www.group-ib.com Open in urlscan Pro
3.72.181.255 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.group-ib.com/blog/boolka/
Submission: On July 24 via manual (July 24th 2024, 8:49:55 pm UTC) from US — Scanned from US

Summary HTTP 49 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 49 HTTP transactions. The main IP is 3.72.181.255, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.group-ib.com. The Cisco Umbrella rank of the primary domain is 876147.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 1st 2024. Valid for: a year.

This is the only time www.group-ib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	3.72.181.255 3.72.181.255	16509 (AMAZON-02) (AMAZON-02)
2	136.243.23.113 136.243.23.113	24940 (HETZNER-AS) (HETZNER-AS)
49	3

41 3.72.181.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

www.group-ib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.23.113 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.113.23.243.136.clients.your-server.de

fhp-de-js.group-ib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	group-ib.com www.group-ib.com — Cisco Umbrella Rank: 876147 fhp-de-js.group-ib.com	606 KB
49	1

	Domain	Requested by
41	www.group-ib.com	fhp-de-js.group-ib.com www.group-ib.com
2	fhp-de-js.group-ib.com	www.group-ib.com
49	2

This site contains links to these domains. Also see Links.

Domain
trebuchet.gibthf.com
github.com
sso.group-ib.com
twitter.com
www.facebook.com
t.me
www.linkedin.com
api.whatsapp.com
urlscan.io
www.virustotal.com
detonation.group-ib.com
pypi.org
instagram.com
group-ib.medium.com

Subject Issuer	Validity	Valid
*.group-ib.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-01` - `2025-07-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.group-ib.com/blog/boolka/
Frame ID: 6C5A9C953CEA6499F77E2EC4901E2E0B
Requests: 66 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Boolka Unveiled: From web attacks to modular malware | Group-IB Blog

Page URL History Show full URLs

https://www.group-ib.com/blog/boolka/ Page URL
https://www.group-ib.com/blog/boolka/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Page Statistics

49
Requests

88 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

3
IPs

1
Countries

606 kB
Transfer

1613 kB
Size

10
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://trebuchet.gibthf.com/?tab=network
Title: Network Protection Assessment

Search URL Search Domain Scan URL

URL: https://github.com/Group-IB/cloud_sherlock
Title: Cloud Recon Tool

Search URL Search Domain Scan URL

URL: https://sso.group-ib.com/
Title: Sign in

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Boolka%20Unveiled:%20From%20web%20attacks%20to%20modular%20malware&url=https://www.group-ib.com/blog/boolka/
Title: <img src="/wp-content/themes/gib-theme/assets/images/socials/twitter-64.svg">

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.group-ib.com/blog/boolka/&quote=Boolka%20Unveiled:%20From%20web%20attacks%20to%20modular%20malware
Title: <img src="/wp-content/themes/gib-theme/assets/images/socials/facebook-64.svg">

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https://www.group-ib.com/blog/boolka/&text=Boolka%20Unveiled:%20From%20web%20attacks%20to%20modular%20malware
Title: <img src="/wp-content/themes/gib-theme/assets/images/socials/telegram-64.svg">

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://www.group-ib.com/blog/boolka/
Title: <img src="/wp-content/themes/gib-theme/assets/images/socials/linkedin-64.svg">

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://www.group-ib.com/blog/boolka/
Title: <img src="/wp-content/themes/gib-theme/assets/images/socials/whatsapp-64.svg">

Search URL Search Domain Scan URL

URL: https://urlscan.io/responses/420d8d83d5b98d959f7c62c2043b0cc2511385d4cab722b23ef4b39da5147bfc/
Title: https://urlscan.io/responses/420d8d83d5b98d959f7c62c2043b0cc2511385d4cab722b23ef4b39da5147bfc/

Search URL Search Domain Scan URL

URL: https://urlscan.io/responses/e6bc4f2ca5bf36fae278cbbc12bbacc12f475cd92f194a79c24afe384af3e6e7/
Title: https://urlscan.io/responses/e6bc4f2ca5bf36fae278cbbc12bbacc12f475cd92f194a79c24afe384af3e6e7/

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/url/4d93e4f82017e1f278a5534c020fab01dcfae9c31ebc4e385ee31e7ac6b5c236/details
Title: default hook.js version

