forums.ivanti.com Open in urlscan Pro
2606:4700::6811:8a6b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.redlegg.com/e3t/Ctc/OO+113/cyJvj04/MWCShctyMtlMFL56vSQrTTW7lBRbf58bCWHN3pwdCK7mmzdW50l5tj6lZ3nXW4gJlhC8FXhYM...
Effective URL:
https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Co...
Submission: On January 12 via api (January 12th 2024, 7:36:12 pm UTC) from US — Scanned from DE

Summary HTTP 51 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 51 HTTP transactions. The main IP is 2606:4700::6811:8a6b, located in United States and belongs to CLOUDFLARENET, US. The main domain is forums.ivanti.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on March 18th 2023. Valid for: a year.

This is the only time forums.ivanti.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:671f	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
29	2606:4700::68... 2606:4700::6811:8a6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e2:... 2606:4700:e2::ac40:8c0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:896b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	18.239.38.188 18.239.38.188	16509 (AMAZON-02) (AMAZON-02)
51	12

2 2606:2c40::c73c:671f (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.redlegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700::6811:8a6b (United States)

ASN13335 (CLOUDFLARENET, US)

forums.ivanti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.ivanti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8c0d (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:896b (United States)

ASN13335 (CLOUDFLARENET, US)

static.ivanti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.38.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-38-188.ams58.r.cloudfront.net

d2bnxibecyz4h5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	ivanti.com forums.ivanti.com static.ivanti.com — Cisco Umbrella Rank: 802202	3 MB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 625	162 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	159 KB
2	redlegg.com 1 redirects www.redlegg.com	5 KB
1	cloudfront.net d2bnxibecyz4h5.cloudfront.net	9 KB
1	gstatic.com fonts.gstatic.com	23 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 950	303 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	837 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 184	246 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1888	11 KB
0	google.de Failed www.google.de Failed
51	11

	Domain	Requested by
26	forums.ivanti.com	www.redlegg.com forums.ivanti.com client
9	cdn.cookielaw.org	forums.ivanti.com cdn.cookielaw.org
5	static.ivanti.com	client
2	www.googletagmanager.com	forums.ivanti.com www.googletagmanager.com
2	www.redlegg.com	1 redirects
1	d2bnxibecyz4h5.cloudfront.net	forums.ivanti.com
1	fonts.gstatic.com	fonts.googleapis.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	fonts.googleapis.com	forums.ivanti.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	use.fontawesome.com	forums.ivanti.com
0	www.google.de Failed	forums.ivanti.com
51	12

This site contains links to these domains. Also see Links.

Domain
advantagelearning.ivanti.com
innovators.ivanti.com
usergroups.ivanti.com
ivanti.ideas.aha.io
developer.ivanti.com
www.volexity.com
www.mandiant.com
nam11.safelinks.protection.outlook.com
success.ivanti.com
www.ivanti.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
www.redlegg.com GTS CA 1P5	`2024-01-12` - `2024-04-11`	3 months	crt.sh
*.ivanti.com Sectigo RSA Organization Validation Secure Server CA	`2023-03-18` - `2024-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
Frame ID: 21942E736A28D398032AD1119A18C4EC
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

KB CVE-2023-46805 (Authentication Bypass) & CVE-2024-21887 (Command Injection) for Ivanti Connect Secure and Ivanti Policy Secure GatewaysSearchLoadingBack ButtonFilter Button

Page URL History Show full URLs

https://www.redlegg.com/e3t/Ctc/OO+113/cyJvj04/MWCShctyMtlMFL56vSQrTTW7lBRbf58bCWHN3pwdCK7mmzdW50l5t... Page URL
https://www.redlegg.com/events/public/v1/encoded/track/tc/OO+113/cyJvj04/MWCShctyMtlMFL56vSQrTTW7lBR... HTTP 307
https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Inj... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

96 %
HTTPS

91 %
IPv6

11
Domains

12
Subdomains

12
IPs

3
Countries

2944 kB
Transfer

12917 kB
Size

9
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://advantagelearning.ivanti.com/
Title: Advantage Learning

Search URL Search Domain Scan URL

URL: https://innovators.ivanti.com/join/ISC
Title: Ivanti Innovators

Search URL Search Domain Scan URL

URL: https://usergroups.ivanti.com/
Title: Ivanti User Groups

Search URL Search Domain Scan URL

URL: https://ivanti.ideas.aha.io/
Title: Ivanti Ideas

Search URL Search Domain Scan URL

URL: https://developer.ivanti.com/hub
Title: Ivanti Developer Hub

Search URL Search Domain Scan URL

URL: https://www.volexity.com/blog/2024/01/10/active-exploitation-of-two-zero-day-vulnerabilities-in-ivanti-connect-secure-vpn
Title: Volexity’s blog

Search URL Search Domain Scan URL

URL: https://www.mandiant.com/resources/blog/suspected-apt-targets-ivanti-zero-day
Title: Mandiant's blog

Search URL Search Domain Scan URL

URL: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fapp.info.ivanti.com%2Fe%2Fer%3Futm_campaign%3D2023%2520Global%2520EN%2520Customer%2520EPMM%2520PSIRT%26utm_medium%3Demail%26utm_source%3DEloqua%26s%3D1800677%26lid%3D1323%26elqTrackId%3D31483C38632C0B4FE1D86FECF8D9A4BA%26elq%3D57ca806b6d544f92ad999a2be7dd0ae2%26elqaid%3D5511%26elqat%3D1&data=05%7C01%7Cdenise.champion%40ivanti.com%7Ccd76c2b85841471c9c6308db8af6dbd8%7Ce5208e76dd1247f09541c9b45afaffe6%7C0%7C0%7C638256565076853465%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=f9ObT%2FH3ZNokO8K3wMG4GfQRvE1lD8iayy7rhy0olCA%3D&reserved=0
Title: Success Portal

Search URL Search Domain Scan URL

URL: https://success.ivanti.com/Community_Terms_Conditions
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: http://www.ivanti.com/en-US/company/legal/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.ivanti.com/company/press-releases/2020/ivanti-asp-best-support-website

