D1.1664296555.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1636430862&utmredir=1&utmu=DkAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kb.pulsesecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 16:35:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cspreport
accounts.google.com/o/ Frame B8AD 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/cspreport
Requested by
Host: kb.pulsesecure.net
URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-sVUr5F81dlvUULDidhDAHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkb.pulsesecure.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 16:35:55 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-sVUr5F81dlvUULDidhDAHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
1832714284-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame B8AD 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkb.pulsesecure.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 04:23:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4294
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 22:13:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Sep 2023 04:23:56 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame B8AD 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkb.pulsesecure.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37c17edf80fabbc76d036b590d606606b15c288f699ba5adf91b8e6b5713b4f5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5573
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Tue, 27 Sep 2022 16:35:55 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"7759e2b79382a50e"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 16:35:55 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 1C25 		299 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=139593179453028&href=https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack&send=false&layout=button_count&width=54&show_faces=false&action=like&colorscheme=light&height=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 16:35:55 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
dB04cvFCTtoMs0b2XvbxOuQ3MUozTZb1ebzj1aeXeDyYj1XYPq+w6wjvY2TzszgCmqOirlqjYSHzSWc6qemqxw==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 21 Sep 2023 23:40:34 GMT
3QeeR4aGaul.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yo/l/de_DE/ Frame 1C25 		569 KB
141 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yo/l/de_DE/3QeeR4aGaul.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=139593179453028&href=https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack&send=false&layout=button_count&width=54&show_faces=false&action=like&colorscheme=light&height=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e7a6106baeec93b5492779635b06108d1624cf0be9e651a00f804373fa3f63e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 16:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uOAC5yZvlJ2D3CZ7kwXtxg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
144263
x-fb-rlafr
0
x-fb-debug
jmAmJKtwZ6a3NP8HtfJHTouQ3d06kuSVnIJnESXZlhEyQJVHbloUw/X5KwBFLoB8+tJechUOu02QI6H8qENqMA==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Sep 2023 03:32:56 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ Frame B8AD 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5ab8114a8f3c8ecf0d6b44be95280e11dff043811a96067a19b223d167241a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 12:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19062
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Sep 2023 12:58:56 GMT

Verdicts & Comments Add Verdict or Comment

1032 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| PerfConstants object| PerfLogLevel object| Perf function| Sarissa undefined| x undefined| _SARISSA_DOM_PROGID undefined| _SARISSA_XMLHTTP_PROGID undefined| _SARISSA_DOM_XMLWRITER undefined| importTable object| A4J function| _sarissa_XMLDocument_onload object| LOG object| RichFaces function| copyInnerHTML function| listProperties function| getLocalOffsetTop function| getLocalOffsetLeft function| getLocalOffset function| makeAjaxRequest function| getElementsByClassName function| getLoginCookieValue function| assureInt boolean| isIE boolean| isIE5 boolean| isIE7 boolean| isOpera boolean| isSafari boolean| isFirefox boolean| isNetscape undefined| lastMouseX undefined| lastMouseY object| curPopupWindow object| closeOnParentUnloadWindow object| helpWindow