Search URL Search Domain Scan URL

URL: https://detonation.group-ib.com/K79OmYBMcl2HRhZdgrxlv9xDa/
Title: BMANAGER downloader

Search URL Search Domain Scan URL

URL: https://detonation.group-ib.com/7iMfrKsK02eEY9pmmnDN0tvAf/
Title: BMANAGER

Search URL Search Domain Scan URL

URL: https://detonation.group-ib.com/MxzVA9ym6ptX2CmXWkYURQhro/
Title: BMREADER

Search URL Search Domain Scan URL

URL: https://detonation.group-ib.com/NMbFsBTTTPrPwrTRZHM1QKF4v/
Title: BMLOG

Search URL Search Domain Scan URL

URL: https://detonation.group-ib.com/otZuuij74oQlLhpIqqCuSQwK0/
Title: BMHOOK

Search URL Search Domain Scan URL

URL: https://detonation.group-ib.com/eZubI3sj3eLoazzAirjrC2ZZQ/
Title: BMBACKUP

Search URL Search Domain Scan URL

URL: https://pypi.org/project/keyboard/
Title: Python keyboard

Search URL Search Domain Scan URL

URL: https://twitter.com/GroupIB
Title: <img src="/wp-content/themes/gib-theme/assets/images/twitter-icon.svg" alt="Group-IB on Twitter" />

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/1382013/
Title: <img src="/wp-content/themes/gib-theme/assets/images/linkedin-icon.svg" alt="Group-IB on LinkedIn"/>

Search URL Search Domain Scan URL

URL: https://instagram.com/groupibhq/
Title: <img src="/wp-content/themes/gib-theme/assets/images/instagram-icon.svg" alt="Group-IB on Instagram"/>

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groupibHQ
Title: <img src="/wp-content/themes/gib-theme/assets/images/facebook-icon.svg" alt="Group-IB on Facebook"/>

Search URL Search Domain Scan URL

URL: https://t.me/Group_IB
Title: <img src="/wp-content/themes/gib-theme/assets/images/telegram-icon.svg" alt="Group-IB on Telegram"/>

Search URL Search Domain Scan URL

URL: https://group-ib.medium.com/
Title: <img src="/wp-content/themes/gib-theme/assets/images/medium-icon.svg" alt="Group-IB on Medium"/>

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.group-ib.com/blog/boolka/ Page URL
https://www.group-ib.com/blog/boolka/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 403 / Show response
www.group-ib.com/blog/boolka/ 7 KB
7 KB 894ms
216ms Document
text/html 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/blog/boolka/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 58dce0919037761c043be8b1b96e05a2ca7fd9f51feeb5b39e0df86cfee09a6a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-type: text/html
date: Wed, 24 Jul 2024 20:49:48 GMT

GET
H/1.1 200
OK bt-autoinject.js Show response
fhp-de-js.group-ib.com/d/ 343 KB
135 KB 906ms
442ms Script
text/javascript 136.243.23.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fhp-de-js.group-ib.com/d/bt-autoinject.js
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.23.113 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.113.23.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 90feab54b3acd83fa6182b1099d882d4aa602ec61b8bcdfec8c3c8f413df5fe0

Request headers

Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 24 Jul 2024 20:49:49 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Methods: GET, POST, OPTIONS
x-envoy-upstream-service-time: 1
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids,Authorization

GET
DATA 200
OK truncated
/ 488 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8063e95f8874c2de7589ba713958e2032f5ccfb149f4d67928d599d1ac6b2254

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7049024006e7771a82beb0b4bac43f6c2f99e66fc81818cb74ce322efe9f990

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Show response
www.group-ib.com/api/fl/ 205 B
687 B 226ms
225ms XHR
application/json 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/api/fl/idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Requested by: Host: fhp-de-js.group-ib.com
URL: https://fhp-de-js.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7661bfade22daebeba97f359ace33094ec08369825e793d7f811d7be1bee5d14

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-cfids: -

Response headers

date: Wed, 24 Jul 2024 20:49:50 GMT
content-encoding: gzip
server: nginx
etag: W/"mnvWgSD6OHclOQpvgfwYvGOygjuIW2u+2+1x1CpWr524DNWZtpmaIzIXW+QsJROjmHOyEZSpSwYUzhUyzAasK4SjLxiIvOLSbeEKNp1YZQEKWsXEQI3ODvZUvexq3GgheQyjT77hh4jQFs4XCfcK/Va0"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache
x-envoy-upstream-service-time: 1

