www.horizon3.ai
Open in
urlscan Pro
104.197.16.226
Public Scan
Submitted URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29824-deep-dive-ivanti-epm-sql-injection-remote-code-execu...
Effective URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29824-deep-dive-ivanti-epm-sql-injection-remote-code-execu...
Submission: On October 02 via api from US — Scanned from DE
Effective URL: https://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29824-deep-dive-ivanti-epm-sql-injection-remote-code-execu...
Submission: On October 02 via api from US — Scanned from DE
Form analysis 2 forms found in the DOM
GET https://www.horizon3.ai/
<form role="search" method="get" class="et_pb_menu__search-form" action="https://www.horizon3.ai/">
<input type="search" class="et_pb_menu__search-input" placeholder="Search …" name="s" title="Search for:">
</form>GET https://www.horizon3.ai/
<form role="search" method="get" class="et_pb_menu__search-form" action="https://www.horizon3.ai/">
<input type="search" class="et_pb_menu__search-input" placeholder="Search …" name="s" title="Search for:">
</form>Text Content
* Solutions
3 2
SECURITY STRATEGIES
* Effective Security
* Splunk Logging
* Purple Team Culture
* Vulnerable ≠ Exploitable
WHO USES NODEZERO?
* ITOps and SecOps
* Security Teams
* Pentesters
THE NODEZERO™ PLATFORM
* Internal Pentesting
* External Pentesting
* Cloud Pentesting
* Rapid Response
* AD Password Audit
* Phishing Impact Testing
* NodeZero Tripwires
* Documentation
NODEZERO FOR COMPLIANCE
* PCI Compliance
Schedule a Demo
Start a Free Trial
USE CASES
* Education
* Healthcare
* Manufacturing
* Supply Chain
* Public Sector
* Large Organizations
* MSSPs and MSPs
* Partners
3 2
NODEZERO FOR MSSPS AND MSPS
Let Us Be Your Force Multiplier
NODEZERO FOR PARTNERS
Disruptive Technology That Will Help Drive Revenue
PARTNER PORTAL
Become a Partner
* Resources
3 2
INDUSTRY INSIGHTS
ATTACK RESEARCH
RESOURCE CENTER
* Blogs
* Glossary
* 2023 Year in Review
CUSTOMER STORIES
CENTURY-LONG INNOVATION: A LEGACY OF OUTPACING CYBER THREATS
Sep 19, 2024
Discover how Komori, a century-old printing giant, is leading the charge in
cybersecurity innovation by adapting to internet-connected risks and
utilizing advanced solutions like NodeZero to safeguard their legacy.
FUTURE-PROOFING CITIES: LYT’S STORY
Jul 19, 2024
As cities expand with smart technologies to enhance infrastructure, robust
cybersecurity is crucial. Discover how continuous assessments with NodeZero
keep urban operations safe and efficient.
INDUSTRY INSIGHTS
8 STEPS FOR ENHANCING CYBERSECURITY POST-BREACH
Oct 1, 2024
A 8-step guide to strengthening cybersecurity post-breach with autonomous
pentesting and continuous risk assessment using NodeZero.
DETECTION DONE DIFFERENTLY: BEST PRACTICES FOR AUTOMATING & IMPROVING THREAT
DETECTION IN YOUR ORG
Sep 25, 2024
As cyber attacks become increasingly complex, sophisticated, and more
frequent, security teams need to be able to identify attacks faster and with
higher accuracy. But users report that current detection workflows have high
set-up and maintenance needs and introduce lots of noise and time-consuming
false-positives. In this session, we highlight new approaches to overcome
those drawbacks:
– Why rapid threat detection is increasingly critical for every security team
in today’s threat landscape.
– A new approach to threat detection that doesn’t increase your team’s
workload.
– A preview of how NodeZero Tripwires helps you detect threats faster and
accurately.
MASTERING CLOUD SECURITY: UNCOVERING HIDDEN VULNERABILITIES WITH NODEZERO™
Aug 21, 2024
Master cloud security with NodeZero™ Cloud Pentesting. Easily uncover
vulnerabilities across AWS and Azure, prioritize identity risks, and secure
your environment in just minutes. Stay ahead of threats.
