urlscan.io logo urlscan.io
SecurityTrails logo

forums.ivanti.com Open in urlscan Pro
85.222.140.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j
Effective URL: https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
Submission: On August 16 via api from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 46 HTTP transactions. The main IP is 85.222.140.11, located in United States and belongs to SALESFORCE, US. The main domain is forums.ivanti.com. The Cisco Umbrella rank of the primary domain is 272873.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on July 22nd 2022. Valid for: a year.
This is the only time forums.ivanti.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

29    85.222.140.11 (United States)

ASN14340 (SALESFORCE, US)
PTR: sledge3-fra.slb.sfdcsvc.net
forums.ivanti.com
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
3    2606:4700::6811:8a6b (United States)

ASN13335 (CLOUDFLARENET, US)
static.ivanti.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.222.206.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-123.fra56.r.cloudfront.net
d2bnxibecyz4h5.cloudfront.net
2    52.216.165.19 (None, )

ASN- ()
surveygizmobeacon.s3.amazonaws.com
Apex Domain
Subdomains		 Transfer
32 ivanti.com
forums.ivanti.com — Cisco Umbrella Rank: 272873
static.ivanti.com — Cisco Umbrella Rank: 223013
2 MB
2 amazonaws.com
surveygizmobeacon.s3.amazonaws.com
3 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
116 KB
1 cloudfront.net
d2bnxibecyz4h5.cloudfront.net
9 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
917 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
443 B
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 951
12 KB
0 google.de Failed
www.google.de Failed
46 11
Domain Requested by
29 forums.ivanti.com 1 redirects forums.ivanti.com
client
3 static.ivanti.com client
2 surveygizmobeacon.s3.amazonaws.com forums.ivanti.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com forums.ivanti.com
www.googletagmanager.com
1 d2bnxibecyz4h5.cloudfront.net forums.ivanti.com
1 fonts.googleapis.com forums.ivanti.com
1 www.google.com forums.ivanti.com
1 stats.g.doubleclick.net www.google-analytics.com
1 use.fontawesome.com forums.ivanti.com
0 www.google.de Failed forums.ivanti.com
46 12
Subject Issuer Validity Valid
forums.ivanti.com
Sectigo RSA Organization Validation Secure Server CA		 2022-07-22 -
2023-07-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
*.ivanti.com
Sectigo RSA Organization Validation Secure Server CA		 2022-03-23 -
2023-03-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
Frame ID: AE8D6392E67E7A76243784A61CF85531
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Security Bulletin:CVE-2021-44228: MobileIron Remote code injection in Log4jSearchLoading

Page URL History Show full URLs

  1. https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j HTTP 301
    https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?la... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

96 %
HTTPS

73 %
IPv6

11
Domains

12
Subdomains

12
IPs

4
Countries

2723 kB
Transfer

10839 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j HTTP 301
    https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j
forums.ivanti.com/s/article/
Redirect Chain
  • https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j
  • https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
416 KB
81 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
f979bc37846715155b2272953e0c225a62a3bde3d620e7bda7a3232fd45005e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Tue, 16 Aug 2022 10:38:21 GMT
Expires
Mon, 16 Aug 2021 10:38:20 GMT
Last-Modified
Mon, 16 Aug 2021 10:38:20 GMT
Link
</s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.11.8-238.4-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22NE0lrgbocOO6eTkkcOfMqg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22533941497%22%7D/app.js?2=>;rel=preload;as=script;nopush
Referrer-Policy
origin-when-cross-origin
Server
sfdcedge
Server-Timing
Total;dur=384
Strict-Transport-Security
max-age=63072000; includeSubDomains
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Vary
Origin Accept-Encoding
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
47e72fa5191d66b1f7e0a902dcbadd5e
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Connection
keep-alive
Content-Security-Policy
upgrade-insecure-requests
Date
Tue, 16 Aug 2022 10:38:20 GMT
Location
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
Referrer-Policy
origin-when-cross-origin
Server
sfdcedge
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-SFDC-Request-Id
146c90d7fe8f9bb1a0b86fc75c7c5c12
X-XSS-Protection
1; mode=block
aura_prod.js
forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/ 		776 KB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
dd19cc116e088bb0f61d374db27439e44c76883858ec8c04d9721e3b98117748
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Server-Timing
Total;dur=31
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 15 Aug 2022 04:57:19 GMT
Server
sfdcedge
X-SFDC-Request-Id
b4bda1d54a8713cf28fe8c356815238c
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server-Timing
Cache-Control
max-age=31536000,public,immutable
Timing-Allow-Origin
*
app.js
forums.ivanti.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.11.8-238.4-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A... 		2 MB
471 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.11.8-238.4-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22NE0lrgbocOO6eTkkcOfMqg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22533941497%22%7D/app.js?2=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
77b89aef66611695c3d58d32330647438b4a9427b9a61f52dce045b97df68627
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:21 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 15 Aug 2022 04:35:01 GMT
Server
sfdcedge
X-SFDC-Request-Id
acd246afda5cd23ca3a18f4726b6204f
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000,public,immutable
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		117 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5B3493D
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e701fad0c4dfaa2eef7ad02eea3b8e037f963cb0b5562b13a77f8885001a4183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:38:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45385
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Aug 2022 10:38:21 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer
https://forums.ivanti.com/
Origin
https://forums.ivanti.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:38:21 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17551967
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
5P70MT53C0Y3S02R
x-amz-id-2
Yav1CzeD5awH6vXCE5nDJnAXGBrvKZvzLzvu17xFoJAFLpRrr7jo0OOWINOG27SMia7tEou7Wxg=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRMKhb0xDm0y2ud4bd4K40fSYC0084tNmv5phMsqlpGaEgkN74RGZhWAFADdGQwt%2BwfNJYwA1ObjQ%2FHanb17VpNKbQsu81qLxAEPP0sEwGTM8Bf7ZouUmiQb0rsutjIbtPcwKN7mEP4kVr8CjYOAFvoM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
73b98a381e7d9153-FRA
CustomArticleStyle
forums.ivanti.com/s/sfsites/c/resource/1552560128000/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/sfsites/c/resource/1552560128000/CustomArticleStyle
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
ef2a3661683d48dea932d24efd35996d573f003fa7cd78fea381129475addb6b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
CP="CUR OTR STA"
Connection
keep-alive
Content-Length
4014
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 14 Mar 2019 10:42:08 GMT
Server
sfdcedge
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
b02224a017daab7020c63a49af704a46
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Cache-Control
public,max-age=3888000,immutable
Expires
Fri, 30 Sep 2022 05:02:02 GMT
font_mfizz_241
forums.ivanti.com/s/sfsites/c/resource/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/sfsites/c/resource/font_mfizz_241
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
25a75d8733f6246dcaacc0fc35a90df6c10b4bb67ab46dccdf0e2ab1dadccabc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
CP="CUR OTR STA"
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
2128
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 30 Jan 2019 08:54:07 GMT
Server
sfdcedge
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
01c03ae23df05e17c5b3932924225244
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Cache-Control
public,max-age=3888000
Expires
Fri, 30 Sep 2022 04:32:15 GMT
fonts.css
forums.ivanti.com/s/sfsites/runtimedownload/ 		336 KB
242 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/sfsites/runtimedownload/fonts.css?lastMod=1623787200000&brandSet=27b5c007-5227-4754-877a-86c155ed7067
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
856693923253cc1826d19ceee77bc1b269722cc40dd53fac8b0273c01bc8a657
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:21 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 15 Jun 2021 20:00:00 GMT
Server
sfdcedge
X-SFDC-Request-Id
552c75a64b0dfd9a91d22b015e8fd239
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
public,max-age=31536000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Wed, 16 Aug 2023 05:28:38 GMT
ics.css
forums.ivanti.com/s/article/ 		0
0
ics.css
static.ivanti.com/sites/partner/media/images/css/ 		177 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ivanti.com/sites/partner/media/images/css/ics.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac3632b77b0870a5a01987ed8fb27daba96bc2d6f55e9427776aca7e586f905