GET
H2 200 favicon.ico
www.group-ib.com/ 7 KB
3 KB 228ms
228ms Other
image/vnd.microsoft.icon 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c9b877bf594a1febfdc224f3e0aaf8c6db32315529a7569d185496225aea3ade

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2882
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 29 Jun 2022 11:31:28 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/vnd.microsoft.icon
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=2592000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Fri, 23 Aug 2024 20:49:50 GMT

POST
H2 200 fl Show response
www.group-ib.com/api/ 685 B
1 KB 518ms
510ms XHR
application/json 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/api/fl?u=0085cb90-831e-11ee-9493-816cec585ffa&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=mnvWgSD6OHclOQpvgfwYvGOygjuIW2u%2B2%2B1x1CpWr524DNWZtpmaIzIXW%2BQsJROjmHOyEZSpSwYUzhUyzAasK4SjLxiIvOLSbeEKNp1YZQEKWsXEQI3ODvZUvexq3GgheQyjT77hh4jQFs4XCfcK%2FVa0
Requested by: Host: fhp-de-js.group-ib.com
URL: https://fhp-de-js.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 652184cfceaa5784b41b5ffcbe443c98d195d4e5011a803178b7402e901b57a1

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 24 Jul 2024 20:49:52 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 65
access-control-allow-headers: Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids,Authorization

GET
H2 200 Primary Request / Show response
www.group-ib.com/blog/boolka/ 246 KB
47 KB 253ms
253ms Document
text/html 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/blog/boolka/

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

45564ca3c37e3def5d8436bae81a64a5a13143247fe10f510975cceccfd3e3ef

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=0 private, max-age=3600
content-encoding: gzip
content-length: 47773
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=UTF-8
date: Wed, 24 Jul 2024 20:49:52 GMT
expires: Wed, 24 Jul 2024 20:49:52 GMT
last-modified: Wed, 24 Jul 2024 17:32:34 GMT
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-Forwarded-Proto,Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

POST
H2 200 fl
www.group-ib.com/api/ 685 B
1020 B 250ms
247ms Ping
application/json 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/api/fl?u=0085cb90-831e-11ee-9493-816cec585ffa&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=aDFfDMKLTXUsFviR08dt9%2FqPILv9T8EZaje8EavcpxwDH1gcvhNiZ1rFJZjVNGOgAYm1g1n%2FAGKxunKW1IfoFfdvJU4BEeiQKsiJcr3WaK3aWsMYfLNgiiYgy8i8Aqxtv%2FPqS8lc3b40y0kKDN5JRoq50hUrfw9dPJyx
Requested by: Host: fhp-de-js.group-ib.com
URL: https://fhp-de-js.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 24 Jul 2024 20:49:52 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 22
access-control-allow-headers: Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids,Authorization

GET
H/1.1 200
OK bt-autoinject.js Show response
fhp-de-js.group-ib.com/d/ 343 KB
135 KB 447ms
446ms Script
text/javascript 136.243.23.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fhp-de-js.group-ib.com/d/bt-autoinject.js
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.23.113 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.113.23.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 90feab54b3acd83fa6182b1099d882d4aa602ec61b8bcdfec8c3c8f413df5fe0

Request headers

Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 24 Jul 2024 20:49:52 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Methods: GET, POST, OPTIONS
x-envoy-upstream-service-time: 1
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids,Authorization

GET
H2 200 swiper-bundle.min.js Show response
www.group-ib.com/wp-content/themes/gib-theme/assets/js/ 140 KB
39 KB 401ms
400ms Script
application/javascript 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/js/swiper-bundle.min.js

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b624e1e378abe009ef0de69a698b0a3e734af47efcdbd6816d5fcb8fc64c8bfe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 39504
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Sep 2022 07:41:14 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=31536000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 24 Jul 2025 20:49:52 GMT

GET
H2 200 classic-themes.min.css
www.group-ib.com/wp-includes/css/ 217 B
313 B 357ms
355ms Stylesheet
text/css 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/wp-includes/css/classic-themes.min.css