object| win boolean| editPage string| currentEntityId string| currentEntityId2 string| picklistNAMarker number| encryptionHeaderBytes number| encryptionIVSize number| encryptionEndControlBytes number| encryptionAESBlockSize function| EventData object| eventRegistry function| addEvent function| removeEvent function| cleanupEvents function| mouseExited function| getEvent function| getEventTarget function| getEventToElement function| eventCancelBubble boolean| beenFocused object| focusedElement object| textAreaTimer function| markFocused function| trackFocused function| reFocus function| setEntityInformation function| setLastMousePosition function| openClickout function| openClickoutWithSize function| openIntegration function| openPopup function| openPopupFocusEscapePounds function| openPopupFocus function| openPopupFocusWithOffset undefined| closetimer boolean| ie9 function| closePopupOnBodyFocus function| closePopup object| modalWindow function| ignoreModalEvents function| handleModalFocus function| invokeResultFunc function| openPopupModal undefined| clickedLink undefined| warningText function| confirmPopup function| openLookup function| pick function| pickSubmit function| hiddenOrDisabled function| hiddenOrDisabledOrReadOnly function| pickcolor function| comboBoxPick function| attachEventToElement function| navWithToken function| navigateToUrl function| hitUrl function| doLookupPick function| lookupPick function| lookupPick2 function| searchEntityTwo function| lookupPhonePick function| setFocusOnLoad function| elementFocus function| elementSelect function| setFocus function| setNamedFocus function| formatPhoneOnEnter function| formatPhone function| clearcols function| setcols function| setUsername function| setAlias function| popWin function| popWin2 function| adminWin function| printWin function| moveSelectElement3 function| sortOrderNumeric function| sortOrderNumericReverse function| moveSelectElementIds function| moveOption function| removeSelectElement3 function| moveUp function| moveDown function| moveTop function| moveBottom function| saveAllSelected function| ddChangeAllElements function| ddElementChange function| ddRadioClicked function| openwizard function| openwizard2 function| escapeUTF function| openRefer function| changeOpenerWindowLocation function| verifyUnderLimit function| verifyChecked function| verifyCheckedByPrefix function| verifySingleCheckedByPrefix function| verifyCheckedWarning function| submitFormActionURL function| updateToggleAllBox function| toggleAddRemoveButtons function| allChecked function| anyChecked function| SelectChecked function| SelectAllOrNoneByCheckbox function| loader function| handleSelectAllNoneCheckboxClick function| getObjX function| getObjY function| getScrollX function| getScrollY function| getMouseX function| getMouseY function| getSrcElement function| ltrim function| rtrim function| trim function| escapeHTML function| unescapeHTML function| unescapeJsInHtml function| unescapeXML function| isValidEmail function| isValidDomain function| setCookie function| getCookie function| deleteCookie function| addTwistCookie function| handleTextAreaElementChange function| handleTextAreaElementChangeWithByteCheck undefined| filterLookupValueElem function| openFilterLookupWindow function| submitCalcAgg function| finishValidCalcAgg object| calcagg_params function| clearCalcAgg function| deleteCalcAgg function| copyCalcaggParams function| getIframeContents function| adjustIFrameSize function| showTextStateField function| showPicklistStateField function| showStateListForCountry function| scaleImage function| refreshWizardPage function| getOffsetLeft function| getWindowWidth function| getWindowHeight function| getScrollTop function| getScrollLeft function| hasStyleClass function| addStyleClass function| delStyleClass function| hiOn function| hiOff function| toggleVis function| toggleVisWithPositionAbsolute function| setVis function| toggleVisWIframe function| formatMessage function| highlightToc function| loadToc function| deepCopy function| borrowForm function| toggleRow function| setRowVis function| toggleDisplay function| toggleDisplayWithDisplayType function| getElementsByNameCS function| getElementByIdCS function| getElementByIdCSWithDoc function| dashify function| getCurrentStyle function| copyAddr function| showMoreList function| callRelatedListAction