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 16 Aug 2022 10:38:21 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
tv46ctUlyiek18oquCzsfw==
age
62731
cf-bgj
minify
cf-polished
origSize=239510
x-ms-meta-createdby
ede0f02e-b25f-40c0-8a48-7c8db67872fe
x-ms-meta-modifiedby
ede0f02e-b25f-40c0-8a48-7c8db67872fe
x-ms-lease-status
unlocked
last-modified
Tue, 28 Apr 2020 19:11:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
cbdc2913-401e-0077-72bf-2c96d9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-createdby,x-ms-meta-modifiedby,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=43200
x-ms-version
2009-09-19
cf-ray
73b98a382df4912e-FRA
expires
Tue, 16 Aug 2022 22:38:21 GMT
resources.js
forums.ivanti.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22QPQi8lbYE8YujG6og6Dqgw%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%... 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22QPQi8lbYE8YujG6og6Dqgw%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22NE0lrgbocOO6eTkkcOfMqg%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22Za3uop7mAzhBn4g2YKdPOw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22533941497%22%7D/resources.js?pv=1660413158000-980422046&rv=1660598660000
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
4f4afb94a23b51d25c45f92cabf3dd88240ea21d99a060bce2216ac7ede0587e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:22 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 15 Aug 2022 10:38:21 GMT
Server
sfdcedge
X-SFDC-Request-Id
6a8de6095fa7f429f008af9fb4556758
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000,private,immutable
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
bootstrap.js
forums.ivanti.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22QPQi8lbYE8YujG6og6Dqgw%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%... 		837 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22QPQi8lbYE8YujG6og6Dqgw%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22NE0lrgbocOO6eTkkcOfMqg%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22Za3uop7mAzhBn4g2YKdPOw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22533941497%22%7D/bootstrap.js?aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%2227b5c007-5227-4754-877a-86c155ed7067%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%2277d51b5b-5f15-488a-a9f7-2defc0f62862%22%2C%22publishedChangelistNum%22%3A%22951%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22viewType%22%3A%22Published%22%7D
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
7d7545d63046f491ae1df2e3ea2f1f8bcc12f339d7ac6b0febdb89b24d3d8c27
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:21 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 15 Aug 2022 10:35:10 GMT
Server
sfdcedge
X-SFDC-Request-Id
2c274287277332639f8726034186d33c
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=900,public
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		199 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-16YM3FXQPL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B3493D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e98471a7728f91a92ea5806341c0e615a91b06688adb49cbe2e0afd7e195c639
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:38:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72424
x-xss-protection
0
expires
Tue, 16 Aug 2022 10:38:21 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B3493D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5781
date
Tue, 16 Aug 2022 09:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 16 Aug 2022 11:02:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1316484128&t=pageview&_s=1&dl=https%3A%2F%2Fforums.ivanti.com%2Fs%2Farticle%2FSecurity-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j%3Flanguage%3Den_US&ul=en-us&de=UTF-8&dt=Ivanti%20Community&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=600888999&gjid=1066493253&cid=1533590132.1660646302&tid=UA-88957721-3&_gid=818377962.1660646302&_r=1&gtm=2wg8f05B3493D&z=881869651
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forums.ivanti.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:38:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forums.ivanti.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-88957721-3&cid=1533590132.1660646302&jid=600888999&gjid=1066493253&_gid=818377962.1660646302&_u=YADAAEAAAAAAAC~&z=1751541223
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://forums.ivanti.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 16 Aug 2022 10:38:21 GMT
content-type
text/plain
access-control-allow-origin
https://forums.ivanti.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-88957721-3&cid=1533590132.1660646302&jid=600888999&_u=YADAAEAAAAAAAC~&z=1059378641
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:38:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
app.css
forums.ivanti.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22NE0lrgbocO... 		979 KB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22NE0lrgbocOO6eTkkcOfMqg%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityFormFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AsldsFontOverride%22%5D%2C%22tuid%22%3A%22pUjbS88o4m3OxFBL5Q9Mgw%22%2C%22cuid%22%3A2116016203%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css?2=&aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%2227b5c007-5227-4754-877a-86c155ed7067%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%2277d51b5b-5f15-488a-a9f7-2defc0f62862%22%2C%22publishedChangelistNum%22%3A%22951%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22viewType%22%3A%22Published%22%7D