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.redlegg.com/e3t/Ctc/OO+113/cyJvj04/MWCShctyMtlMFL56vSQrTTW7lBRbf58bCWHN3pwdCK7mmzdW50l5tj6lZ3nXW4gJlhC8FXhYMW79-M621DcxyyW1x4L1X32sLx2W5B1Fyj7g2m7vW8C3-5Z4pZzpfW8kpMT18nqD9VW1yRFqB4jrxLFW6B4Q244Pl3jQN1wtBfjXCtQVW3w-6CX110__hW9dLgfH4nQXHGW7K7cqL3cwldQW90Pfh_5XdC9sW2PYVYN4wPxFFW5pDx6J98LXN3W2cPy241N36X7VxXJqS8JQWWMW1rLyZs23HxbtW5SWm8x39Lrl0N3JXwcRf2ccYW4JHQ082KZd_nW7ckYMP4dyRb-W4FktTd5JYfG3W2Z2LP72_1kmHW8RMgR278z_BPN1vfpjkwQYYcW1ZX5dk3WBXdgW2FCvl62GcGP3W4_kRc-3jwVmCW6b5HlF31LV0NW13VTNb3J13SmW27XtBm61n5fcW4956qT6wtrCGMcGP1WXTSjXW5GpBDW8219mzW6WThsq8gqsg1W5BL8HB5stxhpW4ysKyK5kSdR2W2pgkF68zkbVhW4dDPR65pcyjmW3Y11-P1gx89sW60y0LQ5XS5ctW2GTSBb3_h7j2N400sBPlcTlyW4J-b1826XTGvW4BKKP04zRf-CW8cTKBb5yx59TW60xm6k8TQbVsdxz3WH04 Page URL
https://www.redlegg.com/events/public/v1/encoded/track/tc/OO+113/cyJvj04/MWCShctyMtlMFL56vSQrTTW7lBRbf58bCWHN3pwdCK7mmzdW50l5tj6lZ3nXW4gJlhC8FXhYMW79-M621DcxyyW1x4L1X32sLx2W5B1Fyj7g2m7vW8C3-5Z4pZzpfW8kpMT18nqD9VW1yRFqB4jrxLFW6B4Q244Pl3jQN1wtBfjXCtQVW3w-6CX110__hW9dLgfH4nQXHGW7K7cqL3cwldQW90Pfh_5XdC9sW2PYVYN4wPxFFW5pDx6J98LXN3W2cPy241N36X7VxXJqS8JQWWMW1rLyZs23HxbtW5SWm8x39Lrl0N3JXwcRf2ccYW4JHQ082KZd_nW7ckYMP4dyRb-W4FktTd5JYfG3W2Z2LP72_1kmHW8RMgR278z_BPN1vfpjkwQYYcW1ZX5dk3WBXdgW2FCvl62GcGP3W4_kRc-3jwVmCW6b5HlF31LV0NW13VTNb3J13SmW27XtBm61n5fcW4956qT6wtrCGMcGP1WXTSjXW5GpBDW8219mzW6WThsq8gqsg1W5BL8HB5stxhpW4ysKyK5kSdR2W2pgkF68zkbVhW4dDPR65pcyjmW3Y11-P1gx89sW60y0LQ5XS5ctW2GTSBb3_h7j2N400sBPlcTlyW4J-b1826XTGvW4BKKP04zRf-CW8cTKBb5yx59TW60xm6k8TQbVsdxz3WH04?_ud=b2430570-f362-4f07-8faf-9e9f639819b4&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 MWCShctyMtlMFL56vSQrTTW7lBRbf58bCWHN3pwdCK7mmzdW50l5tj6lZ3nXW4gJlhC8FXhYMW79-M621DcxyyW1x4L1X32sLx2W5B1Fyj7g2m7vW8C3-5Z4pZzpfW8kpMT18nqD9VW1yRFqB4jrxLFW6B4Q244Pl3jQN1wtBfjXCtQVW3w-6CX110__hW9dLgfH4...
www.redlegg.com/e3t/Ctc/OO+113/cyJvj04/ 8 KB
4 KB 190ms
170ms Document
text/html 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.redlegg.com/e3t/Ctc/OO+113/cyJvj04/MWCShctyMtlMFL56vSQrTTW7lBRbf58bCWHN3pwdCK7mmzdW50l5tj6lZ3nXW4gJlhC8FXhYMW79-M621DcxyyW1x4L1X32sLx2W5B1Fyj7g2m7vW8C3-5Z4pZzpfW8kpMT18nqD9VW1yRFqB4jrxLFW6B4Q244Pl3jQN1wtBfjXCtQVW3w-6CX110__hW9dLgfH4nQXHGW7K7cqL3cwldQW90Pfh_5XdC9sW2PYVYN4wPxFFW5pDx6J98LXN3W2cPy241N36X7VxXJqS8JQWWMW1rLyZs23HxbtW5SWm8x39Lrl0N3JXwcRf2ccYW4JHQ082KZd_nW7ckYMP4dyRb-W4FktTd5JYfG3W2Z2LP72_1kmHW8RMgR278z_BPN1vfpjkwQYYcW1ZX5dk3WBXdgW2FCvl62GcGP3W4_kRc-3jwVmCW6b5HlF31LV0NW13VTNb3J13SmW27XtBm61n5fcW4956qT6wtrCGMcGP1WXTSjXW5GpBDW8219mzW6WThsq8gqsg1W5BL8HB5stxhpW4ysKyK5kSdR2W2pgkF68zkbVhW4dDPR65pcyjmW3Y11-P1gx89sW60y0LQ5XS5ctW2GTSBb3_h7j2N400sBPlcTlyW4J-b1826XTGvW4BKKP04zRf-CW8cTKBb5yx59TW60xm6k8TQbVsdxz3WH04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 8447d8a628b41c20-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Fri, 12 Jan 2024 19:36:04 GMT
last-modified: Fri, 12 Jan 2024 19:36:04 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoRC3Sp3v5YRbOzoHroiFaNNQ1JhZ4c8xEXI72TFa5hy96hM4qgZEukdKvCKgSJrNfKlYgaa%2FMqxgwLyyFZk576IbqsPNCnyQqR9ECinJPm%2F8sWYH3FWQyIP%2BoXTGqynGbHT7FdhZKoJXHguug%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-6775f64766-nnr46
x-evy-trace-virtual-host: all
x-hs-https-only: worker
x-hubspot-correlation-id: 45024c27-3195-4d8a-9b87-be2afff1d9d1
x-request-id: 45024c27-3195-4d8a-9b87-be2afff1d9d1
x-robots-tag: none

GET
H2

200

Primary Request KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways Show response
forums.ivanti.com/s/article/
Redirect Chain

https://www.redlegg.com/events/public/v1/encoded/track/tc/OO+113/cyJvj04/MWCShctyMtlMFL56vSQrTTW7lBRbf58bCWHN3pwdCK7mmzdW50l5tj6lZ3nXW4gJlhC8FXhYMW79-M621DcxyyW1x4L1X32sLx2W5B1Fyj7g2m7vW8C3-5Z4pZzp...
https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=...

457 KB
89 KB

720ms
694ms

Document
text/html

2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email

Requested by

Host: www.redlegg.com
URL: https://www.redlegg.com/e3t/Ctc/OO+113/cyJvj04/MWCShctyMtlMFL56vSQrTTW7lBRbf58bCWHN3pwdCK7mmzdW50l5tj6lZ3nXW4gJlhC8FXhYMW79-M621DcxyyW1x4L1X32sLx2W5B1Fyj7g2m7vW8C3-5Z4pZzpfW8kpMT18nqD9VW1yRFqB4jrxLFW6B4Q244Pl3jQN1wtBfjXCtQVW3w-6CX110__hW9dLgfH4nQXHGW7K7cqL3cwldQW90Pfh_5XdC9sW2PYVYN4wPxFFW5pDx6J98LXN3W2cPy241N36X7VxXJqS8JQWWMW1rLyZs23HxbtW5SWm8x39Lrl0N3JXwcRf2ccYW4JHQ082KZd_nW7ckYMP4dyRb-W4FktTd5JYfG3W2Z2LP72_1kmHW8RMgR278z_BPN1vfpjkwQYYcW1ZX5dk3WBXdgW2FCvl62GcGP3W4_kRc-3jwVmCW6b5HlF31LV0NW13VTNb3J13SmW27XtBm61n5fcW4956qT6wtrCGMcGP1WXTSjXW5GpBDW8219mzW6WThsq8gqsg1W5BL8HB5stxhpW4ysKyK5kSdR2W2pgkF68zkbVhW4dDPR65pcyjmW3Y11-P1gx89sW60y0LQ5XS5ctW2GTSBb3_h7j2N400sBPlcTlyW4J-b1826XTGvW4BKKP04zRf-CW8cTKBb5yx59TW60xm6k8TQbVsdxz3WH04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c711485ee938250c61cfcc88e0373d834a5f038d386b320ece3eddbb71e46e8d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.redlegg.com/e3t/Ctc/OO+113/cyJvj04/MWCShctyMtlMFL56vSQrTTW7lBRbf58bCWHN3pwdCK7mmzdW50l5tj6lZ3nXW4gJlhC8FXhYMW79-M621DcxyyW1x4L1X32sLx2W5B1Fyj7g2m7vW8C3-5Z4pZzpfW8kpMT18nqD9VW1yRFqB4jrxLFW6B4Q244Pl3jQN1wtBfjXCtQVW3w-6CX110__hW9dLgfH4nQXHGW7K7cqL3cwldQW90Pfh_5XdC9sW2PYVYN4wPxFFW5pDx6J98LXN3W2cPy241N36X7VxXJqS8JQWWMW1rLyZs23HxbtW5SWm8x39Lrl0N3JXwcRf2ccYW4JHQ082KZd_nW7ckYMP4dyRb-W4FktTd5JYfG3W2Z2LP72_1kmHW8RMgR278z_BPN1vfpjkwQYYcW1ZX5dk3WBXdgW2FCvl62GcGP3W4_kRc-3jwVmCW6b5HlF31LV0NW13VTNb3J13SmW27XtBm61n5fcW4956qT6wtrCGMcGP1WXTSjXW5GpBDW8219mzW6WThsq8gqsg1W5BL8HB5stxhpW4ysKyK5kSdR2W2pgkF68zkbVhW4dDPR65pcyjmW3Y11-P1gx89sW60y0LQ5XS5ctW2GTSBb3_h7j2N400sBPlcTlyW4J-b1826XTGvW4BKKP04zRf-CW8cTKBb5yx59TW60xm6k8TQbVsdxz3WH04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache,must-revalidate,max-age=0,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 8447d8a8de8218e4-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests frame-ancestors 'self'
content-type: text/html;charset=UTF-8
date: Fri, 12 Jan 2024 19:36:05 GMT
expires: Thu, 12 Jan 2023 19:36:05 GMT
last-modified: Thu, 12 Jan 2023 19:36:05 GMT
link: </s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-246.15.5-3.0.4-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22xUUH_isHmNQqCOJ9yNTV7A%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/app.js?2=>;rel=preload;as=script;nopush
referrer-policy: origin-when-cross-origin
server: cloudflare
server-timing: Total;dur=368
strict-transport-security: max-age=63072000; includeSubDomains
timing-allow-origin: *
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sfdc-request-id: 7844f2a7d0885f58a4a777e70c7bcc7b
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 8447d8a75a551c20-FRA
content-security-policy: upgrade-insecure-requests
date: Fri, 12 Jan 2024 19:36:05 GMT
link: <https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email#:~:text=Resolution-,Workaround,-CVE%2D2023%2D46805>; rel="canonical"
location: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email#:~:text=Resolution-,Workaround,-CVE%2D2023%2D46805
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkFB53MvfnCfG0Yih4Z4%2BQMthV2s69P80KrB%2BYEPE6REPbg5iVd9SES7SAdGzTfzlrY9kOvwJcHHw2NGKVUErQSY3MrUcAGyQhzgsTN4glMY0Rhf5jDgK5qwwkorFIXTmiEEwC0xnETWdD6K4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 38
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-6775f64766-b87jj
x-evy-trace-virtual-host: all
x-hs-https-only: worker
x-hubspot-correlation-id: 1af212f4-30a3-4bd5-bdff-08091d8821bd
x-request-id: 1af212f4-30a3-4bd5-bdff-08091d8821bd
x-robots-tag: none