ATTACK CONTENT
* Credential Attacks
* Log4Shell
* Ransomware
ATTACK PATHS
Routes and methods NodeZero used to gain unauthorized access to networks
ON-PREM MISCONFIGURATIONS LEAD TO ENTRA TENANT COMPROMISE
As enterprises continue to transition on-premises infrastructure and
information systems to the cloud, hybrid cloud systems have emerged as a
vital solution, balancing the benefits of both environments to optimize
performance, scalability, and ease of change on users...
ATTACK BLOGS
CVE-2024-28987: SOLARWINDS WEB HELP DESK HARDCODED CREDENTIAL VULNERABILITY
DEEP-DIVE
Sep 25, 2024
On August 13, 2024, SolarWinds released a security advisory for Web Help Desk
(WHD) that detailed a deserialization remote code execution vulnerability.
This vulnerability, CVE-2024-28986, was added to CISA's Known Exploited
Vulnerability (KEV) catalog two days later...
CVE-2024-8190: INVESTIGATING CISA KEV IVANTI CLOUD SERVICE APPLIANCE COMMAND
INJECTION VULNERABILITY
Sep 16, 2024
On September 10, 2024, Ivanti released a security advisory for a command
injection vulnerability for it's Cloud Service Appliance (CSA) product.
Initially, this CVE-2024-8190 seemed uninteresting to us given that Ivanti
stated that it was an authenticated...
DISCLOSURES
CVE-2024-28987: SOLARWINDS WEB HELP DESK HARDCODED CREDENTIAL VULNERABILITY
DEEP-DIVE
On August 13, 2024, SolarWinds released a security advisory for Web Help Desk
(WHD) that detailed a deserialization remote code execution vulnerability.
This vulnerability, CVE-2024-28986, was added to CISA's Known Exploited
Vulnerability (KEV) catalog two days later...
* Company
3 2
About
Events
OUR VISION
The future of cyber warfare will run at machine speed
MEET THE TEAM
Team of Motivated “Learn-it-alls”
JOIN THE TEAM
We’re a remote-first company with teammates clustered around the globe
CONTACT US
PRESS RELEASES
KEITH POYSER APPOINTED AS VICE PRESIDENT FOR EMEA AT HORIZON3.AI
Sep 25, 2024
Business Wire 09/25/2024 Horizon3.ai, a global leader in autonomous security
solutions, today announced the appointment of Keith Poyser as Vice President
for EMEA. Poyser brings more than 25 years of experience in driving sales
growth, strategy, and business...
NICHOLAS WARNER JOINS HORIZON3.AI AS INDEPENDENT BOARD DIRECTOR, BRINGING
OVER TWO DECADES OF CYBERSECURITY EXPERTISE
Sep 19, 2024
Business Wire 09/19/2024 Horizon3.ai, a global leader in autonomous security,
announces that Nicholas Warner has joined its board as an Independent
Director. Warner brings over two decades of cybersecurity experience, marked
by a proven track record in scaling...
UNVEILING NODEZERO TRIPWIRES™: HORIZON3.AI ENHANCES PENETRATION TESTING WITH
INTEGRATED THREAT DETECTION
Sep 10, 2024
Business Wire 09/10/2024 Horizon3.ai, a global leader in autonomous security
solutions, today unveiled NodeZero Tripwires™, an addition to its product
suite that integrates attack detection directly into the penetration testing
process. This first-of-its-kind solution...
AWARDS
TOP 150 CYBERSECURITY VENDORS
TECH ASCENSION 2024 BEST CLOUD SECURITY SOLUTION
INTELLYX DIGITAL INNOVATOR AWARD
EVENTS
Join us at these upcoming cybersecurity events and workshops
WEBINAR REPLAYS
Unlock expert insights in our cybersecurity webinar series
03
October
SECUREMAINE
SECUREMAINE
9:00 amItalian Heritage Center
09
October
REVOLUTIONIZE YOUR SECURITY WITH AUTONOMOUS PENTESTING
REVOLUTIONIZE YOUR SECURITY WITH AUTONOMOUS PENTESTING
2:00 pmZoom Webinar
18
October
THE CYBERSECURITY SUMMIT: HOUSTON
THE CYBERSECURITY SUMMIT: HOUSTON
7:30 amThe Westin Houston, Memorial City
22
October
IT-SA EXPO&CONGRESS
IT-SA EXPO&CONGRESS
8:00 amExhibition Centre Nuremberg
* Log In
* See a Demo
* Free Trial
a
M
* Solutions
3 2
SECURITY STRATEGIES
* Effective Security
* Splunk Logging
* Purple Team Culture
* Vulnerable ≠ Exploitable
WHO USES NODEZERO?