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
6fd2b58a8b860bec7b65abc3df4375791177646246496399c6346627a546268d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:21 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 15 Aug 2022 04:00:12 GMT
Server
sfdcedge
X-SFDC-Request-Id
cbea2c6440f507b2e6af7df370720890
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000,public,immutable
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
CoveoFullSearch.css
forums.ivanti.com/resource/1643835534000/CoveoV2__searchUi/css/ 		502 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/resource/1643835534000/CoveoV2__searchUi/css/CoveoFullSearch.css
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
d34d4bc4f039ab25aa7b00a2fc9acfae042610e1eb7cc2923c9137433ab163fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="CUR OTR STA"
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 2 Feb 2022 20:58:54 GMT
Server
sfdcedge
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
6280fef4f11c1e5cc4eb9845b974f7c0
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Cache-Control
public,max-age=3888000,immutable
Expires
Fri, 30 Sep 2022 05:03:11 GMT
search.style.css
forums.ivanti.com/resource/1643835531000/CoveoV2__assets/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/resource/1643835531000/CoveoV2__assets/css/search.style.css
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
b11c0da88149acba80f9738ad613c996f42ff01673668ef56a4b99d6dca19ef6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
CP="CUR OTR STA"
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3548
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 2 Feb 2022 20:58:51 GMT
Server
sfdcedge
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
0c1a33f100c1a623b56f373ca81ede10
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Cache-Control
public,max-age=3888000,immutable
Expires
Fri, 30 Sep 2022 03:38:13 GMT
jquery.min.js
forums.ivanti.com/resource/1643835531000/CoveoV2__jquery/ 		87 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/resource/1643835531000/CoveoV2__jquery/jquery.min.js
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
CP="CUR OTR STA"
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
30950
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 2 Feb 2022 20:58:51 GMT
Server
sfdcedge
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
462b5a51b1363e1728fd5a626dca6eef
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=3888000,immutable
Expires
Fri, 30 Sep 2022 04:59:10 GMT
aura
forums.ivanti.com/s/sfsites/ 		930 KB
238 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/sfsites/aura?r=0&aura.Component.getComponentDef=1
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
58657b1243df0937066efe33dbfc31244d1d6040ad13ae987c71f891ff095b0e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
X-SFDC-Page-Cache
3d065b1003502852
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
e3593ef4-84b3-421e-bf54-4e1fd619f90c
X-SFDC-Request-Id
2290500000289cd520
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 16 Aug 2022 10:38:22 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 16 Aug 2021 10:38:22 GMT
Server
sfdcedge
X-SFDC-Request-Id
2290500000289cd520
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Origin, Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Mon, 16 Aug 2021 10:38:22 GMT
Communityheaderbnr_v2
forums.ivanti.com/s/sfsites/c/file-asset/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forums.ivanti.com/s/sfsites/c/file-asset/Communityheaderbnr_v2?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
bc742e111219affcf4bc73baac357d456bea723327761782438fb1b7d0f8450e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:22 GMT
X-Content-Type-Options
nosniff
P3P
CP="CUR OTR STA"
Content-Disposition
attachment; filename="Communityheaderbnr_v2.png"; filename*=utf-8''Communityheaderbnr_v2.png
Connection
keep-alive
Content-Length
6050
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 16 Mar 2021 16:15:51 GMT
Server
sfdcedge
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
cb306e06805269ef5c7b5a3cd81b6459
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=3888000
Expires
Fri, 30 Sep 2022 05:08:48 GMT
Ivanti_Communitywhtstack
forums.ivanti.com/file-asset/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forums.ivanti.com/file-asset/Ivanti_Communitywhtstack?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
accbb6129495dc80b7b0f128018b7aa2c1993bd9b0aabec8d79db679794fd118
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:22 GMT
X-Content-Type-Options
nosniff
P3P
CP="CUR OTR STA"
Content-Disposition
attachment; filename="Ivanti_Communitywhtstack.png"; filename*=utf-8''Ivanti_Communitywhtstack.png
Connection
keep-alive
Content-Length
8410
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 29 May 2019 14:17:24 GMT
Server
sfdcedge
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
93d63822249bc7c8e6d06fc43131e5e6
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=3888000
Expires
Fri, 30 Sep 2022 04:00:13 GMT
truncated
/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
718b98352fcff4165da6f7df4efb9231c835d9fe5ffb7c38744993adb282c145