function| setElementsEnabledBasedOnCheckbox function| stripDomainFromUrl function| bodyOnFocus object| InlineEditState object| ColumnType object| ZenCss object| UiSkin object| QueryOperator object| LayoutItemTypeEnum object| AbstractAutoCompleteServlet object| AccountAssociationSuggestionsServlet object| Activity object| ActivityPage object| ActivityReminderConstants object| ActivityReminderPage object| ActivityReminderRefreshPage object| ActivityUi object| AddRulesToTerritory2MultiSelectList object| AdvancedCurrencyEnable object| AjaxGetFieldTreeChildren object| AjaxGetUser object| AjaxGetUsersInGroups object| AjaxInNumericRange object| AjaxLoadFieldsForControllingEntity object| AjaxLoadFieldsForEntity object| AjaxLoadPLAForPageServlet object| AjaxLoadPLAForRecordTypeServlet object| AjaxLoadPLAServlet object| AjaxLoadRelatedListItem object| AjaxScanFieldsForShrinkage object| AjaxServlet object| AjaxValidateFormula object| AjaxValidateSpanningFormulasInRelatedList object| Aotp object| AssociationSelectElement object| BaseAssociationConstants object| BaseIntermediateRedirectServlet object| BlowoutServlet object| BodyLayout object| BounceEmailConstants object| BrandingColor object| BusinessHoursPageConstants object| BusyTimesAjaxServlet object| CSRFConstants object| CampaignManageMembers object| CaptchaVerifierServlet object| CaseUi object| ChangePasswordConstants object| ChangeUsernameConstants object| ChartConstants object| ChatterDeflection object| ChatterEmailSettingsConstants object| ChatterFilesConstants object| ChatterService object| ColorInputConstants object| ColorPickerConstants object| ColumnTypeConstants object| CompactLayoutAssignmentConstants object| CompactLayoutUiConst object| ConsoleSidebarSetupEditor object| ContextPaneEditor object| CreateNewElement object| CreateNewList object| CriteriaInputConstants object| CrtConstants object| CrtLayoutElement object| CrtLookupConstants object| CrtObjectElement object| CustomFieldDefinitionUiModel object| CustomMotifDefinitionPageConst object| CustomObjectTeamMemberUiConstants object| CustomObjectTeamTemplateUiConstants object| CustomSchemaObjectDefinitionUiModel object| DashboardConstants object| DataDotComCleanConstants object| DatePickerIds object| Desktop object| DesktopSidebarComponents object| DetailElement object| DeveloperSettings object| DurationInputElement object| DynamicContent object| EditElement object| EditEventMultiUserCalendarElementConstants object| EditPageConstants object| EmailAddrEditConstants object| EmailAttachmentManagementConstants object| EmailAuthorConstants object| EmailCCBccLookupConstants object| EmailChangeVerification object| EmailRelayConstants object| EmailSyncConfigConstants undefined| EmailTaskDescriptionServlet object| TaskDescriptionServlet object| EmailTemplatePreviewConstants object| EntitySharingConstants object| EventDescriptionServlet object| EventObject object| EventPage object| EventUi object| FieldTreeConstants object| FilterEditConstants object| FilterEditPageConstants object| FilterSelectionElement object| FindSimilarOppsFilter object| ForecastRoleUser object| ForecastSettings object| ForecastSharingPrefPopup object| ForecastSummaryPage object| ForecastingDateRangeServlet object| ForecastingDisplayedTypeServlet object| ForecastingJumpToUserServlet object| ForecastingPage object| ForecastingTabPage object| ForecastingTree object| ForecastingViewingIsoServlet object| GenerateRelationshipDefaults object| GoogleDocCreator object| GoogleTalkConstants object| HTPortal object| HelpBubbleConstants object| HighlightsPanelConstants object| HolidayUi object| HomeCalendarAjaxServlet object| HoverTooltipElement object| IFrameElement object| Ideas object| InlineEditConstants object| InlineHelp object| InlineScontrolElement object| InviterLookup object| InviterLookupMatch object| JSPDispatcher object| JigsawImport object| JigsawSearch object| Kb2Id object| KnowledgeSettingsUI object| ListView object| LiveAgentAddToTranscriptSearch object| LiveAgentAutoQuery object| LiveAgentConsoleAjaxServlet object| LiveAgentConstants object| LiveAgentFindOrCreate object| LiveChatButtonConstants object| LookupInputElement object| LookupUi object| LookupValidationServlet object| LookupsUi object| MCFilterPaneParams object| MCXHRParams object| MRUAutoCompleteServlet object| MWPicker object| MacroPage object| MailmergeTemplateSelectElementConst