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 189
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 11 Nov 2022 11:58:50 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
x-frame-options: sameorigin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=31536000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 24 Jul 2025 20:49:52 GMT

GET
H2 200 dashicons.min.css
www.group-ib.com/wp-content/cache/min/1/wp-includes/css/ 58 KB
35 KB 359ms
358ms Stylesheet
text/css 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/wp-content/cache/min/1/wp-includes/css/dashicons.min.css?ver=1721839720

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8276d99808a3a111dcb2dc61c895388c21341d48be9c3f87d905787a49c2b832

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 35769
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jul 2024 16:48:40 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
x-frame-options: sameorigin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=31536000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 24 Jul 2025 20:49:52 GMT

GET
H2 200 frontend.min.css
www.group-ib.com/wp-content/plugins/post-views-counter/css/ 1 KB
505 B 356ms
355ms Stylesheet
text/css 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/wp-content/plugins/post-views-counter/css/frontend.min.css

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0d585aebb9cb31821fbcc6b030e0d882b5639e17bb403f8eb5ce7b3b19f4a1c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 440
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 Jun 2024 10:01:02 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
x-frame-options: sameorigin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=31536000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 24 Jul 2025 20:49:52 GMT

GET
H2 200 single-blog-post.css
www.group-ib.com/wp-content/cache/background-css/www.group-ib.com/wp-content/cache/min/1/wp-content/themes/gib-theme/assets/css/ 214 KB
33 KB 574ms
574ms Stylesheet
text/css 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/wp-content/cache/background-css/www.group-ib.com/wp-content/cache/min/1/wp-content/themes/gib-theme/assets/css/single-blog-post.css?ver=1721839748&wpr_t=1721853154

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

24f273155b782865a64f7818858b09c6d4347f558ac52e2ae53e8e215f0d118a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 33946
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jul 2024 16:49:08 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
x-frame-options: sameorigin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=31536000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 24 Jul 2025 20:49:52 GMT

GET
H2 200 lazyload.min.js Show response
www.group-ib.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 230ms
230ms Script
application/javascript 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 3053
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Jul 2024 14:54:05 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=31536000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 24 Jul 2025 20:49:53 GMT

GET
H2 200 lcp-beacon.min.js Show response
www.group-ib.com/wp-content/plugins/wp-rocket/assets/js/ 6 KB
2 KB 231ms
230ms Script
application/javascript 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/wp-content/plugins/wp-rocket/assets/js/lcp-beacon.min.js

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cf73fb18b800d7d55a0534b0b6817a113d6bd53db993d5df6ef5d961c8a60f01

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2391
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Jul 2024 14:54:05 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=31536000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 24 Jul 2025 20:49:53 GMT

GET
DATA 200
OK truncated
/ 484 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 414674bf216d29c2fa61aecdb39aa89fc53c5877212381e7009a6f987e278070

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d8a3076d111af749d1c94c0d37c58f9079743c90e6be0deeb74233fefe38917

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 785155f56788ad6bce2b39333600e2022a5b7efd13667680c836aa84c80f6a3e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fe82b3d01b8583a4d444f00720e4a4d5f708912ad5462999ab799a78c3410ba

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a91a703da4777ca3308d0cc3e7d00a97b5c9973201a0a8bed09fb3ea1eb38eee

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bcfa119b0f56ed4b6a8a614362500dde5dfe38be4184bc65d0840fcb863e227

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb40ddd8db8cdc5da0910a2604f02599c2c8fd5f3925e16ac339eccbf6302bf9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14034460331ad4d1cc2fb12ccc794f41430522b19afe927f4c4615b2a4d12dae

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6101edce92a845671f95cbcab15ab5f262bdfb31f46b742d97f50deb6245093c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 554214bddf4fc6af4c4b301db9ee29704ddd4b053ec6edfecc37678fe84d7138

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1db4f61fc847956f183dc06258e777d70d4502cdbb4bce91d6cfe1df9cbc226f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc7b51ea81e3ecf45496865b4faf757354e6f353343faf438f95a5fcbb074b32

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: faf1fba19f2a95791954ff24c07bbbef0feebefb3a7f9fd72d2ab244d4c4cdc6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2769d81a1ba68cee2a9b7cc297b65dee2860c5e7d301862f916d0f3987d96d08