Request headers

Referer
https://forums.ivanti.com/
Origin
https://forums.ivanti.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
336e47855a2634b17ab1e87428f96b51e21a434dca8c8327b47dc0fd2e0d3b51

Request headers

Referer
https://forums.ivanti.com/
Origin
https://forums.ivanti.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
application/x-font-woff
SiteFeedback_Image
forums.ivanti.com/resource/1539780431000/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forums.ivanti.com/resource/1539780431000/SiteFeedback_Image
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
95f3719970bea273b73408a2de0b0534c26de0192d1b44e38a7984354f4c9ed5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 17 Oct 2018 12:47:11 GMT
Server
sfdcedge
X-SFDC-Request-Id
d8ac637e78a29736950e6b46d5164c92
X-FRAME-OPTIONS
SAMEORIGIN
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/png
Content-Length
8012
X-XSS-Protection
1; mode=block
Expires
Fri, 30 Sep 2022 05:12:15 GMT
css
fonts.googleapis.com/ 		2 KB
917 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/resource/1643835534000/CoveoV2__searchUi/css/CoveoFullSearch.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 08:57:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 16 Aug 2022 10:38:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Aug 2022 10:38:22 GMT
CoveoJsSearch.min.js
forums.ivanti.com/resource/1643835534000/CoveoV2__searchUi/js/ 		2 MB
508 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/resource/1643835534000/CoveoV2__searchUi/js/CoveoJsSearch.min.js
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
89636d20efba4dff4dc90d1a25eb81eca4dad47e4e68bf9efc9a64f694c60a2a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="CUR OTR STA"
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 2 Feb 2022 20:58:54 GMT
Server
sfdcedge
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
cdef51d83a2a699ff3b84ed8c5a842bb
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=3888000,immutable
Expires
Fri, 30 Sep 2022 04:22:57 GMT
aura
forums.ivanti.com/s/sfsites/ 		129 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/sfsites/aura?r=1&CoveoV2.ContentHandler.getLoader=1&aura.Component.getComponent=1&other.CustomSearch.getToken=1&ui-comm-runtime-components-aura-components-siteforce-recordservicecomponent.RecordServiceComponent.getArticleVersionId=1&ui-communities-components-aura-components-forceCommunity-navigationMenu.NavigationMenuDataProvider.getNavigationMenu=1&ui-communities-components-aura-components-forceCommunity-richText.RichText.getParsedRichTextValue=1&ui-communities-components-aura-components-forceCommunity-themeHeader.ThemeHeader.getHeaderConfig=1&ui-force-components-controllers-hostConfig.HostConfig.getConfigData=1&ui-self-service-components-profileMenu.ProfileMenu.getProfileMenuResponse=1
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
ce995e49c462e67a9e744d76364b14630d4803aef7621805462ae98f24483948
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
X-SFDC-Page-Cache
3d065b1003502852
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
e3593ef4-84b3-421e-bf54-4e1fd619f90c
X-SFDC-Request-Id
23923000005c828403
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 16 Aug 2022 10:38:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Server-Timing
Total;dur=610
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 16 Aug 2021 10:38:22 GMT
Server
sfdcedge
X-SFDC-Request-Id
23923000005c828403
Vary
Origin, Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Timing-Allow-Origin
*
Expires
Mon, 16 Aug 2021 10:38:22 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://forums.ivanti.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:08:09 GMT
x-content-type-options
nosniff
age
581413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 17:08:09 GMT
templatesNew.js
forums.ivanti.com/resource/1643835534000/CoveoV2__searchUi/js/templates/ 		140 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/resource/1643835534000/CoveoV2__searchUi/js/templates/templatesNew.js
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
328480537ca70bfa82a3ba0c7c097c5921b6943bd25159700bcfb7464886652d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
CP="CUR OTR STA"
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
11348
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 2 Feb 2022 20:58:54 GMT
Server
sfdcedge
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
6bb1ba0367bd11f278d83d069f2ed5d1
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=3888000,immutable
Expires
Fri, 30 Sep 2022 04:22:58 GMT
lightning_search.bundle.min.js
forums.ivanti.com/resource/1643835531000/CoveoV2__assets/js/ 		182 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/resource/1643835531000/CoveoV2__assets/js/lightning_search.bundle.min.js
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
6d87f35e8c504414dae56ac13f6112605469f8401a9a606a3bb31824076ec2a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="CUR OTR STA"
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 2 Feb 2022 20:58:51 GMT
Server
sfdcedge
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
7e7a9d6a702e623568cbceb33c97a284
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=3888000,immutable
Expires
Fri, 30 Sep 2022 04:59:12 GMT
ivanti-logo-header-white.svg
static.ivanti.com/sites/marketing/media/images/logos/ 		23 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ivanti.com/sites/marketing/media/images/logos/ivanti-logo-header-white.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f146ac15c94c1957f03e45471476f4fab6586fb9154fe4483ef155b282c4c067