object| ManageableInfo object| MapServletParams object| MenuButtonElement object| MobilePushServiceTest object| MotifInputElementConst object| MouseOverElement object| MultiLookupInputElement object| MultiSelectList object| MultiUserCalendar object| MyCustomObjectConstants object| NewLayoutEditor object| NonUddKeyConstants object| OrganizerPage object| PersonalSetup object| PersonalSetupConstants object| PortalStyleConfigEditorConstants object| ProfileEditConstants object| ProfileListInlineEditConstants object| QuickTextAutoCompleteServlet object| RelatedListPrioritizationServlet object| RelatedListServlet object| RelatedListSuppressionServlet object| ReportChartMetadataServlet object| ReportConstants object| ReportsFch object| RequestInfo object| RoleTreeCookieConstants object| RtaImageServlet object| RuleFilterPageConstants object| ScheduleElement object| SchedulePage object| SchedulingUtils object| SchemaBuilder object| SchemaBuilderConfig object| SearchClickLogging object| SearchRelatedList object| SearchSettingsConstants object| SeascLogRecordHandler object| SectionElement object| ServiceDeskHotkeyEditor object| ServiceDeskPage object| SessionTimeServlet object| SetupSearchElement object| SetupTreeNodeConstants object| SideTabPreferenceServlet object| SidebarConstants object| SidetabConstants object| SlaProcessUi object| SoftphoneConstants object| SoftphoneLayoutEditorConstants object| SoftphoneMatchTypeEnum object| SoftphoneScreenPopTypeEnum object| StageManager object| SuggestedTimeProvider object| SummaryFieldConstants object| SummaryLayoutEditor object| SynonymConstants object| TabOrganizerConstants object| TabSetPageConstants object| TagConstants object| TagMode object| TaskMassAction object| TaskOwnerLookup object| TaskUi object| Territory2RuleLookup object| TimePickerInputElementConstants object| Udd object| UiData object| UnifiedSearchComponents object| UnifiedSearchUI object| UserDeactivate object| UserInterfaceUI object| ViralInviteSignupConstants object| VisualforceConstants object| WhoWhatQueue object| findSimilarQueryPage object| vaSelectElementConst function| GenericSfdcPage object| UserContext object| DesktopContext object| Util object| TWEEN function| SfdcFramework function| ApiUtils function| CustomEntityDefinition function| CustomSummaryFieldAttributes function| MaskTypeSelector function| CompactLayoutUi object| CustomFieldRelatedList function| ActionOverrideUi function| Scontrol function| ValidateFormula function| WebLinkUi function| DefaultTabWarning function| TabSetPage object| TabSetPageUtil function| fixUpSelectRow function| LiveAgent function| SchedulePageUtil function| Banner function| toggleDependentCheckboxes function| ButtonInputElement function| CheckedMenu function| ColorPicker function| CriteriaInput function| CriteriaEntityData function| FormulaFilterCriteriaEntityData function| DatePicker function| confirmDelete function| DeveloperNameInputElement function| DuelingListBoxesElement function| EncryptedTextInputElement function| FileFieldInputElement function| ImageSelectElement function| ListElement function| LookupElement function| ManageableInfoElement function| MenuButton object| MultiSelectPicklist function| OverlayDialog function| Paginator function| RelatedListPanel function| RichTextEditor function| RoleTreeNodeElement function| ScheduleReportOverlayUtil function| SelectElementDependency function| SelectFilterElement number| SELECT_MENU_SELECT number| SELECT_MENU_SIDEWAYS function| SelectMenu function| ShareRuleSelectFilterElement function| SimpleDialog function| SimpleTimePicker function| TimeDivData function| TimePicker function| TreeNodeElement function| TwistyElement function| VerticallyArrangableSelectElement object| Captcha function| MotifElement function| MotifInputElement function| PickableMotifElement function| DynamicCss function| FilterEdit function| ListFilterColumn function| ListInlineEditData function| RelatedList object| ActivityReminder function| DetailPage function| EditPage function| FormulaEditor function| GoogleTalk function| ListPage function| MultiLineEditPage function| FieldTree function| FieldTreeController function| FieldTreeNode function| OverviewPage function| OwnerChangePage function| Sidebar undefined| __vf_RTAEditor function| VFRTAEditor function| HTMLTreeNode function| SetupTreeNode function| InlineEditData function| InlineEditField