GET
H2 200 aura_prod.js Show response
forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/ 835 KB
262 KB 53ms
52ms Script
text/javascript 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

380d50cc899d0aadee0b196b7d5be1f1ee2000f08d9eee542aeefc492b86aadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 551046
server-timing: Total;dur=20
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 05 Jan 2024 10:31:59 GMT
server: cloudflare
x-sfdc-request-id: 88a806e072a3715baf52a2a8d7f795f2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
cf-ray: 8447d8ad3b9e18e4-FRA

GET
H2 200 app.js Show response
forums.ivanti.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-246.15.5-3.0.4-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%... 3 MB
543 KB 46ms
46ms Script
text/javascript 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-246.15.5-3.0.4-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22xUUH_isHmNQqCOJ9yNTV7A%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/app.js?2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef4a87acf73180abb62e071dd34cf9f267c05e489d7d593c7500f2005ac0f215

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2588772
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 12 Dec 2023 20:09:45 GMT
server: cloudflare
x-sfdc-request-id: 5b7ac9d9094501f67f78ba48296b74ff
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cf-ray: 8447d8ad3ba618e4-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 187 KB
67 KB 178ms
67ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5B3493D

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1be241d4fd986e54b82505f7e42a94c822b16eb8b3889d258ba8a2f23f44c7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68605
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 18:41:07 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Jan 2024 19:36:06 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ 50 KB
11 KB 74ms
39ms Stylesheet
text/css 2606:4700:e2::ac40:8c0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer: https://forums.ivanti.com/
Origin: https://forums.ivanti.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 214029
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAjfsCvMkWomhFcigjp9lkDAtzO1IlHbiHAX4QFDMEX5KOz4%2FKgO%2FrY0CbEu4TZ2K9LfRAJN5cssO6fQDe8P15pZuBdUscwoWzPcAeu8v1kS%2BnBDOLvqRK3k%2FY7THJ4rJM9Yn53LRf1JkIELQSyZABh1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8447d8ad8bf9f097-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 CustomArticleStyle
forums.ivanti.com/s/sfsites/c/resource/1552560128000/ 17 KB
4 KB 68ms
67ms Stylesheet
text/css 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/sfsites/c/resource/1552560128000/CustomArticleStyle

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef2a3661683d48dea932d24efd35996d573f003fa7cd78fea381129475addb6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
p3p: CP="CUR OTR STA"
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 14 Mar 2019 10:42:08 GMT
server: cloudflare
x-sfdc-request-id: e7d081297bf16caed9eb577053413657
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=3888000,immutable
cf-ray: 8447d8ad4bbc18e4-FRA
expires: Mon, 26 Feb 2024 19:32:34 GMT

GET
H2 200 font_mfizz_241
forums.ivanti.com/s/sfsites/c/resource/ 10 KB
2 KB 39ms
39ms Stylesheet
text/css 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/sfsites/c/resource/font_mfizz_241

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25a75d8733f6246dcaacc0fc35a90df6c10b4bb67ab46dccdf0e2ab1dadccabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
p3p: CP="CUR OTR STA"
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 30 Jan 2019 08:54:07 GMT
server: cloudflare
x-sfdc-request-id: c485e4b608ccff85094155e5e8ce049c
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=3888000
cf-ray: 8447d8ad4bc218e4-FRA
expires: Mon, 26 Feb 2024 04:42:42 GMT

GET
H2 200 fonts.css
forums.ivanti.com/s/sfsites/runtimedownload/ 0
176 B 24ms
24ms Stylesheet
text/css 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/sfsites/runtimedownload/fonts.css?lastMod=1685542494000&brandSet=27b5c007-5227-4754-877a-86c155ed7067

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2588773
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 31 May 2023 14:14:54 GMT
server: cloudflare
x-sfdc-request-id: 3128c188dbca641fb1b0c5eda2b65c65
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public,max-age=31536000
cf-ray: 8447d8ae1cee18e4-FRA
expires: Thu, 12 Dec 2024 20:13:52 GMT

GET ics.css
forums.ivanti.com/s/article/ 0
0

GET
H2 200 ics.css
static.ivanti.com/sites/partner/media/images/css/ 177 KB
26 KB 36ms
36ms Stylesheet
text/css 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ivanti.com/sites/partner/media/images/css/ics.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ac3632b77b0870a5a01987ed8fb27daba96bc2d6f55e9427776aca7e586f905

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jan 2024 19:36:06 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: tv46ctUlyiek18oquCzsfw==
age: 169530
cf-polished: origSize=239510
x-ms-meta-createdby: ede0f02e-b25f-40c0-8a48-7c8db67872fe
x-ms-meta-modifiedby: ede0f02e-b25f-40c0-8a48-7c8db67872fe
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 28 Apr 2020 19:11:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 78637bbf-c01e-0083-0403-2eb335000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-createdby,x-ms-meta-modifiedby,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=43200
x-ms-version: 2009-09-19
cf-ray: 8447d8ae1cf618e4-FRA
expires: Sat, 13 Jan 2024 07:36:06 GMT

GET
H2 200 resources.js Show response
forums.ivanti.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAu... 33 KB
10 KB 278ms
277ms Script
text/javascript 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c182e921886bacbf741d7ab1b91c2c320477ed1804bb5a545787ec31a4cca9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
last-modified: Thu, 11 Jan 2024 19:36:06 GMT
server: cloudflare
cf-cache-status: MISS
content-encoding: br
x-sfdc-request-id: adfb46fe322ccc25d0fccf2f6379cb4e
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=31536000,immutable
cf-ray: 8447d8ae1cf818e4-FRA
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.js Show response
forums.ivanti.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAu... 963 KB
169 KB 37ms
37ms Script
text/javascript 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22xUUH_isHmNQqCOJ9yNTV7A%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwMDBlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/bootstrap.js?aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%2227b5c007-5227-4754-877a-86c155ed7067%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%2277d51b5b-5f15-488a-a9f7-2defc0f62862%22%2C%22publishedChangelistNum%22%3A%221095%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22uds%22%3A%22false%22%2C%22viewType%22%3A%22Published%22%7D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31e724557b214e9bbb1cb83d21730c03e14a3f702bf262b11d6ea5eb9256bff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 11 Jan 2024 19:32:17 GMT
server: cloudflare
age: 229
x-sfdc-request-id: daf7a1608caabfd9b5d1a6aa6151487a
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cache-control: public,max-age=900
cf-ray: 8447d8ae1cf918e4-FRA
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
92 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-16YM3FXQPL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B3493D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