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Show response
www.group-ib.com/api/fl/ 217 B
664 B 226ms
226ms XHR
application/json 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/api/fl/idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Requested by: Host: fhp-de-js.group-ib.com
URL: https://fhp-de-js.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fd6f1cc062b724ab5174512b13ed85c0f2bbf5c49d38b3050996a3723db5f9d9

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24: WxbZ7Qlo5mpKoJhxjxfFJa6fDfRA4YGTYk6iYL5ogxmExQh0sFESQ4lbeIFJZjHaOfJSUdfLh/F5Xj+3qx/Sjy/89hh0lJzry92fx4Y5KyQgiDMYXoN06C1Oj/rvp25Malckj+zasybVZymCjefqyDCoTfjHkyHP+hhx2vnKJjllbVzsvdCl67mF83HabZIkI/qQEcRIiDedpzxNNyxClApUXoCkLc0bc9+pl4IioVIPOdG7kvtRhy/Fn5/vUJfWpdjCEUC5xKCATcGLvQ==
Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24: eqkF2f728ba141bda3c32bb33a17e6d7e6a11705
x-cfids: aDFfDMKLTXUsFviR08dt9/qPILv9T8EZaje8EavcpxwDH1gcvhNiZ1rFJZjVNGOgAYm1g1n/AGKxunKW1IfoFfdvJU4BEeiQKsiJcr3WaK3aWsMYfLNgiiYgy8i8Aqxtv/PqS8lc3b40y0kKDN5JRoq50hUrfw9dPJyx

Response headers

date: Wed, 24 Jul 2024 20:49:53 GMT
content-encoding: gzip
server: nginx
etag: W/"pijfbe0LAginuh3NlwzfZpCRjI5MHtzaEWSL0N+xzeQOzg1ICj+U5D13OZ1G23nWyJJyZIP43Dr2jsdFwhJSULtZx/whfG2obxFhjS+Zk6E+oDmJ2dyTK1H1EWm6UIGQoMxQ3r70PXRvmJ8ETUQV9Z9rZaztc8K07x3r"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache
x-envoy-upstream-service-time: 0

GET
H2 200 cross.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 342 B
319 B 238ms
237ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/cross.svg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/wp-content/cache/background-css/www.group-ib.com/wp-content/cache/min/1/wp-content/themes/gib-theme/assets/css/single-blog-post.css?ver=1721839748&wpr_t=1721853154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dfb059f8aa219769088fd6c85d85aae789f1e72bfe3d314748f1f3ccfffffb1c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/wp-content/cache/background-css/www.group-ib.com/wp-content/cache/min/1/wp-content/themes/gib-theme/assets/css/single-blog-post.css?ver=1721839748&wpr_t=1721853154
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 207
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:53 GMT

GET
H2 200 success.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 386 B
319 B 235ms
235ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/success.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fa4859289ded4c674dcee233811758743116b1d7ce4e9f0c0e7e259391504c43

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/wp-content/cache/background-css/www.group-ib.com/wp-content/cache/min/1/wp-content/themes/gib-theme/assets/css/single-blog-post.css?ver=1721839748&wpr_t=1721853154
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 254
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 11:07:05 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:53 GMT

GET
H2 200 G-font-Medium.otf
www.group-ib.com/wp-content/themes/gib-theme/assets/fonts/G-font/ 60 KB
35 KB 334ms
332ms Font
font/otf 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/fonts/G-font/G-font-Medium.otf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1efe16c9efbadde5e242d88a315eca3906a55669fcd4882a904fbc723306a4e4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/wp-content/cache/background-css/www.group-ib.com/wp-content/cache/min/1/wp-content/themes/gib-theme/assets/css/single-blog-post.css?ver=1721839748&wpr_t=1721853154
Origin: https://www.group-ib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 35382
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 27 Nov 2023 11:44:59 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: font/otf
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:53 GMT

GET
H2 200 G-font-Regular.otf
www.group-ib.com/wp-content/themes/gib-theme/assets/fonts/G-font/ 47 KB
30 KB 234ms
233ms Font
font/otf 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/fonts/G-font/G-font-Regular.otf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6cee0fb06339ba13e1f15d044e0e4904bbeeb7fbe4351e3f102b6d80b2465061