function| PreferenceBits function| DateUtil function| DomUtil object| UrlMap object| dpdLkUtil boolean| isWin boolean| isIPad boolean| isIPhone function| controlVersion function| getSwfVer function| detectFlashVer function| ac_AddExtension function| ac_Generateobj function| ac_GetArgs function| ac_FL_RunContent function| getFlexRoot function| sizeImagePreview function| onPreviewSuccess function| showPreviewError function| doIPadIPhonePreview function| showDownloadLink function| insertFlexComponent function| closeContentPreviewDialog function| Attachments boolean| hasPendingAttachments function| addPendingAttachment function| removePendingAttachment function| displayAttachmentWarning function| activityBodyOnLoad function| EmailAddrEdit function| EmailCCBccLookup function| MailmergeTemplateSelectElement object| CustomObjectTeamMemberPage object| CustomObjectTeamTemplatePage number| KEY_BACKSPACE number| KEY_TAB number| KEY_ENTER number| KEY_ESC number| KEY_SPACE number| KEY_PAGEDOWN number| KEY_PAGEUP number| KEY_ARROW_L number| KEY_ARROW_U number| KEY_ARROW_R number| KEY_ARROW_D number| KEY_SHIFT number| KEY_CTRL number| KEY_ALT number| KEY_CAPSLOCK number| KEY_0 number| KEY_1 number| KEY_2 number| KEY_3 number| KEY_4 number| KEY_5 number| KEY_6 number| KEY_7 number| KEY_8 number| KEY_9 number| KEY_A number| KEY_B number| KEY_C number| KEY_D number| KEY_E number| KEY_F number| KEY_G number| KEY_H number| KEY_I number| KEY_J number| KEY_K number| KEY_L number| KEY_M number| KEY_N number| KEY_O number| KEY_P number| KEY_Q number| KEY_R number| KEY_S number| KEY_T number| KEY_U number| KEY_V number| KEY_W number| KEY_X number| KEY_Y number| KEY_Z number| KEY_WINDOWS_L number| KEY_WINDOWS_R number| KEY_SELECT number| KEY_NUMPAD_0 number| KEY_NUMPAD_1 number| KEY_NUMPAD_2 number| KEY_NUMPAD_3 number| KEY_NUMPAD_4 number| KEY_NUMPAD_5 number| KEY_NUMPAD_6 number| KEY_NUMPAD_7 number| KEY_NUMPAD_8 number| KEY_NUMPAD_9 number| KEY_NUMPAD_MULTIPLY number| KEY_NUMPAD_PLUS number| KEY_NUMPAD_MINUS number| KEY_NUMPAD_DECIMAL number| KEY_NUMPAD_DIVIDE number| KEY_F1 number| KEY_F2 number| KEY_F3 number| KEY_F4 number| KEY_F5 number| KEY_F6 number| KEY_F7 number| KEY_F8 number| KEY_F9 number| KEY_F10 number| KEY_F11 number| KEY_F12 number| KEY_PAUSE number| KEY_END number| KEY_HOME number| KEY_INSERT number| KEY_DELETE number| KEY_NUMLOCK number| KEY_SCROLLLOCK number| KEY_SEMICOLON number| KEY_EQUALS number| KEY_COMMA number| KEY_DASH number| KEY_PERIOD number| KEY_FORWARDSLASH number| KEY_GRAVE number| KEY_OPENBRACKET number| KEY_BACKSLASH number| KEY_CLOSEBRACKET number| KEY_APOSTROPHE number| KEY_PROCESS object| networksHeader function| leadConvertLookupPick function| toggleTableRows function| EventQueueMonitor function| ensureIdleCallback object| FingerprintVars object| Timestamp function| PerformanceMetrics function| NamedFunction object| BinaryOperations function| BitSetBuilder function| WebGLFingerprint function| Detector function| Fingerprint function| getJsLogFn function| getOrigin function| fixedEncodeURI function| isUrl function| parseUrl function| isValidSource function| addJsLog function| isDialogDeprecationReport number| numReports function| handleDialogDeprecation boolean| reportingObserverCreated undefined| internetExplorer678 function| Scheduler function| UserActivityMonitor function| QueryString object| HolidayFunction object| disabledDNs object| enabledDNs boolean| clickToDialEnabled function| isWindowAccessible function| registerClickToDialEnabled function| registerClickToDialDisabled function| registerClickToDial function| LookupHoverDetail function| MRUHoverDetail function| getSTimeout function| getRTimeout function| AppPickerHelper function| AppPicker function| AppPickerAlohaAccesability function| AppSwitcher function| Fader function| iframeShim function| IframeShim function| LoadingScreen function| alertBlockSubmit function| Modal object| MOUSE_OVER_FADE_MAP function| addMouseOver function| MouseOverFade function| MouseOverFadeHandler function| FilterLookupPage function| MenuButtonRounded function| TagMenuButton function| TagLinkEditElement function| BouncedEmailAddressDialog object| Dialogs function| AccessibleDialog function| IFrameDialog function| PersonalSettingsDialog function| FunctionalDialog function| GoogleDocNameInputDialog function| InlineEditDialog function| OverlayDialogElement