Application Security Platform
Scan management

Scan statuses and error messages

This document is for:
Invicti Platform

When you initiate a scan using Invicti Platform, the scan goes through various stages, and different statuses are assigned to reflect the progress and outcome of the scan. A status is assigned as soon as the scan starts.

This document explains the statuses you might encounter during a scan.

Scan statuses

Each scan is assigned two distinct statuses:

  1. Progress status – Indicates the current state of the scan process. Possible values include: Queued, Starting, In Progress, Aborted, Completed, and Failed. A Failed status typically signifies that the scanner was unable to complete the scan due to an internal failure.
  2. Issue indicator – Reflects whether the scan encountered any issues during execution. This is represented by a warning or error icon displayed alongside the progress status. Detailed information about the issue is available in the scan’s Activity window and Events page.

    For example, if the scanner is unable to connect to the target, the scan may still be marked as
    Completed, but a warning icon will appear with a message indicating the connection failure.

Individual scan statuses

These are the scan statuses you can see in Invicti Platform

  • Scheduled: The scan is scheduled to run at a specified future time. It has not yet entered the execution queue.

  • Queued: The scan is awaiting execution in the queue. If the target has defined excluded hours, the scan will remain in the queue until those hours have passed.

  • Starting: The scan is currently initializing and preparing to run.

  • In Progress: The scan is actively running and analyzing the target for vulnerabilities.

  • Aborting: The scan is in the process of stopping after the user has initiated a cancel operation.

  • Aborted: The scan has been stopped, either manually by the user or automatically due to 25 consecutive network errors. For more information, refer to Scans and network errors.

  • Pausing: The scan is in the process of being paused after the user initiated a pause request.

  • Paused: The scan is temporarily halted and will not progress until resumed.

  • Resuming: The scan is in the process of restarting after a pause.

  • Resumed: The scan has successfully restarted after being paused.

  • Completed: The scan has finished. A scan may also be marked as Completed if it fails during pre-scan validation.

  • Completed with Error: The scan has finished, but errors occurred during execution. Refer to the scan’s Activity log for detailed information. Common errors are described later in this document.

  • Completed with Warning: The scan has completed, but warnings were generated indicating potential issues. See the Activity log for details. Common warnings are covered in the sections below.

  • Failed: The scan was unable to run successfully due to a critical issue. Review the scan’s Activity log and Events tab for further details. Common causes of failure are outlined later in this article.

Scan error messages

There are three types of messages: Information, warning, and error messages.

Information messages

These messages from the scanner are provided for information purposes only and do not usually necessitate any further actions.

  • Initial request to [web address] was redirected to [web address]
    The original request to the target address was redirected to another URL on the same domain using the same protocol (HTTP or HTTPS). This is typically a standard site behavior and not an issue.

  • Start URL changed (initial request to [web address] was redirected to [web address])
    The initial request to the target address was redirected to a different URL on the same site, but with a different protocol—usually from HTTP to HTTPS. This is common for enforcing secure connections.

  • Scanning has resumed
    This indicates that the scan has resumed following a previously paused state.

  • No GraphQl schema detected
    The scanner attempted to query a GraphQL API but was unsuccessful, likely due to introspection being disabled. To resolve this, enable introspection on the GraphQL API or upload the schema file manually in the target settings.

  • Invicti IAST used for this scan
    Invicti IAST technology is enabled and actively being utilized during this scan to enhance detection capabilities.

  • Windows Defender used for this scan
    Windows Defender is integrated into the scan process and is being used to detect malware on the target site.

Warning messages

Warning messages indicate potential issues that warrant attention. While they do not require immediate action, a timely response is recommended to prevent possible future problems or system complications.