659fa57b7d8d633edc28ff35d44475c0b631f10de40866e95b2e599f4f0256a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93850
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jan 2024 19:36:06 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 158ms
53ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-16YM3FXQPL&cid=1008753232.1705088166&gtm=45je41a0v870999520z8865887299&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-16YM3FXQPL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 19:36:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forums.ivanti.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H2 200 app.css
forums.ivanti.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22xUUH_isHmN... 1 MB
131 KB 33ms
33ms Stylesheet
text/css 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22xUUH_isHmNQqCOJ9yNTV7A%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityFormFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AsldsFontOverride%22%5D%2C%22tuid%22%3A%22crgbQdxhL9RuYnQOHMdOcQ%22%2C%22cuid%22%3A-790297773%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css?2=&aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%2227b5c007-5227-4754-877a-86c155ed7067%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%2277d51b5b-5f15-488a-a9f7-2defc0f62862%22%2C%22publishedChangelistNum%22%3A%221095%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22uds%22%3A%22false%22%2C%22viewType%22%3A%22Published%22%7D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6ab3b89d8a2acbc4f9a43b68efd4b356fc2424d1356b6583322b572e34bb6d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 145860
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 10 Jan 2024 03:05:07 GMT
server: cloudflare
x-sfdc-request-id: 8273ebb1beb0f54e8fde1a5a30d0af1a
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cf-ray: 8447d8b53dbc18e4-FRA

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 40ms
18ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jan 2024 19:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: FWT01iLvZ++xUAz3aesSug==
age: 55683
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Thu, 11 Jan 2024 20:28:17 GMT
server: cloudflare
etag: 0x8DC12E3D820CE81
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3bb69f20-501e-0032-6204-4539f4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8447d8b61d89bc03-FRA

GET
H2 200 CoveoFullSearch.css
forums.ivanti.com/resource/1643835534000/CoveoV2__searchUi/css/ 502 KB
49 KB 29ms
29ms Stylesheet
text/css 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/resource/1643835534000/CoveoV2__searchUi/css/CoveoFullSearch.css

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d34d4bc4f039ab25aa7b00a2fc9acfae042610e1eb7cc2923c9137433ab163fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2588771
p3p: CP="CUR OTR STA"
x-xss-protection: 1; mode=block
last-modified: Wed, 2 Feb 2022 20:58:54 GMT
server: cloudflare
x-sfdc-request-id: 8e66e4f177525a1cea8c3a1f9416a50c
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=3888000,immutable
cf-ray: 8447d8b6f82b18e4-FRA
expires: Sat, 27 Jan 2024 20:09:48 GMT

GET
H2 200 search.style.css
forums.ivanti.com/resource/1643835531000/CoveoV2__assets/css/ 20 KB
4 KB 23ms
23ms Stylesheet
text/css 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/resource/1643835531000/CoveoV2__assets/css/search.style.css

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b11c0da88149acba80f9738ad613c996f42ff01673668ef56a4b99d6dca19ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2588770
p3p: CP="CUR OTR STA"
x-xss-protection: 1; mode=block
last-modified: Wed, 2 Feb 2022 20:58:51 GMT
server: cloudflare
x-sfdc-request-id: 5d558317c360e69bdbb5a338701a56b9
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=3888000,immutable
cf-ray: 8447d8b6f82e18e4-FRA
expires: Sat, 27 Jan 2024 20:29:56 GMT

GET
H2 200 jquery.min.js Show response
forums.ivanti.com/resource/1643835531000/CoveoV2__jquery/ 87 KB
31 KB 36ms
35ms XHR
application/x-javascript 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/resource/1643835531000/CoveoV2__jquery/jquery.min.js

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2588771
p3p: CP="CUR OTR STA"
x-xss-protection: 1; mode=block
last-modified: Wed, 2 Feb 2022 20:58:51 GMT
server: cloudflare
x-sfdc-request-id: db00ed8c174417ae6a97a2b2a6f2ee89
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=3888000,immutable
cf-ray: 8447d8b6f82f18e4-FRA
expires: Sat, 27 Jan 2024 20:27:29 GMT

POST
H2 200 aura Show response
forums.ivanti.com/s/sfsites/ 1 MB
299 KB 376ms
374ms XHR
application/json 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/sfsites/aura?r=0&aura.Component.getComponentDef=1

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33a40b37a11181ee6eaee21063bd94e1f93b06e19618ee38e5c68e9d462febb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
X-SFDC-Page-Cache: db8f140123dbe734
accept-language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: a5bd1cd5-73b0-4f82-ac97-a005c7e058de
X-SFDC-Request-Id: 2528900000f1b0bd8d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 19:36:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
last-modified: Thu, 12 Jan 2023 19:36:07 GMT
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
x-sfdc-request-id: 2528900000f1b0bd8d
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
cf-ray: 8447d8b7288418e4-FRA
x-xss-protection: 1; mode=block
expires: Thu, 12 Jan 2023 19:36:07 GMT

GET
H2 200 ivantilogo
forums.ivanti.com/file-asset/ 2 KB
2 KB 20ms
20ms Image
image/png 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forums.ivanti.com/file-asset/ivantilogo?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7b55142b9f694cf42b062f2099e436d5b7836e1fd3ca80f4982b4f70e9c67de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="CUR OTR STA"
content-disposition: attachment; filename="ivantilogo.png"; filename*=utf-8''ivantilogo.png
content-length: 2175
x-xss-protection: 1; mode=block
last-modified: Wed, 31 May 2023 14:12:36 GMT
server: cloudflare
x-sfdc-request-id: 1bd56377a1dcfa7b6d06f14761f2c13b
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=3888000
cf-ray: 8447d8b7389f18e4-FRA
expires: Mon, 26 Feb 2024 04:04:08 GMT

GET
H2 200 inter-medium.woff
static.ivanti.com/sites/marketing/fonts/ 139 KB
140 KB 68ms
37ms Font
font/woff 2606:4700::6811:896b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ivanti.com/sites/marketing/fonts/inter-medium.woff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:896b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68d52e74e8171ddb2c94ca60a2596dc8a46407320449881fd09369dbc317624c

Request headers

Referer: https://forums.ivanti.com/
Origin: https://forums.ivanti.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jan 2024 19:36:07 GMT
cf-cache-status: HIT
content-md5: XOPk25Y0kTIyQD8WayRH3g==
age: 171121
content-length: 142340
x-ms-lease-status: unlocked
last-modified: Mon, 06 Mar 2023 17:28:00 GMT
server: cloudflare
etag: 0x8DB1E682253B359
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
x-ms-request-id: 07864b82-001e-0016-67ff-2dd206000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=43200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8447d8b76a4e5bf5-FRA
expires: Sat, 13 Jan 2024 07:36:07 GMT

GET
H2 200 inter-regular.woff
static.ivanti.com/sites/marketing/fonts/ 131 KB
131 KB 80ms
50ms Font
font/woff 2606:4700::6811:896b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ivanti.com/sites/marketing/fonts/inter-regular.woff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:896b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3710e2ce073ec0eb39274decc63768b52091a27e35f5c28d6abb7a5fcef0b7fc

Request headers

Referer: https://forums.ivanti.com/
Origin: https://forums.ivanti.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jan 2024 19:36:07 GMT
cf-cache-status: HIT
content-md5: FNEnXGdnbMXZESMtDIkNlw==
age: 171121
content-length: 133856
x-ms-lease-status: unlocked
last-modified: Mon, 06 Mar 2023 17:28:00 GMT
server: cloudflare
etag: 0x8DB1E6822292485
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
x-ms-request-id: 1d75fdfa-401e-0011-01ff-2d2483000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=43200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8447d8b76a4f5bf5-FRA
expires: Sat, 13 Jan 2024 07:36:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
837 B 173ms
62ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/resource/1643835534000/CoveoV2__searchUi/css/CoveoFullSearch.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ea2880bbb5055eb6493499d243a86911663924955d78ac35d672a5a0e9995ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 19:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 19:26:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 19:36:07 GMT