function| FilePreviewOverlayDialogElement function| LightningAdoptionOverlayDialogElement function| FieldSelectDialog function| ListPaginator function| VideoDialog function| SearchAccessibleDialog function| SearchNonaccessibleDialog function| closeDialog function| resizeDialog function| PrintableViewPage function| PrintableListPage function| VFInlineEditData function| PersonNameField function| AddressField function| MultiEnumField function| MultiLineTextField function| BooleanField function| TextField function| NumberField function| DateField function| PhoneField function| ForeignKeyField function| StaticEnumField function| DynamicEnumField function| EncryptedTextField function| HtmlStringPlusClobField function| InetAddressField function| AccentListViewport function| ListViewport function| estimateStringArrayLength function| ApexPage function| ApexDetailPage function| NonUddListViewport function| TagAutoComplete function| Suggestion function| TagHeader object| Mustache function| Sizzle object| Sfdc number| data-uidSfdc function| AutoComplete function| ColorInput function| ForeignKeyInputElement function| ForeignKeyInputElementSelectProxy object| HtmlDetailElement function| EditableListPage function| GhostTextInputWrapperElement object| SearchClickLoggingUtil function| UnifiedSearchButton object| SfdcApp function| printStackTrace function| blankshield function| LC function| SfdcCmp function| LoadingOverlay function| SearchOverlayDialogs function| AutoCompleteInputElement function| AccessibleAutoCompleteInputElement function| LookupAutoCompleteInputElement function| SidebarSearchAutoCompleteElement function| UnifiedSearchAutoCompleteElement function| DesktopAjax function| makeActionRequest function| removeParam function| setParam function| makeGetRequest function| makeRequest function| cleanUp function| picklist function| picklistForInlineEditing function| multiPicklist function| Bitset object| InternalDialogs object| isMobile object| ForceUI object| swfobject object| Ext string| id function| AccessibleObjectList function| ArticleEditToolbar function| checkImportButtonOnLanguageChange function| checkImportButtonOnFileChange undefined| articletooltip function| articleToolTip string| articleListName string| colRightsName object| actionRights function| setViewGroup function| setView function| doViewTabChange function| showWarningMsg function| hideWarningMsg function| hoverWidthProcess function| setupTabs function| canUserDelete function| canUserCreateTranslations function| canUserArchive function| canUserEdit function| canUserPublish function| updateCookie function| KnowledgeTabPanel function| TOCDetailRenderer function| TOCSectionSelector function| clearSearch function| clearSelects function| MultiSelect function| ObjectList function| archiveSelectedArticles function| handleArchiveValidate function| handleArchiveOK function| assignSelectedArticles function| assignSelectedTranslations function| showRefreshedAssignDialog function| handleAssignValidate function| handleAssignOK function| deleteSelectedObjects function| deleteSelectedArticles function| deleteSelectedTranslations function| isRadioChecked function| handleDeleteOK function| publishSelectedObjects function| publishSelectedTranslations function| publishSelectedArticles function| onSelectPublishOption function| handlePublishValidate function| handlePublishOK function| submitForTranslationSelectedArticles function| handleSubmitForTranslationOK object| ArticleEdit object| ArticleRenderer object| Knowledge object| CaseArticle object| KnowledgeCKEditor object| KnowledgeDatePicker object| KnowledgeSettings object| KnowledgeManagement object| NetworkTracking object| UITheme undefined| $ function| jQuery string| npxUrl object| script function| $$ string| searchPrompt string| baseURL string| currSearch string| currLanguage string| currCategories boolean| contactUs boolean| viewingArticle string| pkbHome boolean| openDialogWhenReady string| CATEGORY_SELECT_ID_PREFIX string| SEARCH_LINK_ID string| ASK_LINK_ID string| NEXT_LINK_ID string| SEARCH_TEXT_ID string| RSS_RESULTS_LINK_ID string| RIGHT_COLUMN_ID number| MIN_CONTENT_HEIGHT string| FEEDBACK_YESNO_FORM_ID string| FEEDBACK_FORM_ID string| FEEDBACK_YES_BUTTON string| FEEDBACK_NO_BUTTON string| FEEDBACK_DIALOG_ID string| FEEDBACK_COMMENTS_ID string| FEEDBACK_TEXT_ID string| CHARS_REMAINING_ID string| FEATURED_ARTICLES_ID