  • Invicti IAST was not detected on ${host}
    Although Invicti IAST has been configured, the scanner could not establish communication with the sensor.
  • Ensure the Invicti IAST is correctly installed on the web server.
  • Verify that the Invicti IAST password matches the one configured for the target.
  • For Java, .NET, and Node.js, confirm that the Invicti IAST sensor can communicate with the IAST Bridge.
  • Check that the IAST Bridge address and port are accessible by the web server.
  • If the IAST Bridge configuration has changed, re-download and re-deploy the Invicti IAST.
  • By default, the IAST Bridge runs on iast.invicti.com over port 443.
  • Automatic login failed for ${host}
    Auto-login has been enabled, but no login form was detected.
  • Specify the login form URL under Target Settings > Site Login.
  • If issues persist, configure a pre-recorded login sequence.
  • Client certificate missing for host: [web address]
    The target requires a client certificate for authentication, but none was provided, or authentication failed using the configured certificate.
  • HTTP Authentication required on: [web address]
    The scanner encountered HTTP Authentication at the specified address. To proceed, configure credentials under Target Settings > HTTP Authentication. Refer to the HTTP Authentication guide for more information.
  • Initial request to site returned status 4xx or 5xx
    The initial HTTP request returned a client or server error (4xx or 5xx). This may indicate the site is down or that additional configuration is required (e.g., authentication, headers, cookies).
  • Confirm the target URL is correct.
  • Ensure the scanner can connect.
  • Check if the scanner’s IP needs to be whitelisted.
    The scanner will not proceed until the issue is resolved.
  • Initial request to site returned status 400: Bad Request
     A 400 error indicates the site rejected the request as malformed.
  • Confirm the target URL.
  • Check for required custom headers or cookies in target settings.
  • Initial request to site returned status 401: Unauthorized
     A 401 error means the server requires authentication.
  • Ensure HTTP Authentication is configured correctly in the target settings.
    The scanner cannot proceed without valid credentials.
  • Initial request to site returned status 403: Forbidden
     A 403 error indicates the scanner is blocked.
  • Verify target URL.
  • Whitelist the scanner’s IP.
  • Check if headers, cookies, or HTTP Authentication are needed.
    Configure these in the target settings.
  • Initial request to site returned status 404: Not Found
     The target URL returned a 404 error, indicating the resource could not be found.
  • Confirm the URL is correct and reachable.
  • Initial request to site returned status 429: Too Many Requests
     The target is throttling traffic due to too many requests.
  • Whitelist the scanner or adjust rate-limiting rules to allow scanning.
  • Initial request to site returned status 500: Internal Server Error
     A 500 error typically indicates a server-side issue on the target.
  • Check the site’s availability and error logs.
  • Initial request to site returned status 502: Bad Gateway
     A 502 error suggests a gateway or proxy failed to receive a valid response from the upstream server.
  • Confirm target availability and proxy configurations.
  • Initial request to site returned status 503: Service Unavailable
     A 503 error implies the site is temporarily unavailable, often due to maintenance or overload.
  • Retry later or ensure the server is operational.
  • Login forms were detected but no LSR or Autologin are configured.
     The scanner found login forms but no authentication method is set up.
  • Configure login credentials in Target Settings > Site Login.
  • Non Responsive
     The target server did not respond, preventing the scan from proceeding.
  • Check connectivity, firewall settings, and that the target URL is correct.
    This often indicates a network timeout or closed connection.
  • Outdated Invicti IAST detected
     Invicti IAST is installed and detected, but it's not the latest version.
  • Some imported URLs are out of scope of the target
     The import file includes URLs that fall outside the defined scope for the scan.
  • Review the import file and update target scope as needed.
  • Start URL changed to [web address] (target was not responsive on 80)
     The scanner could not reach the target via HTTP on port 80 and switched to HTTPS on port 443.
  • Ensure the correct port and protocol are used for the target site.

Error messages

Error messages identify critical issues that have disrupted the scanner’s operation. These errors typically require immediate investigation and resolution to restore scanning functionality and prevent further interruptions.

  • Auto Detect import failed. File not supported: [web address]
    The target is configured with an import file, but the scanner couldn't determine the file format. Ensure that the file is valid and uses a supported format, then re-upload it via the target settings.
  • Burp Items import failed
    The scanner failed to process the imported Burp Suite file. Verify that the file is valid and compatible, then re-upload it through the target settings.
  • Business Logic import failed
    A business logic recording is configured, but the scanner encountered issues replaying it.
  • Edit the recording in the target settings and manually test the playback.
  • Ensure all login steps execute correctly and the sequence completes without interruption.
    Errors here will affect the scanner's ability to test authenticated parts of the site.
  • Failed to initialize OAuth
    OAuth is configured for the target, but the scanner could not complete the login process. Review the OAuth settings and try again.
  • Failed to obtain access token
    The scanner could not retrieve a valid OAuth access token using the configured credentials. Review and correct the OAuth settings under Target Settings > Site Login.
  • GraphQl import failed
    The GraphQL import file could not be used. Check that the file is correctly formatted and try uploading it again.
  • GraphQl import failed. Only JSON format is accepted for GraphQl Schema
    The GraphQL schema file must be in JSON format. Re-export the schema in JSON and upload it again.
  • Initial request ([web address]) error: [Error number]: SSL routines:: [Additional error information]
    An SSL error occurred when connecting to the target. Make sure the site is accessible over HTTPS from a standard web browser. The scanner cannot proceed without a valid SSL connection.
  • Initial request ([web address] error: Timeout
    The server did not respond within the expected time, causing a timeout. Confirm that the target is online and accessible. The scanner will not proceed in this state.
  • Initial request ([web address] error: Cannot connect
    The scanner could not establish a connection to the target. Check network access and firewall rules.
  • Initial request ([web address] error: Unexpected close
    The connection was unexpectedly closed by the server. This can happen due to server misconfiguration or abrupt connection handling.
  • Initial request ([web address] error: DNS lookup failed.
    The DNS resolution failed for the provided domain. Verify that the domain is correct and publicly resolvable.
  • Initial request ([web address] error: Invalid or restricted address
    This typically occurs when the target address is invalid or access is restricted. Double-check the address and permissions before retrying.
  • Postman Collection import failed: [ERROR]
    The Postman Collection file could not be used. Review the error message for specific details, ensure the file is valid, and re-upload it via the target settings.
  • Scanning of ${host} was aborted (target was not responsive)
    The scan was interrupted because the target became unresponsive. Check the network and target server status before attempting to resume or restart the scan.
  • Swagger Import Failed
    The Swagger definition could not be processed. Ensure the file is valid and formatted correctly, then re-upload it to the target.
  • The login sequence for ${host} is invalid
    The configured login sequence could not be replayed properly.
  • Use the Edit Login Sequence option to review and retest the steps.
  • Confirm all login steps are executed and the session is maintained.
  • Mark actions that end the session as "restricted."
  • Validate the session pattern using the Check Pattern button after replaying the login steps.


Share This Article