GET
H2 200 CoveoJsSearch.min.js Show response
forums.ivanti.com/resource/1643835534000/CoveoV2__searchUi/js/ 2 MB
491 KB 46ms
46ms XHR
application/x-javascript 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/resource/1643835534000/CoveoV2__searchUi/js/CoveoJsSearch.min.js

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89636d20efba4dff4dc90d1a25eb81eca4dad47e4e68bf9efc9a64f694c60a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2588771
p3p: CP="CUR OTR STA"
x-xss-protection: 1; mode=block
last-modified: Wed, 2 Feb 2022 20:58:54 GMT
server: cloudflare
x-sfdc-request-id: 8dbd04df305cf59d1081b77dd6d6decb
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=3888000,immutable
cf-ray: 8447d8b768f618e4-FRA
expires: Sat, 27 Jan 2024 20:05:45 GMT

GET
H2 200 e000ccd6-3734-4df4-8734-1c0c29bb14a2.json Show response
cdn.cookielaw.org/consent/e000ccd6-3734-4df4-8734-1c0c29bb14a2/ 4 KB
2 KB 67ms
36ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e000ccd6-3734-4df4-8734-1c0c29bb14a2/e000ccd6-3734-4df4-8734-1c0c29bb14a2.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a5e8c10b82bb69af01fd10e54cf1b7eff38ca06b1b886eb4573910a194a5b8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jan 2024 19:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 67506
content-md5: J2qe949/DebJV9UxWtH4RQ==
content-length: 1692
x-ms-lease-status: unlocked
last-modified: Wed, 19 Jul 2023 17:40:18 GMT
server: cloudflare
etag: 0x8DB887F37D2D971
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e96271f7-c01e-006d-4f78-0c8dc8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8447d8b7ab209b8f-FRA
expires: Sat, 13 Jan 2024 19:36:07 GMT

POST
H2 200 aura Show response
forums.ivanti.com/s/sfsites/ 137 KB
35 KB 1699ms
1699ms XHR
application/json 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/sfsites/aura?r=1&CoveoV2.ContentHandler.getLoader=1&aura.Component.getComponent=1&other.CustomSearch.getToken=1&ui-comm-runtime-components-aura-components-siteforce-recordservicecomponent.RecordServiceComponent.getArticleVersionId=2&ui-communities-components-aura-components-forceCommunity-navigationMenu.NavigationMenuDataProvider.getNavigationMenu=1&ui-communities-components-aura-components-forceCommunity-richText.RichText.getParsedRichTextValue=1&ui-force-components-controllers-hostConfig.HostConfig.getConfigData=1&ui-self-service-components-profileMenu.ProfileMenu.getProfileMenuResponse=1

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a69eda6fa4c8fdb510b0d48b2630d7c46067afc35af0441cf8548b87f6770252

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
X-SFDC-Page-Cache: db8f140123dbe734
accept-language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: a5bd1cd5-73b0-4f82-ac97-a005c7e058de
X-SFDC-Request-Id: 2581800000052c0e51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 19:36:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server-timing: Total;dur=761
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 12 Jan 2023 19:36:08 GMT
server: cloudflare
x-sfdc-request-id: 2581800000052c0e51
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin: *
cf-ray: 8447d8b7791818e4-FRA
expires: Thu, 12 Jan 2023 19:36:08 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 51ms
26ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://forums.ivanti.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8447d8b8096a4d22-FRA
access-control-allow-headers: Content-Type

GET
H2 200 templatesNew.js Show response
forums.ivanti.com/resource/1643835534000/CoveoV2__searchUi/js/templates/ 140 KB
11 KB 27ms
26ms XHR
application/x-javascript 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/resource/1643835534000/CoveoV2__searchUi/js/templates/templatesNew.js

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

328480537ca70bfa82a3ba0c7c097c5921b6943bd25159700bcfb7464886652d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2588771
p3p: CP="CUR OTR STA"
x-xss-protection: 1; mode=block
last-modified: Wed, 2 Feb 2022 20:58:54 GMT
server: cloudflare
x-sfdc-request-id: ba1c49234649b0559b1a510e8afe5198
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=3888000,immutable
cf-ray: 8447d8b87a6f18e4-FRA
expires: Sat, 27 Jan 2024 20:09:51 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202306.2.0/ 404 KB
98 KB 18ms
18ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.2.0/otBannerSdk.js

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ec50412f5f4a206aa4525377add48f460c5e596a4aecaabecd56f15737fa8f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jan 2024 19:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +MbZ9DgpGaofE6OXFTKawA==
age: 47940
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99611
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jul 2023 02:45:44 GMT
server: cloudflare
etag: 0x8DB834B4115B7B5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 05376188-c01e-0099-74db-12463e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8447d8b888bdbc03-FRA

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 287ms
54ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forums.ivanti.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:45:00 GMT
x-content-type-options: nosniff
age: 298268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:45:00 GMT

GET
H2 200 lightning_search.bundle.min.js Show response
forums.ivanti.com/resource/1643835531000/CoveoV2__assets/js/ 182 KB
39 KB 35ms
35ms XHR
application/x-javascript 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/resource/1643835531000/CoveoV2__assets/js/lightning_search.bundle.min.js

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d87f35e8c504414dae56ac13f6112605469f8401a9a606a3bb31824076ec2a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2588770
p3p: CP="CUR OTR STA"
x-xss-protection: 1; mode=block
last-modified: Wed, 2 Feb 2022 20:58:51 GMT
server: cloudflare
x-sfdc-request-id: 572d3a1e99d978fbc4843660b45a406c
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=3888000,immutable
cf-ray: 8447d8b91b6718e4-FRA
expires: Sat, 27 Jan 2024 20:29:57 GMT

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/e000ccd6-3734-4df4-8734-1c0c29bb14a2/5a1b1e3e-22e9-4461-94ce-63c0bd34b70f/ 161 KB
28 KB 32ms
32ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e000ccd6-3734-4df4-8734-1c0c29bb14a2/5a1b1e3e-22e9-4461-94ce-63c0bd34b70f/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeb95e17fe4ade87b9c7bbc6b9e927e38399da6f3a01aef1271e89ef5a783ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jan 2024 19:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 60347
content-md5: 9eIQEuT3NLjuoZdgAPB4aQ==
content-length: 28745
x-ms-lease-status: unlocked
last-modified: Wed, 19 Jul 2023 17:40:30 GMT
server: cloudflare
etag: 0x8DB887F3F376CAE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f2e64ef2-c01e-0042-3af1-1d8003000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8447d8b92d189b8f-FRA
expires: Sat, 13 Jan 2024 19:36:07 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202306.2.0/assets/ 13 KB
3 KB 23ms
22ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jan 2024 19:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ek243PRMNHsKoku4aKecoQ==
age: 49827
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jul 2023 02:45:37 GMT
server: cloudflare
etag: 0x8DB834B3CEFFCB0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2c046963-f01e-002b-1b55-0db94f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8447d8ba1e659b8f-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202306.2.0/assets/ 58 KB
14 KB 25ms
25ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.2.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f1287647957f8c30d010121604fe8b7961d7455f8580b24afbc4e0c2411eaa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jan 2024 19:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: SdeDzdDKidEVepCSDjqUSA==
age: 67503
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14392
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jul 2023 02:45:38 GMT
server: cloudflare
etag: 0x8DB834B3DEF202E
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5b07f4b0-301e-0024-52c1-12cf23000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8447d8ba1e689b8f-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202306.2.0/assets/ 21 KB
4 KB 24ms
24ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jan 2024 19:36:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 11453
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jul 2023 02:45:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 79c63218-001e-0010-7fff-21fceb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8447d8ba1e699b8f-FRA