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:38:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Jan 2017 20:12:39 GMT
server
cloudflare
content-md5
5br6JGrbO707yDzLgCoq4g==
age
613811
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
73b98a469b93912e-FRA
expires
Tue, 16 Aug 2022 22:38:23 GMT
aspbest-2020.svg
static.ivanti.com/sites/community/media/images/ 		32 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ivanti.com/sites/community/media/images/aspbest-2020.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8a6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9e1b671593a58beefbbbe60032e8c3e98f28459c540221a28e147e257036db4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 16 Aug 2022 10:38:23 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
+yppPaR8QnvPjxy7PNtyDw==
age
61234
x-ms-meta-createdby
83e55ada-871e-4c1b-a370-84259193adc1
x-ms-meta-modifiedby
83e55ada-871e-4c1b-a370-84259193adc1
x-ms-lease-status
unlocked
last-modified
Mon, 19 Oct 2020 17:18:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0bd2a555-c01e-00ee-22bf-2c191b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-Createdby,x-ms-meta-Modifiedby,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=43200
x-ms-version
2009-09-19
cf-ray
73b98a469b96912e-FRA
expires
Tue, 16 Aug 2022 22:38:23 GMT
aura
forums.ivanti.com/s/sfsites/ 		179 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%221d6884ce-4a9c-4cc9-8824-c932751bad0e%22%2C%22routeType%22%3A%22article%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22params%22%3A%7B%22language%22%3A%22%22%2C%22viewid%22%3A%22deb5550b-e249-4f7c-9b6a-42a2ddd954f2%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22urlName%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%2C%22recordId%22%3A%22%22%7D%2C%22hasAttrVaringCmps%22%3Afalse%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%2C%22priority%22%3A%220%22%7D%2C%22publishedChangelistNum%22%3A951%2C%22brandingSetId%22%3A%2227b5c007-5227-4754-877a-86c155ed7067%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%22QPQi8lbYE8YujG6og6Dqgw%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22NE0lrgbocOO6eTkkcOfMqg%22%7D%2C%22apck%22%3A%22Za3uop7mAzhBn4g2YKdPOw%22%2C%22uad%22%3Afalse%7D&aura.isAction=true
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
7fc4f93b134813c4684b46d8ec2a5fc7859fbee8a3c30a48cc358bdc093fa22e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
X-SFDC-Page-Cache
3d065b1003502852
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
e3593ef4-84b3-421e-bf54-4e1fd619f90c
X-SFDC-Request-Id
34314000002463917a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 15 Aug 2022 10:38:23 GMT
Server
sfdcedge
X-SFDC-Request-Id
34314000002463917a
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800,public
Expires
Mon, 16 Aug 2021 10:38:23 GMT
SurveyGizmo
forums.ivanti.com/resource/1573031673000/ 		314 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/resource/1573031673000/SurveyGizmo
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
d43181d1839def67e4e3ea7409ad7756676b511ce70b6b1706155485c024a661
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
CP="CUR OTR STA"
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
251
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 6 Nov 2019 09:14:33 GMT
Server
sfdcedge
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
5ebe0ae4ab81185ac296f972334228d7
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/javascript
Cache-Control
public,max-age=3888000,immutable
Expires
Fri, 30 Sep 2022 04:35:10 GMT
aura
forums.ivanti.com/s/sfsites/ 		71 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/sfsites/aura?r=3&other.Community_KnowledgeArticle.getArticleByID=1&ui-comm-runtime-components-aura-components-siteforce-qb.Quarterback.validateRoute=1&ui-communities-components-aura-components-forceCommunity-richText.RichText.getParsedRichTextValue=1&ui-communities-components-aura-components-forceCommunity-seoAssistant.SeoAssistant.getRecordAndTranslationData=1
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
6397c89978997eb633809d21ce97cdb8f5dd3396a4c9481f41fcdaa4c4a29b64
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
X-SFDC-Page-Cache
3d065b1003502852
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
e3593ef4-84b3-421e-bf54-4e1fd619f90c
X-SFDC-Request-Id
37531000000f4808c0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 16 Aug 2022 10:38:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Server-Timing
Total;dur=273
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 16 Aug 2021 10:38:24 GMT
Server
sfdcedge
X-SFDC-Request-Id
37531000000f4808c0
Vary
Origin, Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Timing-Allow-Origin
*
Expires
Mon, 16 Aug 2021 10:38:24 GMT
truncated
/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bbb7317fda1bc0df9af9b0b9240867125bb720181d74d90e1e06d813a8c1eea