* ITOps and SecOps
* Security Teams
* Pentesters
THE NODEZERO™ PLATFORM
* Internal Pentesting
* External Pentesting
* Cloud Pentesting
* Rapid Response
* AD Password Audit
* Phishing Impact Testing
* NodeZero Tripwires
* Documentation
NODEZERO FOR COMPLIANCE
* PCI Compliance
Schedule a Demo
Start a Free Trial
USE CASES
* Education
* Healthcare
* Manufacturing
* Supply Chain
* Public Sector
* Large Organizations
* MSSPs and MSPs
* Partners
3 2
NODEZERO FOR MSSPS AND MSPS
Let Us Be Your Force Multiplier
NODEZERO FOR PARTNERS
Disruptive Technology That Will Help Drive Revenue
PARTNER PORTAL
Become a Partner
* Resources
3 2
INDUSTRY INSIGHTS
ATTACK RESEARCH
RESOURCE CENTER
* Blogs
* Glossary
* 2023 Year in Review
CUSTOMER STORIES
CENTURY-LONG INNOVATION: A LEGACY OF OUTPACING CYBER THREATS
Sep 19, 2024
Discover how Komori, a century-old printing giant, is leading the charge in
cybersecurity innovation by adapting to internet-connected risks and
utilizing advanced solutions like NodeZero to safeguard their legacy.
FUTURE-PROOFING CITIES: LYT’S STORY
Jul 19, 2024
As cities expand with smart technologies to enhance infrastructure, robust
cybersecurity is crucial. Discover how continuous assessments with NodeZero
keep urban operations safe and efficient.
INDUSTRY INSIGHTS
8 STEPS FOR ENHANCING CYBERSECURITY POST-BREACH
Oct 1, 2024
A 8-step guide to strengthening cybersecurity post-breach with autonomous
pentesting and continuous risk assessment using NodeZero.
DETECTION DONE DIFFERENTLY: BEST PRACTICES FOR AUTOMATING & IMPROVING THREAT
DETECTION IN YOUR ORG
Sep 25, 2024
As cyber attacks become increasingly complex, sophisticated, and more
frequent, security teams need to be able to identify attacks faster and with
higher accuracy. But users report that current detection workflows have high
set-up and maintenance needs and introduce lots of noise and time-consuming
false-positives. In this session, we highlight new approaches to overcome
those drawbacks:
– Why rapid threat detection is increasingly critical for every security team
in today’s threat landscape.
– A new approach to threat detection that doesn’t increase your team’s
workload.
– A preview of how NodeZero Tripwires helps you detect threats faster and
accurately.
MASTERING CLOUD SECURITY: UNCOVERING HIDDEN VULNERABILITIES WITH NODEZERO™
Aug 21, 2024
Master cloud security with NodeZero™ Cloud Pentesting. Easily uncover
vulnerabilities across AWS and Azure, prioritize identity risks, and secure
your environment in just minutes. Stay ahead of threats.
ATTACK CONTENT
* Credential Attacks
* Log4Shell
* Ransomware
ATTACK PATHS
Routes and methods NodeZero used to gain unauthorized access to networks
ON-PREM MISCONFIGURATIONS LEAD TO ENTRA TENANT COMPROMISE
As enterprises continue to transition on-premises infrastructure and
information systems to the cloud, hybrid cloud systems have emerged as a
vital solution, balancing the benefits of both environments to optimize
performance, scalability, and ease of change on users...
ATTACK BLOGS
CVE-2024-28987: SOLARWINDS WEB HELP DESK HARDCODED CREDENTIAL VULNERABILITY
DEEP-DIVE
Sep 25, 2024
On August 13, 2024, SolarWinds released a security advisory for Web Help Desk
(WHD) that detailed a deserialization remote code execution vulnerability.
This vulnerability, CVE-2024-28986, was added to CISA's Known Exploited
Vulnerability (KEV) catalog two days later...