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/wp-content/cache/background-css/www.group-ib.com/wp-content/cache/min/1/wp-content/themes/gib-theme/assets/css/single-blog-post.css?ver=1721839748&wpr_t=1721853154
Origin: https://www.group-ib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 30798
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 27 Nov 2023 11:44:59 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: font/otf
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:53 GMT

GET
H2 200 G-font-Bold.otf
www.group-ib.com/wp-content/themes/gib-theme/assets/fonts/G-font/ 49 KB
31 KB 240ms
240ms Font
font/otf 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/fonts/G-font/G-font-Bold.otf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8d15a221986226efe4f742f390f46f9d5ae8b2008a6edd40e10ff121ef9cca9b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/wp-content/cache/background-css/www.group-ib.com/wp-content/cache/min/1/wp-content/themes/gib-theme/assets/css/single-blog-post.css?ver=1721839748&wpr_t=1721853154
Origin: https://www.group-ib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 31918
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 27 Nov 2023 11:44:59 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: font/otf
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:53 GMT

GET
H2 200 dropdown_before.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 154 B
195 B 285ms
283ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/dropdown_before.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

574ab1a3d7b47add5d43a927f62c87698264f63572acd70b42081dd4a1dc5ced

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/wp-content/cache/background-css/www.group-ib.com/wp-content/cache/min/1/wp-content/themes/gib-theme/assets/css/single-blog-post.css?ver=1721839748&wpr_t=1721853154
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 150
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:53 GMT

GET
H2 200 link-arrow.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 409 B
309 B 284ms
282ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/link-arrow.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e91c5731358570d3e4cd684118251d243fc799059648b152403dcd775ceba632

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/wp-content/cache/background-css/www.group-ib.com/wp-content/cache/min/1/wp-content/themes/gib-theme/assets/css/single-blog-post.css?ver=1721839748&wpr_t=1721853154
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 267
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:53 GMT

GET
H2 200 Close.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 227 B
244 B 283ms
282ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/Close.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

31d1c5bd0cd38e6e6b8eb944944df273044e826c7d3daacbe602caead3068c7a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/wp-content/cache/background-css/www.group-ib.com/wp-content/cache/min/1/wp-content/themes/gib-theme/assets/css/single-blog-post.css?ver=1721839748&wpr_t=1721853154
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 180
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 12:14:21 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:53 GMT

GET
H2 200 file_copy.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 668 B
417 B 330ms
329ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/file_copy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f367bbc4429fc9fb0a93045245aef519a000ab275549645cddecb3f953e0a05f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/wp-content/cache/background-css/www.group-ib.com/wp-content/cache/min/1/wp-content/themes/gib-theme/assets/css/single-blog-post.css?ver=1721839748&wpr_t=1721853154
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 352
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 28 Nov 2022 13:01:55 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:54 GMT

GET
H2 200 list-dot.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 313 B
269 B 354ms
353ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/list-dot.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6b0775723ccade5ca3170fcc6a321c5b4768a5dc2b7c83b8b8b595407a2f0018

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/wp-content/cache/background-css/www.group-ib.com/wp-content/cache/min/1/wp-content/themes/gib-theme/assets/css/single-blog-post.css?ver=1721839748&wpr_t=1721853154
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 205
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Sep 2022 12:02:57 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:54 GMT

GET main-logo.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 0
0

GET ti.png
www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 0
0

GET
H2 200 asm.png
www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 4 KB
0 322ms
312ms Image
image/png 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/asm.png

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 5964
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Wed, 24 Jul 2024 20:49:53 GMT

GET
H2 200 fp.png
www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 8 KB
8 KB 290ms
281ms Image
image/png 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/fp.png

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

15534f98c260c3c3caaedf53335d912010b2de1731477a9fd4dbea89fb4995d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 7840
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Wed, 24 Jul 2024 20:49:53 GMT

GET
H2 200 drp.png
www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 5 KB
5 KB 321ms
312ms Image
image/png 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/drp.png

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a300a894e169169882504968fae71958a87e0a4322e2aee1b6b0bbd63fd9621f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 5421
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Wed, 24 Jul 2024 20:49:53 GMT

GET mxdr.png
www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 0
0

GET
H2 200 bep.png
www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 6 KB
6 KB 276ms
267ms Image
image/png 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/bep.png