Request headers

Referer
https://forums.ivanti.com/
Origin
https://forums.ivanti.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
application/x-font-woff
intercept.js
d2bnxibecyz4h5.cloudfront.net/runtimejs/intercept/ 		26 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2bnxibecyz4h5.cloudfront.net/runtimejs/intercept/intercept.js
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-123.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
f05ada2928f690d01595952400326e6d20ef0e7a0018f1b3774ccc67fd8a02c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 09:43:52 GMT
Content-Encoding
gzip
Age
3264
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
8396
Pragma
cache
Access-Control-Allow-Origin
*
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront), 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
Cache-Control
max-age=1800
X-Amz-Cf-Pop
FRA2-C1, FRA56-P3
X-Amz-Cf-Id
zSPIeqNxvAoltGJFDouJGsF1644Tv2lxf3jwaec5XCiDBQNdw0zrgQ==
Expires
Tue, 16 Aug 2022 10:14:00 GMT
aura
forums.ivanti.com/s/sfsites/ 		25 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/sfsites/aura?r=4&ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
e84b86f2ba6c45f5027940ac5de607d2b851a87154d67a9e81d81e613d10c956
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
X-SFDC-Page-Cache
3d065b1003502852
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
e3593ef4-84b3-421e-bf54-4e1fd619f90c
X-SFDC-Request-Id
3845300000520c872a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 16 Aug 2022 10:38:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Server-Timing
Total;dur=106
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 16 Aug 2021 10:38:24 GMT
Server
sfdcedge
X-SFDC-Request-Id
3845300000520c872a
Vary
Origin, Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Timing-Allow-Origin
*
Expires
Mon, 16 Aug 2021 10:38:24 GMT
rtaImage
forums.ivanti.com/servlet/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forums.ivanti.com/servlet/rtaImage?eid=ka14O0000002v70&feoid=00N1B00000B8iq5&refid=0EM4O000002j0Ai
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
272801cadeafaf3b05e958b6275d1b869b44cfa2ac65c27a46bd3f618cc06bd0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 12 Mar 2022 14:35:05 GMT
Server
sfdcedge
X-SFDC-Request-Id
051bac83c1cdccb5f1dff2f3f46fd8be
X-FRAME-OPTIONS
SAMEORIGIN
Connection
keep-alive
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/jpeg
Content-Length
9536
X-XSS-Protection
1; mode=block
Expires
Fri, 30 Sep 2022 10:38:24 GMT
Articles_I_Follow_button_purple6
forums.ivanti.com/file-asset/ 		1022 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forums.ivanti.com/file-asset/Articles_I_Follow_button_purple6?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
5f7690d4d9eae04b2f5b84a652406287c6e82f15ce2ee3923bbfcf355af64c1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:24 GMT
X-Content-Type-Options
nosniff
P3P
CP="CUR OTR STA"
Content-Disposition
attachment; filename="Articles_I_Follow_button_purple6.png"; filename*=utf-8''Articles_I_Follow_button_purple6.png
Connection
keep-alive
Content-Length
1022
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 22 Mar 2021 14:14:16 GMT
Server
sfdcedge
X-FRAME-OPTIONS
SAMEORIGIN
X-SFDC-Request-Id
eb7d1ad592b0ddfb7772a4133a42a94b
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=3888000
Expires
Fri, 30 Sep 2022 04:00:16 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://forums.ivanti.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:08:09 GMT
x-content-type-options
nosniff
age
581415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 17:08:09 GMT
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7bf040554a97747ad38e592cf42546f448eab1f2f41faebcc5bc8411079324c

Request headers

Referer
https://forums.ivanti.com/
Origin
https://forums.ivanti.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
application/x-font-woff
aura
forums.ivanti.com/s/sfsites/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/sfsites/aura?r=5&ui-instrumentation-components-beacon.InstrumentationBeacon.sendData=1
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
f4eabf972253bedec14adb2d6597e7c124823f8f072ab6ca2eb43202ad123d82
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
X-SFDC-Page-Cache
3d065b1003502852
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
e3593ef4-84b3-421e-bf54-4e1fd619f90c
X-SFDC-Request-Id
4291200000196e82f9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 16 Aug 2022 10:38:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Server-Timing
Total;dur=353
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 16 Aug 2021 10:38:24 GMT
Server
sfdcedge
X-SFDC-Request-Id
4291200000196e82f9
Vary
Origin, Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Timing-Allow-Origin
*
Expires
Mon, 16 Aug 2021 10:38:24 GMT
aura
forums.ivanti.com/s/sfsites/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forums.ivanti.com/s/sfsites/aura?r=6&ui-comm-runtime-components-aura-components-siteforce-network-tracking.NetworkTracking.createLogRecord=1
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
3bc13348ed2f42cca129531a87cb8c8bba8c45d99ba168da4852c16da77dfb93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
X-SFDC-Page-Cache
3d065b1003502852
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
e3593ef4-84b3-421e-bf54-4e1fd619f90c
X-SFDC-Request-Id
4294500000fe6a31b2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 16 Aug 2022 10:38:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Server-Timing
Total;dur=18
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 16 Aug 2021 10:38:24 GMT
Server
sfdcedge
X-SFDC-Request-Id
4294500000fe6a31b2
Vary
Origin, Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Timing-Allow-Origin
*
Expires
Mon, 16 Aug 2021 10:38:24 GMT
NDQ2ODc1LTM1YzBmODZkMTFkYzAxODk5YTA0YmI0N2I2ODc4MDhlNjY0ZDIzM2I0N2Q2Mjg5ODQ0.json
surveygizmobeacon.s3.amazonaws.com/beaconconfigs/ 		558 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://surveygizmobeacon.s3.amazonaws.com/beaconconfigs/NDQ2ODc1LTM1YzBmODZkMTFkYzAxODk5YTA0YmI0N2I2ODc4MDhlNjY0ZDIzM2I0N2Q2Mjg5ODQ0.json
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.165.19 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
226eaed5434d62b66791774953c8361d69bfd2156c6b04e9c7990710a78699b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:29 GMT
x-amz-request-id
MHBVJY30A8HHDR8R
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
Content-Length
558
x-amz-id-2
p0W6EZqDmsSnfNeA8lxDUWknmgLFabTY07i/ZbmV2Xh0JDR4tQ8N2iMl5XxY7Ctj4uhzyv2g/TM=
Last-Modified
Thu, 20 Aug 2020 20:58:26 GMT
Server
AmazonS3
ETag
"d12a873041ec24060dc5f877436a6d72"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
x-amz-version-id
JnaHA5GTETtae350ASpiZJd5A3vBAtlK
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-forwarded-for
Accept-Ranges
bytes
Content-Type
application/json
NDQ2ODc1LTkyYzQwZGVhNTdjN2YyZGIwNjk2NTYyMjM0ODkyMTRiNDNhMDgzOWI4M2VmYjc0NjE5.json
surveygizmobeacon.s3.amazonaws.com/beaconconfigs/ 		666 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://surveygizmobeacon.s3.amazonaws.com/beaconconfigs/NDQ2ODc1LTkyYzQwZGVhNTdjN2YyZGIwNjk2NTYyMjM0ODkyMTRiNDNhMDgzOWI4M2VmYjc0NjE5.json
Requested by
Host: forums.ivanti.com
URL: https://forums.ivanti.com/s/sfsites/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.165.19 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbaefe90e0c71311311c80d9a2e93c08ab62773efd5a2446d1269c5526cb7762