GET
H2 200 ivanti-logo-header-black-red-accent_(1).png
cdn.cookielaw.org/logos/5fecd171-297d-4388-9f38-3a4fa08ab47b/ce8dac11-7019-4908-bfcf-99d3e61484a6/ 3 KB
3 KB 38ms
37ms Image
application/octet-stream 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/5fecd171-297d-4388-9f38-3a4fa08ab47b/ce8dac11-7019-4908-bfcf-99d3e61484a6/ivanti-logo-header-black-red-accent_(1).png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a5e783a6c4ec9eda223a84798f058506db3df1d13f66cb9bbc1126626369da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jan 2024 19:36:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8xnLqt9riSg3YDPc+8POiQ==
age: 20148
content-length: 3024
x-ms-lease-status: unlocked
last-modified: Thu, 19 Dec 2019 23:45:15 GMT
server: cloudflare
etag: 0x8D784DD7F3999D3
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 710afa04-c01e-001f-2fb5-0c8a87000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8447d8ba6b16bc03-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 20ms
20ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jan 2024 19:36:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 45139
x-ms-lease-status: unlocked
last-modified: Thu, 11 Jan 2024 20:28:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 05121f5f-201e-0017-450b-459088000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8447d8ba6b19bc03-FRA

GET
H2 200 ivanti-logo-header-white.svg
static.ivanti.com/sites/marketing/media/images/logos/ 23 KB
6 KB 56ms
56ms Image
image/svg+xml 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ivanti.com/sites/marketing/media/images/logos/ivanti-logo-header-white.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f146ac15c94c1957f03e45471476f4fab6586fb9154fe4483ef155b282c4c067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Jan 2017 20:12:39 GMT
server: cloudflare
content-md5: 5br6JGrbO707yDzLgCoq4g==
age: 169044
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=43200
cf-ray: 8447d8c2788118e4-FRA
expires: Sat, 13 Jan 2024 07:36:09 GMT

GET
H2 200 aspbest-2020.svg
static.ivanti.com/sites/community/media/images/ 32 KB
8 KB 26ms
25ms Image
image/svg+xml 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ivanti.com/sites/community/media/images/aspbest-2020.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9e1b671593a58beefbbbe60032e8c3e98f28459c540221a28e147e257036db4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Jan 2024 19:36:09 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: +yppPaR8QnvPjxy7PNtyDw==
age: 169044
x-ms-meta-createdby: 83e55ada-871e-4c1b-a370-84259193adc1
x-ms-meta-modifiedby: 83e55ada-871e-4c1b-a370-84259193adc1
x-ms-lease-status: unlocked
last-modified: Mon, 19 Oct 2020 17:18:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f9b9569a-d01e-0014-6003-2ed0fc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-Createdby,x-ms-meta-Modifiedby,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=43200
x-ms-version: 2009-09-19
cf-ray: 8447d8c2788218e4-FRA
expires: Sat, 13 Jan 2024 07:36:09 GMT

GET
H2 200 aura Show response
forums.ivanti.com/s/sfsites/ 327 KB
66 KB 334ms
334ms XHR
application/json 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%221d6884ce-4a9c-4cc9-8824-c932751bad0e%22%2C%22routeType%22%3A%22article%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22params%22%3A%7B%22language%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_medium%22%3A%22%22%2C%22_hsmi%22%3A%22%22%2C%22_hsenc%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22utm_source%22%3A%22%22%2C%22viewid%22%3A%22deb5550b-e249-4f7c-9b6a-42a2ddd954f2%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22urlName%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%2C%22recordId%22%3A%22%22%7D%2C%22hasAttrVaringCmps%22%3Afalse%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%2C%22priority%22%3A%220%22%7D%2C%22publishedChangelistNum%22%3A1095%2C%22brandingSetId%22%3A%2227b5c007-5227-4754-877a-86c155ed7067%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%22YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22xUUH_isHmNQqCOJ9yNTV7A%22%7D%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwMDBlbl9VUw%22%2C%22uad%22%3Afalse%7D&aura.isAction=true

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3884b929667187a03ba3ed5ecfc30306c0eb8058ddb4cc4f30a9a7fccaca002

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
X-SFDC-Page-Cache: db8f140123dbe734
accept-language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: a5bd1cd5-73b0-4f82-ac97-a005c7e058de
X-SFDC-Request-Id: 4343000000c0b1abe0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 11 Jan 2024 19:36:09 GMT
server: cloudflare
x-sfdc-request-id: 4343000000c0b1abe0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=1800
cf-ray: 8447d8c2788718e4-FRA
expires: Thu, 12 Jan 2023 19:36:09 GMT

GET
H2 200 SurveyGizmo Show response
forums.ivanti.com/resource/1573031673000/ 314 B
416 B 770ms
770ms XHR
text/javascript 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/resource/1573031673000/SurveyGizmo

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d43181d1839def67e4e3ea7409ad7756676b511ce70b6b1706155485c024a661

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
p3p: CP="CUR OTR STA"
x-xss-protection: 1; mode=block
last-modified: Wed, 6 Nov 2019 09:14:33 GMT
server: cloudflare
x-sfdc-request-id: b3141b5de7a6371f02f7e4edfd940f2c
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3888000,immutable
cf-ray: 8447d8c57cf118e4-FRA
expires: Mon, 26 Feb 2024 19:36:10 GMT

POST
H2 200 aura Show response
forums.ivanti.com/s/sfsites/ 261 KB
11 KB 664ms
664ms XHR
application/json 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/sfsites/aura?r=3&other.Community_KnowledgeArticle.getArticleByID=1&ui-comm-runtime-components-aura-components-siteforce-qb.Quarterback.validateRoute=1&ui-communities-components-aura-components-forceCommunity-richText.RichText.getParsedRichTextValue=2&ui-communities-components-aura-components-forceCommunity-seoAssistant.SeoAssistant.getRecordAndTranslationData=1

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9957ad1fadf806e1aef0745ceeb2d5fadbc5b9f2a39013fb7da59476a981ed1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
X-SFDC-Page-Cache: db8f140123dbe734
accept-language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: a5bd1cd5-73b0-4f82-ac97-a005c7e058de
X-SFDC-Request-Id: 4856900000887ba30c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 19:36:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server-timing: Total;dur=478
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 12 Jan 2023 19:36:09 GMT
server: cloudflare
x-sfdc-request-id: 4856900000887ba30c
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin: *
cf-ray: 8447d8c5ad3318e4-FRA
expires: Thu, 12 Jan 2023 19:36:09 GMT

POST
H2 200 aura Show response
forums.ivanti.com/s/sfsites/ 1 KB
1 KB 209ms
209ms XHR
application/json 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/sfsites/aura?r=4&aura.ApexAction.execute=1

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

188e07a41562e4d37db1c81205679293c2a2f4c478163ddc3352ffc50da1b199

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-SFDC-LDS-Endpoints: ApexActionController.execute:acFollowArticleCtrl.isFollowingEnabled
accept-language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: a5bd1cd5-73b0-4f82-ac97-a005c7e058de
X-SFDC-Request-Id: 4879090000b95ab1f8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
X-SFDC-Page-Cache: db8f140123dbe734

Response headers

date: Fri, 12 Jan 2024 19:36:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server-timing: Total;dur=19
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 12 Jan 2023 19:36:10 GMT
server: cloudflare
x-sfdc-request-id: 4879090000b95ab1f8
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin: *
cf-ray: 8447d8c5dd8318e4-FRA
expires: Thu, 12 Jan 2023 19:36:10 GMT

POST
H2 200 aura Show response
forums.ivanti.com/s/sfsites/ 88 KB
9 KB 1030ms
1030ms XHR
application/json 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/sfsites/aura?r=5&ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

240d6fa00ba8baff346f7dcf99ac352ff7351ef6cfc92b8eabab8d82b75ad0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
X-SFDC-Page-Cache: db8f140123dbe734
accept-language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: a5bd1cd5-73b0-4f82-ac97-a005c7e058de
X-SFDC-Request-Id: 489680000023fe4b47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 19:36:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server-timing: Total;dur=289
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 12 Jan 2023 19:36:10 GMT
server: cloudflare
x-sfdc-request-id: 489680000023fe4b47
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin: *
cf-ray: 8447d8c5edab18e4-FRA
expires: Thu, 12 Jan 2023 19:36:10 GMT