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7574ba97d4ee7e81bd60873a52a31ff13359f246d0ac492ef2dabf96233a99e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 6275
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Wed, 24 Jul 2024 20:49:53 GMT

GET
H2 200 search-icon.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 982 B
474 B 288ms
280ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/search-icon.svg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

518a92131be0b0201d0b5a7e1d89623eaa7682b28ce10f206d374db8d00e9bdc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 410
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 09:08:51 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:54 GMT

GET twitter-64.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/ 0
0

GET
H2 200 facebook-64.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/ 627 B
418 B 285ms
277ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/facebook-64.svg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f006e8bbfa4f0537780571436b5bed50ff10ff28759924c53b67732ec5af28ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 376
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 07:39:21 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:54 GMT

GET
H2 200 telegram-64.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/ 1 KB
829 B 286ms
278ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/telegram-64.svg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cdc4d10b6b74ad79b55333b9882e854f054ee8b9953c6203dc46c68dc74eb0fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 787
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 07:39:21 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:54 GMT

GET
H2 200 linkedin-64.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/ 919 B
512 B 285ms
278ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/linkedin-64.svg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f4991587d5312981e74087707ed399bd3820d83f773e7773c013ce00d6835f28

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 470
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 07:39:21 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:54 GMT

GET
H2 200 whatsapp-64.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/ 2 KB
1 KB 269ms
262ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/whatsapp-64.svg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

45d44c2f23a04d49dbbb3f216ba72782ad80278cf7c4c330b1f03b8263c544ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1046
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 07:39:21 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:54 GMT

GET
H2 200 share-black.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 1 KB
541 B 273ms
267ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/share-black.svg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3689e488f5478e26f0347353ad608ccd66e4d62992021c51d9db93f89d43c880

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 500
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 22 Nov 2022 11:16:45 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:54 GMT

GET
H2 200 wb_sunny-black.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 724 B
455 B 269ms
263ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/wb_sunny-black.svg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cc5dcea4d483d798630d7fe0846a1b784618aa3d4f86bdfa655083d81750322a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 385
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 22 Nov 2022 11:16:45 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=10368000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Thu, 21 Nov 2024 20:49:54 GMT

GET moon.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 0
0

GET blog2-1-1.png.webp
www.group-ib.com/wp-content/uploads/ 0
0

GET
H2 200 mirkasymov-1.png.webp
www.group-ib.com/wp-content/uploads/ 4 KB
4 KB 269ms
265ms Image
image/webp 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/uploads/mirkasymov-1.png.webp

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2dec53059573d1387671a6b02498460137e1de2f197ff40a70541339a0d76e08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4335
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 May 2024 18:58:18 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/webp
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Wed, 24 Jul 2024 20:49:53 GMT

GET
H2 200 GIB-round-white.png
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 3 KB
3 KB 264ms
260ms Image
image/png 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/GIB-round-white.png

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3b63b449bde0f2c40eb23801ac24bd82666bd3a766c77b953ff75e6f3e257460

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2889
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Dec 2022 15:23:27 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Wed, 24 Jul 2024 20:49:53 GMT

GET
H2 200 qilin-revisited-blog-1-min.jpg.webp
www.group-ib.com/wp-content/uploads/ 10 KB
10 KB 285ms
281ms Image
image/webp 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/uploads/qilin-revisited-blog-1-min.jpg.webp

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

45471bd7c2bf25c0d650f729e381e598a1af91f4330912a6732d3f89c26e3ac2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 9813
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Jul 2024 11:03:11 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/webp
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Wed, 24 Jul 2024 20:49:53 GMT

GET
H2 200 group-ib-digital-risk-protection-blog-min.jpg.webp
www.group-ib.com/wp-content/uploads/ 6 KB
6 KB 270ms
267ms Image
image/webp 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/uploads/group-ib-digital-risk-protection-blog-min.jpg.webp

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b12f4088edfdedeabfe95d97e690de3f4df3aeb8c876c11926ff4df4a5550a4b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 5757
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Jul 2024 11:38:01 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/webp
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Wed, 24 Jul 2024 20:49:53 GMT

GET
H2 200 patch-or-peril-1-min.jpg.webp
www.group-ib.com/wp-content/uploads/ 16 KB
16 KB 285ms
281ms Image
image/webp 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/uploads/patch-or-peril-1-min.jpg.webp