string| IMMEDIATE_HELP_ID string| CASE_ERROR_MSG_ID string| CONTACT_NO_BUTTON_ID string| CONTACT_YES_BUTTON_ID string| CONTACT_US_FORM_ID string| CONTACT_YES_NO_FORM_ID object| selectedCategories function| setLanguage function| setCurrCategories function| setCategory function| buildSearchHref function| checkForEnter function| searchButtonClicked function| doSearch function| freezeInputs function| restorePrompt function| clearPrompt function| resetPrompt function| validSearchQuery boolean| moreResults function| hideNext boolean| noResultsFound function| hideResultsRss function| hideImmediateHelp function| showFeedbackDialog function| copyComments function| toggleFeedbackYesNoButtons function| toggleContactYesNoButtons function| closeModal function| countChars boolean| atLeastOneFeatured function| hideFeatured function| adjustHeight function| rewriteContactUsFormAction function| rewriteFeedbackFormAction function| clearCaseErrorMsg function| prepareToRenderOverlay object| jQuery162013284648197374316 function| redirectMobile string| trimmmed object| gapi object| ___jsl object| viewlink object| sfdcPage function| twistSection object| registeredSections function| registerTwistableSection function| twistAllSections function| toggleSection function| registerTwistableSections_j_id0_j_id1_j_id954_j_id955_j_id978_j_id979_j_id986_j_id987_j_id1230 object| j_id0__j_id1__j_id954__j_id955__j_id978__j_id979__j_id986__j_id987__j_id1230__j_id1232__1__j_id1233__j_id1234 function| j_id0__j_id1__j_id954__j_id955__j_id978__j_id979__j_id986__j_id987__j_id1230__j_id1232__2__j_id1233__j_id1234 function| j_id0__j_id1__j_id954__j_id955__j_id978__j_id979__j_id986__j_id987__j_id1230__j_id1232__3__j_id1233__j_id1234 function| j_id0__j_id1__j_id954__j_id955__j_id978__j_id979__j_id986__j_id987__j_id1230__j_id1232__4__j_id1233__j_id1234 function| j_id0__j_id1__j_id954__j_id955__j_id978__j_id979__j_id986__j_id987__j_id1230__j_id1232__5__j_id1233__j_id1234 function| j_id0__j_id1__j_id954__j_id955__j_id978__j_id979__j_id986__j_id987__j_id1230__j_id1232__8__j_id1233__j_id1234 boolean| isModal function| refreshYesNo string| gaJsHost object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| _gat object| _gaq object| pageTracker object| gaGlobal function| jquerySrc string| popupSurveyId string| widgetShownCookie object| backdropEl object| divEl object| iframeEl string| showPopupPref boolean| isAlreadyShown number| loopCounter number| samplePercentage boolean| isinvitationModelShown number| oncePerVisitDays string| PAGE_VARIABLE string| COOKIE string| URLCONST string| additionalParams boolean| emptyField boolean| authenticated object| selectedFields boolean| extVarMissing string| extUrl string| positionData function| isPopupSurveyWidgetNotYetShown function| loadPopupSurveyWidgetButton function| createIframeElement function| checkJqueryAndLoadPopupSurvey function| setMargins function| loadPopupSurvey function| closeWelcomePage function| isPageVariableValid function| isCookieValid function| isUrlValid function| isToShowSlideUp function| getQueryStringValue function| replaceTokenValues function| getTokenValue function| getVariableValueFromCookie function| getVariableValueFromURL function| getVariableValueFromPageVariable string| buttonStyle function| sfdcAlert function| sfdcPrompt function| sfdcConfirm

10 Cookies

Domain/Path Name / Value
kb.pulsesecure.net/ Name: CookieConsentPolicy
Value: 0:1
kb.pulsesecure.net/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
kb.pulsesecure.net/ Name: apex__PKB2SessionId
Value: 8d97ff15-4091-4ce2-b45a-5ed15b5e02f2
.pulsesecure.net/ Name: __cfruid
Value: b79a65f5dddf167a77e69a6381be46c0e04325fd-1664296555
.kb.pulsesecure.net/ Name: __utma
Value: 1.1268929754.1664296555.1664296555.1664296555.1
.kb.pulsesecure.net/ Name: __utmc
Value: 1
.kb.pulsesecure.net/ Name: __utmz
Value: 1.1664296555.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.kb.pulsesecure.net/ Name: __utmt
Value: 1
.kb.pulsesecure.net/ Name: __utmb
Value: 1.1.10.1664296555
pulsesecure.satmetrix.com/ Name: AWSALBCORS
Value: V0eT1AHIdFoTACUZIwxMVi9jjrIz/2e+DOE2f+jPTI+rWoCZQ37olVFdox0X+H2WqAsk42Mc735xqMHPcat2iWTueXBFDUBdI2GvsZbOamnd/chwPJ7VUl+gWxVg

5 Console Messages

Source Level URL
Text
rendering warning URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59(Line 17)
Message:
The key "target-densitydpi" is not supported.