CVE-2024-8190: INVESTIGATING CISA KEV IVANTI CLOUD SERVICE APPLIANCE COMMAND
INJECTION VULNERABILITY
Sep 16, 2024
On September 10, 2024, Ivanti released a security advisory for a command
injection vulnerability for it's Cloud Service Appliance (CSA) product.
Initially, this CVE-2024-8190 seemed uninteresting to us given that Ivanti
stated that it was an authenticated...
DISCLOSURES
CVE-2024-28987: SOLARWINDS WEB HELP DESK HARDCODED CREDENTIAL VULNERABILITY
DEEP-DIVE
On August 13, 2024, SolarWinds released a security advisory for Web Help Desk
(WHD) that detailed a deserialization remote code execution vulnerability.
This vulnerability, CVE-2024-28986, was added to CISA's Known Exploited
Vulnerability (KEV) catalog two days later...
* Company
3 2
About
Events
OUR VISION
The future of cyber warfare will run at machine speed
MEET THE TEAM
Team of Motivated “Learn-it-alls”
JOIN THE TEAM
We’re a remote-first company with teammates clustered around the globe
CONTACT US
PRESS RELEASES
KEITH POYSER APPOINTED AS VICE PRESIDENT FOR EMEA AT HORIZON3.AI
Sep 25, 2024
Business Wire 09/25/2024 Horizon3.ai, a global leader in autonomous security
solutions, today announced the appointment of Keith Poyser as Vice President
for EMEA. Poyser brings more than 25 years of experience in driving sales
growth, strategy, and business...
NICHOLAS WARNER JOINS HORIZON3.AI AS INDEPENDENT BOARD DIRECTOR, BRINGING
OVER TWO DECADES OF CYBERSECURITY EXPERTISE
Sep 19, 2024
Business Wire 09/19/2024 Horizon3.ai, a global leader in autonomous security,
announces that Nicholas Warner has joined its board as an Independent
Director. Warner brings over two decades of cybersecurity experience, marked
by a proven track record in scaling...
UNVEILING NODEZERO TRIPWIRES™: HORIZON3.AI ENHANCES PENETRATION TESTING WITH
INTEGRATED THREAT DETECTION
Sep 10, 2024
Business Wire 09/10/2024 Horizon3.ai, a global leader in autonomous security
solutions, today unveiled NodeZero Tripwires™, an addition to its product
suite that integrates attack detection directly into the penetration testing
process. This first-of-its-kind solution...
AWARDS
TOP 150 CYBERSECURITY VENDORS
TECH ASCENSION 2024 BEST CLOUD SECURITY SOLUTION
INTELLYX DIGITAL INNOVATOR AWARD
EVENTS
Join us at these upcoming cybersecurity events and workshops
WEBINAR REPLAYS
Unlock expert insights in our cybersecurity webinar series
03
October
SECUREMAINE
SECUREMAINE
9:00 amItalian Heritage Center
09
October
REVOLUTIONIZE YOUR SECURITY WITH AUTONOMOUS PENTESTING
REVOLUTIONIZE YOUR SECURITY WITH AUTONOMOUS PENTESTING
2:00 pmZoom Webinar
18
October
THE CYBERSECURITY SUMMIT: HOUSTON
THE CYBERSECURITY SUMMIT: HOUSTON
7:30 amThe Westin Houston, Memorial City
22
October
IT-SA EXPO&CONGRESS
IT-SA EXPO&CONGRESS
8:00 amExhibition Centre Nuremberg
* Log In
* See a Demo
* Free Trial
CVE-2024-29824 DEEP DIVE: IVANTI EPM SQL INJECTION REMOTE CODE EXECUTION
VULNERABILITY
by James Horseman | Jun 12, 2024 | Attack Blogs, Attack Research
INTRODUCTION
Ivanti Endpoint Manager (EPM) is an enterprise endpoint management solution that
allows for centralized management of devices within an organization. On May 24,
2024, ZDI and Ivanti released an advisory describing a SQL injection resulting
in remote code execution with a CVSS score of 9.8. In this post we will detail
the internal workings of this vulnerability. Our POC can be found here.
RECORDGOODAPP
Luckily for us, the ZDI advisory told us exactly where to look for the SQL
injection. A function named RecordGoodApp. After installation, we find most of
the application binaries in C:\Program Files\LANDesk. Searching for
RecordGoodApp we find its present in a file named PatchBiz.dll.