GET
H/1.1 200
OK intercept.js Show response
d2bnxibecyz4h5.cloudfront.net/runtimejs/intercept/ 26 KB
9 KB 62ms
15ms XHR
text/javascript 18.239.38.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2bnxibecyz4h5.cloudfront.net/runtimejs/intercept/intercept.js
Requested by: Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.38.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-38-188.ams58.r.cloudfront.net
Software: Apache /
Resource Hash: f05ada2928f690d01595952400326e6d20ef0e7a0018f1b3774ccc67fd8a02c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 19:20:02 GMT
Content-Encoding: gzip
Via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront), 1.1 04ddc2ad740f178bb6e0e07dc16f9744.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1, AMS58-P2
Age: 968
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8396
Pragma: cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
X-Amz-Cf-Id: 8DAXePR1w4csnMvKgBzIn_O_UOlFM8e-vCp4NRJYYSYkHAFjyip0cA==
Expires: Fri, 12 Jan 2024 19:50:02 GMT

GET
H2 200 Articles_I_Follow_button_purple6
forums.ivanti.com/file-asset/ 1022 B
1 KB 824ms
823ms Image
image/png 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forums.ivanti.com/file-asset/Articles_I_Follow_button_purple6?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f7690d4d9eae04b2f5b84a652406287c6e82f15ce2ee3923bbfcf355af64c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:36:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="CUR OTR STA"
content-disposition: attachment; filename="Articles_I_Follow_button_purple6.png"; filename*=utf-8''Articles_I_Follow_button_purple6.png
content-length: 1022
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Mar 2021 14:14:16 GMT
server: cloudflare
x-sfdc-request-id: 4ebb79d09fdf717cb470b32e08b9e4e0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=3888000
cf-ray: 8447d8cacbe518e4-FRA
expires: Mon, 26 Feb 2024 19:36:11 GMT

POST
H2 200 aura Show response
forums.ivanti.com/s/sfsites/ 2 KB
1 KB 537ms
529ms XHR
application/json 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/sfsites/aura?r=6&ui-instrumentation-components-beacon.InstrumentationBeacon.sendData=1

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c97379981b165f82891d25cdfb67f79a763958af36d7728b923ccc04f9597186

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
X-SFDC-Page-Cache: db8f140123dbe734
accept-language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: a5bd1cd5-73b0-4f82-ac97-a005c7e058de
X-SFDC-Request-Id: 599930000057eb1873
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 19:36:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server-timing: Total;dur=206
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 12 Jan 2023 19:36:11 GMT
server: cloudflare
x-sfdc-request-id: 599930000057eb1873
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin: *
cf-ray: 8447d8ccde8318e4-FRA
expires: Thu, 12 Jan 2023 19:36:11 GMT

POST
H2 200 aura Show response
forums.ivanti.com/s/sfsites/ 1 KB
949 B 189ms
184ms XHR
application/json 2606:4700::6811:8a6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.ivanti.com/s/sfsites/aura?r=7&ui-comm-runtime-components-aura-components-siteforce-network-tracking.NetworkTracking.createLogRecord=1

Requested by

Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

801c9de94da765db930c679b0be98a2da5f0d3088efc422acb60fcf182629ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email
X-SFDC-Page-Cache: db8f140123dbe734
accept-language: de-DE,de;q=0.9
X-SFDC-Page-Scope-Id: a5bd1cd5-73b0-4f82-ac97-a005c7e058de
X-SFDC-Request-Id: 600219000089c19e90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 19:36:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server-timing: Total;dur=16
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 12 Jan 2023 19:36:11 GMT
server: cloudflare
x-sfdc-request-id: 600219000089c19e90
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin: *
cf-ray: 8447d8ccee9318e4-FRA
expires: Thu, 12 Jan 2023 19:36:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: forums.ivanti.com
URL: https://forums.ivanti.com/s/article/ics.css

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-16YM3FXQPL&cid=1008753232.1705088166&gtm=45je41a0v870999520z8865887299&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=119480311

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
forums.ivanti.com/s	1969-12-31 23:59:59	Name: renderCtx Value: %7B%22pageId%22%3A%2277d51b5b-5f15-488a-a9f7-2defc0f62862%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%2227b5c007-5227-4754-877a-86c155ed7067%22%2C%22audienceIds%22%3A%226Au1B000000Kylv%22%7D
.www.redlegg.com/	1970-01-20 17:38:09	Name: __cf_bm Value: Oh9zM3HWUn1qRQMiI25GXLwRGhXYM_h3iTYZc763I2I-1705088164-1-AdW0XxEWAWHvNDNUzdB51CnmemE7Qof2iEQg98P9REl87KO8Ps/5w/uhYrNi7GjirxrMDBZRPbuUvXqdYrdlPM4=
.www.redlegg.com/	1969-12-31 23:59:59	Name: __cfruid Value: 6754ce2a70fd9dac1ca9d40f8fb85e18a6365684-1705088164
forums.ivanti.com/	1970-01-21 02:23:44	Name: CookieConsentPolicy Value: 0:1
forums.ivanti.com/	1970-01-21 02:23:44	Name: LSKey-c$CookieConsentPolicy Value: 0:1
.ivanti.com/	1970-01-21 03:14:08	Name: _ga Value: GA1.1.1008753232.1705088166
.ivanti.com/	1970-01-21 03:14:08	Name: _ga_16YM3FXQPL Value: GS1.1.1705088166.1.0.1705088166.60.0.0
.ivanti.com/	1970-01-21 02:23:44	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Jan+12+2024+20%3A36%3A08+GMT%2B0100+(Central+European+Standard+Time)&version=202306.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=669c1267-73bb-44d6-bf77-1a37b979981c&interactionCount=0&landingPath=https%3A%2F%2Fforums.ivanti.com%2Fs%2Farticle%2FKB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways%3Flanguage%3Den_US%26utm_campaign%3DThreat%2520Intel%26utm_medium%3Demail%26_hsmi%3D289803908%26_hsenc%3Dp2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw%26utm_content%3D289803908%26utm_source%3Dhs_email&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0
forums.ivanti.com/	1970-01-21 02:23:44	Name: pctrk Value: ae23e344-1d04-4885-a24e-b64a7d930149