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.ivanti.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:38:29 GMT
x-amz-request-id
MHBT0JY8APXJGZCE
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
Content-Length
666
x-amz-id-2
0zjVRRmAin0eoYD2fH8/gwpgAAnwJ+sXpWBLILsb6hImwrOUNjf2+y8dxLq8foV4srRe4aXndEo=
Last-Modified
Fri, 21 Aug 2020 13:07:10 GMT
Server
AmazonS3
ETag
"f34cbf4115b83f545d6563743e591a1b"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
x-amz-version-id
aWcySmPdpa7bNxm1GtXxLzwvMVp7KThh
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-forwarded-for
Accept-Ranges
bytes
Content-Type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
forums.ivanti.com
URL
https://forums.ivanti.com/s/article/ics.css
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-88957721-3&cid=1533590132.1660646302&jid=600888999&_u=YADAAEAAAAAAAC~&z=1059378641

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| picassoSPA string| comm__attrVariationKey number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify function| Router function| _moreThenOneCriteria function| _isOnlyValidTokens function| _isNoAmbiguousAndOr function| _checkAmbiguousNum function| _checkParentheses function| _filterValidation function| _validate

9 Cookies

Domain/Path Name / Value
.forums.ivanti.com/s Name: renderCtx
Value: %7B%22pageId%22%3A%2277d51b5b-5f15-488a-a9f7-2defc0f62862%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%2227b5c007-5227-4754-877a-86c155ed7067%22%2C%22audienceIds%22%3A%226Au1B000000Kylv%22%7D
forums.ivanti.com/ Name: CookieConsentPolicy
Value: 0:1
forums.ivanti.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
.ivanti.com/ Name: _ga_16YM3FXQPL
Value: GS1.1.1660646301.1.0.1660646301.0
.ivanti.com/ Name: _ga
Value: GA1.2.1533590132.1660646302
.ivanti.com/ Name: _gid
Value: GA1.2.818377962.1660646302
.ivanti.com/ Name: _gat_UA-88957721-3
Value: 1
forums.ivanti.com/ Name: sfdc-stream
Value: !75Vx8Ng+H4dNuqEAvjz5hV+hctJC8mpd9W4wS/stPH+drmbJlRXAE37WePcgEitN/49jmR66fgXwT8M=
forums.ivanti.com/ Name: pctrk
Value: c91757c6-fd25-41bb-ba73-942613f4d201