RecordGoodApp Search
We can use JetBrains dotPeek tool to disassemble the PatchBiz.dll C# binary.
From there we can search for the RecordGoodApp method.
RecordGoodApp Disassembly
We can readily see that the first SQL statement in the function is potentially
vulnerable to an SQL injection. They use string.Format to insert the value of
goodApp.md5 into the SQL query. Assuming we can find a way to influence the
value of goodApp.md5 we should be able to trigger the SQL injection.
FINDING A PATH TO THE VULNERABLE FUNCTION
Next, we would like to see if there are any obvious paths to the RecordGoodApp
function that we can use to trigger the vulnerability. Luckily we can use
dotPeek again to search for any references to RecordGoodApp. However, to make
sure we don’t miss anything, we first want to make sure that we have all
potential application binaries loaded into dotPeek. If we don’t, we run the risk
of missing a reference to the vulnerable function. We find that RecordGoodApp is
first called from AppMonitorAction.RecordPatchIssue.
AppMonitorAction.RecordPatchIssue
Continuing, we find the AppMonitorAction.RecordPatchIsssue is called by
Patch.UpdateActionHistory
Patch.UpdateActionHistory
We find that UpdateActionHistory is called from three different locations.
Patch.UpdateActionHistory Usage
This most interesting of these usages is
StatusEvents.EventHandler.UpdateStatusEvents. We find that it is annotated with
[WebMethod] in the EventHandler class. EventHandler inherits from
System.Web.Services.WebService. This strongly indicates that we should be able
to hit UpdateStatusEvents over HTTP.
UpdateStatusEvents
TRIGGERING THE VULNERABLE FUNCTION
Now that we have found a viable path to the vulnerable function, our attention
turns to triggering the vulnerable function. First, using IIS Manager, we notice
that EventHandler.cs is hosted on the /WSStatusEvents endpoint.
IIS Manager WSStatusEvents
Navigating to the endpoint in a browser, we are led to a page that shows up some
example requests and responses.
UpdateStatusEvents Examples
Now, we can copy these example requests into Burp Suite and begin modifying them
to see if we can trigger the exploit. Using dyspy, we attach to the IIS process
hosting the vulnerable endpoint and start sending requests. After a little bit
more reversing, we come up with a fairly trivial request using xp_cmdshell to
gain RCE.
Successfully exploiting using Burp
Finally, we see notepad.exe running under sqlservr.exe proving that our exploit
worked!
notepad running under sqlservr.exe
INDICATORS OF COMPROMISE
The MS SQL logs can be examined for evidence of xp_cmdshell being utilized to
obtain command execution. Note that this is likely not the only method for
gaining RCE, but it is a popular one.
SQL Server logs showing evidence of xp_cmdshell usage.
NODEZERO
NodeZero Attack Path utilizing CVE-2024-29824 to load a remote access tool and
access files
Horizon3.ai clients and free-trial users alike can run a NodeZero operation to
determine the exposure and exploitability of this issue.
SIGN UP FOR A FREE TRIAL AND QUICKLY VERIFY YOU’RE NOT EXPLOITABLE.
Start Your Free Trial
HOW CAN NODEZERO HELP YOU?
Let our experts walk you through a demonstration of NodeZero, so you can see how
to put it to work for your company.
Schedule a Demo
Contact Us
info@horizon3.ai
press@horizon3.ai
650-445-4457
FOLLOW US
SUBSCRIBE TO COMMUNITY UPDATES
© 2022 All Rights Reserved. | Privacy Policy | Support Policy | Terms
of Service
We use cookies on our website to give you the most relevant experience by
remembering your preferences and repeat visits. By clicking “Accept All”, you
consent to the use of ALL the cookies. However, you may visit "Cookie Settings"
to provide a controlled consent.
Cookie SettingsAccept All
Manage consent
Close
PRIVACY OVERVIEW
This website uses cookies to improve your experience while you navigate through
the website. Out of these, the cookies that are categorized as necessary are
stored on your browser as they are essential for the working of basic
functionalities of the ...
Necessary
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly.
These cookies ensure basic functionalities and security features of the website,
anonymously.