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-16YM3FXQPL&l=dataLayer&cx=c(Line 187) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-16YM3FXQPL&gtm=45je41a0v870999520z8865887299&_p=1705088165961&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1008753232.1705088166&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705088166&sct=1&seg=0&dl=https%3A%2F%2Fforums.ivanti.com%2Fs%2Farticle%2FKB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways%3Flanguage%3Den_US%26utm_campaign%3DThreat%2520Intel%26utm_medium%3Demail%26_hsmi%3D289803908%26_hsenc%3Dp2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw%26utm_content%3D289803908%26utm_source%3Dhs_email&dt=Ivanti%20Community&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1456' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.paypal.com https://www.sandbox.paypal.com https://ivanti.my.salesforce-scrt.com https://o11y.sfproxy-core2.sfdc-lywfpd.svc.sfdcfc.net/ui-telemetry https://static.ivanti.com https://cookieinfoscript.com https://globalplatform.cloud.coveo.com https://cloudplatform.coveo.com https://platform.cloud.coveo.com https://fonts.gstatic.com https://fonts.googleapis.com https://usageanalytics.coveo.com https://.sharefile.com https://ivanti.sf-api.com .springcm.com https://springcm.com https://.surveygizmo.com https://.coveo.com https://analytics.cloud.coveo.com https://jira.mobileiron.com https://selling.ivanti.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://use.fontawesome.com https://www.google.com https://www.google.co.uk https://ivanti.my.salesforce.com https://ivanti--coveov2.na131.visual.force.com https://www.ivanti.com https://d2bnxibecyz4h5.cloudfront.net https://surveygizmobeacon.s3.amazonaws.com https://analytics.google.com https://www.google.co.in https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com".
security	error	URL: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-16YM3FXQPL&cid=1008753232.1705088166&gtm=45je41a0v870999520z8865887299&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=119480311' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://ivanti.my.salesforce.com https://ivanti.file.force.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://payments.salesforce.com/icons/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/icons/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/icons/ https://www.sandbox.paypal.com https://www.paypal.com https://usa570.sfdc-lywfpd.salesforce.com/icons/ https://static.ivanti.com https://cookieinfoscript.com https://globalplatform.cloud.coveo.com https://cloudplatform.coveo.com https://platform.cloud.coveo.com https://fonts.gstatic.com https://fonts.googleapis.com https://usageanalytics.coveo.com https://.sharefile.com https://ivanti.sf-api.com .springcm.com https://springcm.com https://*.surveygizmo.com https://analytics.cloud.coveo.com https://ivanti--c.visualforce.com https://selling.ivanti.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://use.fontawesome.com https://www.google.com https://www.google.co.uk https://ivanti--coveov2.na131.visual.force.com https://www.ivanti.com https://d2bnxibecyz4h5.cloudfront.net https://surveygizmobeacon.s3.amazonaws.com https://analytics.google.com https://www.google.co.in https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com https://quote.ivanti.com https://success.ivanti.com".
security	error	URL: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US&utm_campaign=Threat%20Intel&utm_medium=email&_hsmi=289803908&_hsenc=p2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw&utm_content=289803908&utm_source=hs_email Message: Refused to apply style from 'https://forums.ivanti.com/s/article/ics.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-16YM3FXQPL&l=dataLayer&cx=c(Line 187) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-16YM3FXQPL&gtm=45je41a0v870999520&_p=1705088165961&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1008753232.1705088166&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705088166&sct=1&seg=0&dl=https%3A%2F%2Fforums.ivanti.com%2Fs%2Farticle%2FKB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways%3Flanguage%3Den_US%26utm_campaign%3DThreat%2520Intel%26utm_medium%3Demail%26_hsmi%3D289803908%26_hsenc%3Dp2ANqtz-8RS2bZkug5FVjt2aVekw0v--ElOH7SvoxLUXEc8Gc63tzzgE_Ftcy66TDNzFtwCuBYLENU3QUeZYEZmcISmO3ZiJCktw%26utm_content%3D289803908%26utm_source%3Dhs_email&dt=Ivanti%20Community&en=scroll&epn.percent_scrolled=90&_et=8&tfd=6464' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.paypal.com https://www.sandbox.paypal.com https://ivanti.my.salesforce-scrt.com https://o11y.sfproxy-core2.sfdc-lywfpd.svc.sfdcfc.net/ui-telemetry https://static.ivanti.com https://cookieinfoscript.com https://globalplatform.cloud.coveo.com https://cloudplatform.coveo.com https://platform.cloud.coveo.com https://fonts.gstatic.com https://fonts.googleapis.com https://usageanalytics.coveo.com https://.sharefile.com https://ivanti.sf-api.com .springcm.com https://springcm.com https://.surveygizmo.com https://.coveo.com https://analytics.cloud.coveo.com https://jira.mobileiron.com https://selling.ivanti.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://use.fontawesome.com https://www.google.com https://www.google.co.uk https://ivanti.my.salesforce.com https://ivanti--coveov2.na131.visual.force.com https://www.ivanti.com https://d2bnxibecyz4h5.cloudfront.net https://surveygizmobeacon.s3.amazonaws.com https://analytics.google.com https://www.google.co.in https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
d2bnxibecyz4h5.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forums.ivanti.com
geolocation.onetrust.com
static.ivanti.com
stats.g.doubleclick.net
use.fontawesome.com
www.google.de
www.googletagmanager.com
www.redlegg.com
forums.ivanti.com
www.google.de
18.239.38.188
2606:2c40::c73c:671f
2606:4700:4400::6812:2089
2606:4700::6811:896b
2606:4700::6811:8a6b
2606:4700::6812:82ec
2606:4700:e2::ac40:8c0d
2a00:1450:4001:810::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c07::9b
0ec50412f5f4a206aa4525377add48f460c5e596a4aecaabecd56f15737fa8f3
188e07a41562e4d37db1c81205679293c2a2f4c478163ddc3352ffc50da1b199
1a5e8c10b82bb69af01fd10e54cf1b7eff38ca06b1b886eb4573910a194a5b8e
1be241d4fd986e54b82505f7e42a94c822b16eb8b3889d258ba8a2f23f44c7f8
240d6fa00ba8baff346f7dcf99ac352ff7351ef6cfc92b8eabab8d82b75ad0e8
25a75d8733f6246dcaacc0fc35a90df6c10b4bb67ab46dccdf0e2ab1dadccabc
2f1287647957f8c30d010121604fe8b7961d7455f8580b24afbc4e0c2411eaa1
31e724557b214e9bbb1cb83d21730c03e14a3f702bf262b11d6ea5eb9256bff5
328480537ca70bfa82a3ba0c7c097c5921b6943bd25159700bcfb7464886652d
33a40b37a11181ee6eaee21063bd94e1f93b06e19618ee38e5c68e9d462febb9
3710e2ce073ec0eb39274decc63768b52091a27e35f5c28d6abb7a5fcef0b7fc
380d50cc899d0aadee0b196b7d5be1f1ee2000f08d9eee542aeefc492b86aadc
4ea2880bbb5055eb6493499d243a86911663924955d78ac35d672a5a0e9995ae
5f7690d4d9eae04b2f5b84a652406287c6e82f15ce2ee3923bbfcf355af64c1b
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
659fa57b7d8d633edc28ff35d44475c0b631f10de40866e95b2e599f4f0256a4
68d52e74e8171ddb2c94ca60a2596dc8a46407320449881fd09369dbc317624c
6d87f35e8c504414dae56ac13f6112605469f8401a9a606a3bb31824076ec2a8
7a5e783a6c4ec9eda223a84798f058506db3df1d13f66cb9bbc1126626369da8
801c9de94da765db930c679b0be98a2da5f0d3088efc422acb60fcf182629ec8
89636d20efba4dff4dc90d1a25eb81eca4dad47e4e68bf9efc9a64f694c60a2a
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
9957ad1fadf806e1aef0745ceeb2d5fadbc5b9f2a39013fb7da59476a981ed1f
9ac3632b77b0870a5a01987ed8fb27daba96bc2d6f55e9427776aca7e586f905
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a3884b929667187a03ba3ed5ecfc30306c0eb8058ddb4cc4f30a9a7fccaca002
a69eda6fa4c8fdb510b0d48b2630d7c46067afc35af0441cf8548b87f6770252
aeb95e17fe4ade87b9c7bbc6b9e927e38399da6f3a01aef1271e89ef5a783ac7
b11c0da88149acba80f9738ad613c996f42ff01673668ef56a4b99d6dca19ef6
b6ab3b89d8a2acbc4f9a43b68efd4b356fc2424d1356b6583322b572e34bb6d1
c182e921886bacbf741d7ab1b91c2c320477ed1804bb5a545787ec31a4cca9c5
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c711485ee938250c61cfcc88e0373d834a5f038d386b320ece3eddbb71e46e8d
c97379981b165f82891d25cdfb67f79a763958af36d7728b923ccc04f9597186
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d34d4bc4f039ab25aa7b00a2fc9acfae042610e1eb7cc2923c9137433ab163fa
d43181d1839def67e4e3ea7409ad7756676b511ce70b6b1706155485c024a661
d9e1b671593a58beefbbbe60032e8c3e98f28459c540221a28e147e257036db4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ef2a3661683d48dea932d24efd35996d573f003fa7cd78fea381129475addb6b
ef4a87acf73180abb62e071dd34cf9f267c05e489d7d593c7500f2005ac0f215
f05ada2928f690d01595952400326e6d20ef0e7a0018f1b3774ccc67fd8a02c5
f146ac15c94c1957f03e45471476f4fab6586fb9154fe4483ef155b282c4c067
f7b55142b9f694cf42b062f2099e436d5b7836e1fd3ca80f4982b4f70e9c67de
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

forums.ivanti.com Open in urlscan Pro 2606:4700::6811:8a6b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

96 %HTTPS

91 %IPv6

11 Domains

12 Subdomains

12 IPs

3 Countries

2944 kBTransfer

12917 kBSize

9 Cookies

13 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

forums.ivanti.com Open in urlscan Pro
2606:4700::6811:8a6b Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

96 %
HTTPS

91 %
IPv6

11
Domains

12
Subdomains

12
IPs

3
Countries

2944 kB
Transfer

12917 kB
Size

9
Cookies

51 HTTP transactions
0 data transactions