4 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtag/js?id=G-16YM3FXQPL&l=dataLayer&cx=c(Line 50)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-16YM3FXQPL&gtm=2oe8f0&_p=1316484128&cid=1533590132.1660646302&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660646301&sct=1&seg=0&dl=https%3A%2F%2Fforums.ivanti.com%2Fs%2Farticle%2FSecurity-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j%3Flanguage%3Den_US&dt=Ivanti%20Community&en=page_view&_fv=1&_nsi=1&_ss=1' because it violates the following Content Security Policy directive: "connect-src 'self' https://static.ivanti.com https://cookieinfoscript.com https://globalplatform.cloud.coveo.com https://cloudplatform.coveo.com https://platform.cloud.coveo.com https://fonts.gstatic.com https://fonts.googleapis.com https://usageanalytics.coveo.com https://*.sharefile.com https://ivanti.sf-api.com *.springcm.com https://springcm.com https://*.surveygizmo.com https://*.coveo.com https://analytics.cloud.coveo.com https://selling.ivanti.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://use.fontawesome.com https://www.google.com https://www.google.co.uk https://ivanti.my.salesforce.com https://ivanti--coveov2.na131.visual.force.com https://www.ivanti.com https://d2bnxibecyz4h5.cloudfront.net https://surveygizmobeacon.s3.amazonaws.com".
security error URL: https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-88957721-3&cid=1533590132.1660646302&jid=600888999&_u=YADAAEAAAAAAAC~&z=1059378641' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://ivanti.my.salesforce.com https://ivanti--c.na131.content.force.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://na131.salesforce.com/icons/ https://static.ivanti.com https://cookieinfoscript.com https://globalplatform.cloud.coveo.com https://cloudplatform.coveo.com https://platform.cloud.coveo.com https://fonts.gstatic.com https://fonts.googleapis.com https://usageanalytics.coveo.com https://*.sharefile.com https://ivanti.sf-api.com *.springcm.com https://springcm.com https://*.surveygizmo.com https://analytics.cloud.coveo.com https://selling.ivanti.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://use.fontawesome.com https://www.google.com https://www.google.co.uk https://ivanti--coveov2.na131.visual.force.com https://www.ivanti.com https://d2bnxibecyz4h5.cloudfront.net https://surveygizmobeacon.s3.amazonaws.com".
security error URL: https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
Message:
Refused to apply style from 'https://forums.ivanti.com/s/article/ics.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-16YM3FXQPL&l=dataLayer&cx=c(Line 50)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-16YM3FXQPL&gtm=2oe8f0&_p=1316484128&cid=1533590132.1660646302&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1660646301&sct=1&seg=0&dl=https%3A%2F%2Fforums.ivanti.com%2Fs%2Farticle%2FSecurity-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j%3Flanguage%3Den_US&dt=Ivanti%20Community&en=scroll&epn.percent_scrolled=90&_et=20' because it violates the following Content Security Policy directive: "connect-src 'self' https://static.ivanti.com https://cookieinfoscript.com https://globalplatform.cloud.coveo.com https://cloudplatform.coveo.com https://platform.cloud.coveo.com https://fonts.gstatic.com https://fonts.googleapis.com https://usageanalytics.coveo.com https://*.sharefile.com https://ivanti.sf-api.com *.springcm.com https://springcm.com https://*.surveygizmo.com https://*.coveo.com https://analytics.cloud.coveo.com https://selling.ivanti.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://use.fontawesome.com https://www.google.com https://www.google.co.uk https://ivanti.my.salesforce.com https://ivanti--coveov2.na131.visual.force.com https://www.ivanti.com https://d2bnxibecyz4h5.cloudfront.net https://surveygizmobeacon.s3.amazonaws.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2bnxibecyz4h5.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forums.ivanti.com
static.ivanti.com
stats.g.doubleclick.net
surveygizmobeacon.s3.amazonaws.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
forums.ivanti.com
www.google.de
2606:4700:3032::ac43:a9f7
2606:4700::6811:8a6b
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:829::2008
2a00:1450:400c:c0c::9b
2a00:1450:400e:800::200a
52.216.165.19
52.222.206.123
85.222.140.11
226eaed5434d62b66791774953c8361d69bfd2156c6b04e9c7990710a78699b2
25a75d8733f6246dcaacc0fc35a90df6c10b4bb67ab46dccdf0e2ab1dadccabc
272801cadeafaf3b05e958b6275d1b869b44cfa2ac65c27a46bd3f618cc06bd0
328480537ca70bfa82a3ba0c7c097c5921b6943bd25159700bcfb7464886652d
336e47855a2634b17ab1e87428f96b51e21a434dca8c8327b47dc0fd2e0d3b51
3bc13348ed2f42cca129531a87cb8c8bba8c45d99ba168da4852c16da77dfb93
4f4afb94a23b51d25c45f92cabf3dd88240ea21d99a060bce2216ac7ede0587e
58657b1243df0937066efe33dbfc31244d1d6040ad13ae987c71f891ff095b0e
5f7690d4d9eae04b2f5b84a652406287c6e82f15ce2ee3923bbfcf355af64c1b
6397c89978997eb633809d21ce97cdb8f5dd3396a4c9481f41fcdaa4c4a29b64
6d87f35e8c504414dae56ac13f6112605469f8401a9a606a3bb31824076ec2a8
6fd2b58a8b860bec7b65abc3df4375791177646246496399c6346627a546268d
718b98352fcff4165da6f7df4efb9231c835d9fe5ffb7c38744993adb282c145
77b89aef66611695c3d58d32330647438b4a9427b9a61f52dce045b97df68627
7bbb7317fda1bc0df9af9b0b9240867125bb720181d74d90e1e06d813a8c1eea
7d7545d63046f491ae1df2e3ea2f1f8bcc12f339d7ac6b0febdb89b24d3d8c27
7fc4f93b134813c4684b46d8ec2a5fc7859fbee8a3c30a48cc358bdc093fa22e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856693923253cc1826d19ceee77bc1b269722cc40dd53fac8b0273c01bc8a657
89636d20efba4dff4dc90d1a25eb81eca4dad47e4e68bf9efc9a64f694c60a2a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95f3719970bea273b73408a2de0b0534c26de0192d1b44e38a7984354f4c9ed5
9ac3632b77b0870a5a01987ed8fb27daba96bc2d6f55e9427776aca7e586f905
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
accbb6129495dc80b7b0f128018b7aa2c1993bd9b0aabec8d79db679794fd118
b11c0da88149acba80f9738ad613c996f42ff01673668ef56a4b99d6dca19ef6
b7bf040554a97747ad38e592cf42546f448eab1f2f41faebcc5bc8411079324c
bbaefe90e0c71311311c80d9a2e93c08ab62773efd5a2446d1269c5526cb7762
bc742e111219affcf4bc73baac357d456bea723327761782438fb1b7d0f8450e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ce995e49c462e67a9e744d76364b14630d4803aef7621805462ae98f24483948
d34d4bc4f039ab25aa7b00a2fc9acfae042610e1eb7cc2923c9137433ab163fa
d43181d1839def67e4e3ea7409ad7756676b511ce70b6b1706155485c024a661
d9e1b671593a58beefbbbe60032e8c3e98f28459c540221a28e147e257036db4
dd19cc116e088bb0f61d374db27439e44c76883858ec8c04d9721e3b98117748
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e701fad0c4dfaa2eef7ad02eea3b8e037f963cb0b5562b13a77f8885001a4183
e84b86f2ba6c45f5027940ac5de607d2b851a87154d67a9e81d81e613d10c956
e98471a7728f91a92ea5806341c0e615a91b06688adb49cbe2e0afd7e195c639
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2a3661683d48dea932d24efd35996d573f003fa7cd78fea381129475addb6b
f05ada2928f690d01595952400326e6d20ef0e7a0018f1b3774ccc67fd8a02c5
f146ac15c94c1957f03e45471476f4fab6586fb9154fe4483ef155b282c4c067
f4eabf972253bedec14adb2d6597e7c124823f8f072ab6ca2eb43202ad123d82
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f979bc37846715155b2272953e0c225a62a3bde3d620e7bda7a3232fd45005e2
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d