CookieDurationDescription__cfruidsessionCloudflare sets this cookie to identify
trusted web traffic._GRECAPTCHA5 months 27 daysThis cookie is set by the Google
recaptcha service to identify bots to protect the website against malicious spam
attacks.cookielawinfo-checkbox-advertisement1 yearSet by the GDPR Cookie Consent
plugin, this cookie is used to record the user consent for the cookies in the
"Advertisement" category .cookielawinfo-checkbox-analytics11 monthsThis cookie
is set by GDPR Cookie Consent plugin. The cookie is used to store the user
consent for the cookies in the category
"Analytics".cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR
cookie consent to record the user consent for the cookies in the category
"Functional".cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR
Cookie Consent plugin. The cookies is used to store the user consent for the
cookies in the category "Necessary".cookielawinfo-checkbox-others11 monthsThis
cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the
user consent for the cookies in the category
"Other.cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR
Cookie Consent plugin. The cookie is used to store the user consent for the
cookies in the category "Performance".CookieLawInfoConsent1 yearRecords the
default button state of the corresponding category & the status of CCPA. It
works only in coordination with the primary cookie.OptanonConsent1 yearOneTrust
sets this cookie to store details about the site's cookie category and check
whether visitors have given or withdrawn consent from the use of each
category.viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie
Consent plugin and is used to store whether or not user has consented to the use
of cookies. It does not store any personal data.
Functional
Functional
Functional cookies help to perform certain functionalities like sharing the
content of the website on social media platforms, collect feedbacks, and other
third-party features.
CookieDurationDescriptionAnalyticsSyncHistory1 monthLinkedIn - Used to store
information about the time a sync took place with the lms_analytics
cookiebcookie2 yearsLinkedIn sets this cookie from LinkedIn share buttons and ad
tags to recognize browser ID.bscookie2 yearsLinkedIn sets this cookie to store
performed actions on the website.langsessionLinkedIn sets this cookie to
remember a user's language setting.li_gc2 yearsLInkedIn Used to store consent of
guests regarding the use of cookies for non-essential purposeslidc1 dayLinkedIn
sets the lidc cookie to facilitate data center selection.UserMatchHistory1
monthLinkedIn sets this cookie for LinkedIn Ads ID syncing.
Performance
Performance
Performance cookies are used to understand and analyze the key performance
indexes of the website which helps in delivering a better user experience for
the visitors.
CookieDurationDescription_calendly_session21 daysCalendly, a Meeting Schedulers,
sets this cookie to allow the meeting scheduler to function within the website
and to add events into the visitor’s calendar.
Analytics
Analytics
Analytical cookies are used to understand how visitors interact with the
website. These cookies help provide information on metrics the number of
visitors, bounce rate, traffic source, etc.
CookieDurationDescription_ga2 yearsThe _ga cookie, installed by Google
Analytics, calculates visitor, session and campaign data and also keeps track of
site usage for the site's analytics report. The cookie stores information
anonymously and assigns a randomly generated number to recognize unique
visitors._ga_V462VSRXXS2 yearsThis cookie is installed by Google
Analytics.6suuid2 years6sense is a B2B predictive intelligence engine for
marketing and sales.CONSENT2 yearsYouTube sets this cookie via embedded
youtube-videos and registers anonymous statistical data.pardotpastThe pardot
cookie is set while the visitor is logged in as a Pardot user. The cookie
indicates an active session and is not used for tracking.visitorId1
yearSalesforce
Advertisement
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and
marketing campaigns. These cookies track visitors across websites and collect
information to provide customized ads.
CookieDurationDescriptionVISITOR_INFO1_LIVE5 months 27 daysA cookie set by
YouTube to measure bandwidth that determines whether the user gets the new or
old player interface.YSCsessionYSC cookie is set by Youtube and is used to track
the views of embedded videos on Youtube pages.yt.innertube::nextIdneverThis
cookie, set by YouTube, registers a unique ID to store data on what videos from
YouTube the user has seen.yt.innertube::requestsneverThis cookie, set by
YouTube, registers a unique ID to store data on what videos from YouTube the
user has seen.
Others
Others
Other uncategorized cookies are those that are being analyzed and have not been
classified into a category as yet.
CookieDurationDescriptionlpv97107330 minutesNo description
SAVE & ACCEPT
Powered by