javascript warning URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59(Line 1358)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/?kA23Z000000GH59(Line 1358)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://developers.google.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
developers.google.com
kb.pulsesecure.net
pulsesecure.satmetrix.com
ssl.google-analytics.com
ssl.gstatic.com
static.xx.fbcdn.net
www.facebook.com
www.pulsesecure.net
2606:4700:20::681a:327
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:810::200e
2a00:1450:4001:82f::200d
2a00:1450:400d:806::2008
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
35.170.137.104
85.222.140.11
05802c8951ece83e8e0859a1dae7c9a1e6cf40d79ba01f05a02e7f7042177c63
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
10a45d9c8050a745d63519ba2782511020978010f7f980c14c4db261ae17a506
10c358ac0db30cf0788fe437ce41ec34b188f94509ecb17bb45bcc614f5da619
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
289e7b81fedb81dc4f639d186183e024e0b6a2f307ce6dc895e1207e96887519
2ae9edda35d97cbd39d1b0b16c784f37a09d4da155969b0b6087d41c57579869
2d94a090aaa1d4e8ff711a478d0c1bc1a91f0d196503683ead7308f88c048b1e
2eea5f38a5c2b899bc7605cef7407c56a3f49dc6143f4533a8628020a319752b
34b42f312b7d85725544c00ecab7adeb9ab8a2a08b9f7b236ed8238677cf6785
37c17edf80fabbc76d036b590d606606b15c288f699ba5adf91b8e6b5713b4f5
3cb66eb5534fc7bd819fcf913bb086beb15ec2d2f5d8934cc9e2a19701673203
4b555989a13d0be05d4968e30c8b49b9747e7a8f944394360bcfa34377bb4dcb
5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb
58f10b5e78c83cfd2f48efad0d8db0c7488165de8cd14a3b8c16c3d9d6f78579
5e2dd554d0dbd8be01cf294b0e4609e9aeb35c749ff6c4bb30b3ba90b6251366
62033df680552a8de8429f30817cbd259a9b4f26061964a07339c79bc30d1e7b
6a44aec44976c7a726d7be591b8bb8b542c808d84ad0dc83f4e0715182bb3413
6e9d6bd170a4388cf6d72df87ac5a4b7a9da39c1f5b9c4e778796181fba9a9de
70b5a6613f03d3c015d826185e39839e6dbc2d03871f151bafbed5cc58503f69
724b779f5a6b56f9cbb1762cb5c55662117c3e58ff44a51b4f96288415d6a699
73a2c2d74eef77be2af1e4a1488e54d8bf75d6a106ee871c44330012496267b1
76105d94db8ec2d78eae1289b7ff1e6157f8410c3d9509dfeb96ef1b93b17973
7da058a4e1bd6368be16eb513d108c61e9016968c859b28bc24ac2629e401773
7e7a6106baeec93b5492779635b06108d1624cf0be9e651a00f804373fa3f63e
80c5873ec96999440914c1dd2c62d5fdb339f2011a8d3913e4226f5fa7376a85
83286a77685480bcc4d7bfb69c1214180405d7ad2932fda55bfd14e828553d27
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86b9b9c9eca30d078fb0e8428c307eef3ad91486870c479430c95df15ac53446
8b202ad0f5aa81f72fe56b9d4db20f9d5ab63a718cd97dbafcc10a9bccc6ab99
8db60c6d616c234b70b7b94fb9342347ceed9328e96e229fd8bdd60338492dcb
8e6dac18b3a3480fbb3a0c3cd1b19711408f8a31ddaf83a3aaa3d195351188f7
96babbdcbe86bc969e21ce6cf7f7cef0d45d7887934b01684155eeef57939d85
9ed858d6c2cf2798f74f21dcbcd5f8528df9ae12ec15e7d5f246a3b3b592e8d7
a26e0ef1a9127e2334ff49ab0edfc68dd41ef01379a478a419e1641ded4f2ee0
a877d18de61f68a6bf3f8240fa730e23e2d80ffbc4b5e1293e5697dc6a585d96
a8864ce13abbf923efdaf60533db6dcc3025db283e5a9704e2a90c153a687072
ab5ab8114a8f3c8ecf0d6b44be95280e11dff043811a96067a19b223d167241a
b038f2a79dabc38a3d29075be0e5609f8eb4789022b74c3c1b6eff84ef0e38a7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8e802aa98c1fb6887fc4dcc07311fe1ba21abd51991b18266057ab8b6959a9e
bbb4b32c2a0c64792ca923928138453f21fd235ec20e0532bab61e64a34b1503
c1d334a690bee1fcede977f9bcb97584f35f11b096d6a922d6160847de022fec
c81d4039c271676b51f6caa1a2b1255abcbda0a215408b7692168029b8b11a55
cb1d4c2847c8477d274518ea1effd27e35b7ea6eaf66e0e00afa469fc37b9a2b
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1d7fb6c349a1fe4910a2de362836654baa46a4df1756af9c6624be3039e9d73
d1e129686801850312c4fcf49ed37c296370b3a42d866f5bf5d49c249b815bf0
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
df8a224bfeafbe6e4e2b354a3a64a6531c4c35de1d6eedd39625165fe43f5219
e2caeb89b440c1260fd3105e4b1474666ee12ae51636e9464a962c9357043cb6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f45539fc7c2316dfd9b33fb8670dc44eb297001a67bd5be1c933660a06dff763
fcaa28c051d0b0224ee162003b7b607c65e37a0c83adae041d121454417004d7