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/boolka/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

815b5cccfbd24b7139961c19bae6228020a597e698c099c153098d16a26a5b04

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 20:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 16015
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 07 Jul 2024 15:16:41 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/webp
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Wed, 24 Jul 2024 20:49:53 GMT

POST
H2 200 fl Show response
www.group-ib.com/api/ 685 B
1 KB 487ms
478ms XHR
application/json 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/api/fl?u=0085cb90-831e-11ee-9493-816cec585ffa&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=pijfbe0LAginuh3NlwzfZpCRjI5MHtzaEWSL0N%2BxzeQOzg1ICj%2BU5D13OZ1G23nWyJJyZIP43Dr2jsdFwhJSULtZx%2FwhfG2obxFhjS%2BZk6E%2BoDmJ2dyTK1H1EWm6UIGQoMxQ3r70PXRvmJ8ETUQV9Z9rZaztc8K07x3r
Requested by: Host: fhp-de-js.group-ib.com
URL: https://fhp-de-js.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e637ea38e5dedb270c8fee0c352f0cfdf7ab1081c00ee683e1a80c47788042b2

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24: WxbZ7Qlo5mpKoJhxjxfFJa6fDfRA4YGTYk6iYL5ogxmExQh0sFESQ4lbeIFJZjHaOfJSUdfLh/F5Xj+3qx/Sjy/89hh0lJzry92fx4Y5KyQgiDMYXoN06C1Oj/rvp25Malckj+zasybVZymCjefqyDCoTfjHkyHP+hhx2vnKJjllbVzsvdCl67mF83HabZIkI/qQEcRIiDedpzxNNyxClApUXoCkLc0bc9+pl4IioVIPOdG7kvtRhy/Fn5/vUJfWpdjCEUC5xKCATcGLvQ==
Referer: https://www.group-ib.com/blog/boolka/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24: DRQX2ebbbf1e4f579f9710736946e9e1140e30ab
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 24 Jul 2024 20:49:55 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 32
access-control-allow-headers: Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids,Authorization

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-logo.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ti.png

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/mxdr.png

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/twitter-64.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/moon.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/uploads/blog2-1-1.png.webp

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.group-ib.com/	1970-01-21 07:03:10	Name: gsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: WxbZ7Qlo5mpKoJhxjxfFJa6fDfRA4YGTYk6iYL5ogxmExQh0sFESQ4lbeIFJZjHaOfJSUdfLh/F5Xj+3qx/Sjy/89hh0lJzry92fx4Y5KyQgiDMYXoN06C1Oj/rvp25Malckj+zasybVZymCjefqyDCoTfjHkyHP+hhx2vnKJjllbVzsvdCl67mF83HabZIkI/qQEcRIiDedpzxNNyxClApUXoCkLc0bc9+pl4IioVIPOdG7kvtRhy/Fn5/vUJfWpdjCEUC5xKCATcGLvQ==
.group-ib.com/	1970-01-21 07:03:10	Name: gsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: WxbZ7Qlo5mpKoJhxjxfFJa6fDfRA4YGTYk6iYL5ogxmExQh0sFESQ4lbeIFJZjHaOfJSUdfLh/F5Xj+3qx/Sjy/89hh0lJzry92fx4Y5KyQgiDMYXoN06C1Oj/rvp25Malckj+zasybVZymCjefqyDCoTfjHkyHP+hhx2vnKJjllbVzsvdCl67mF83HabZIkI/qQEcRIiDedpzxNNyxClApUXoCkLc0bc9+pl4IioVIPOdG7kvtRhy/Fn5/vUJfWpdjCEUC5xKCATcGLvQ==
.www.group-ib.com/	1970-01-21 07:03:10	Name: __zzatgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: MDA0dBA=Fz2+aQ==
.group-ib.com/	1970-01-21 07:03:10	Name: __zzatgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: MDA0dBA=Fz2+aQ==
www.group-ib.com/	1970-01-21 07:03:10	Name: gsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: xX73KN4EVC8fcSFviKra9rSkB5EsKQxJVkZphcEEHStjMwTBlPuc1tJJZdVSQOLYASkEa2i4DsevH8OrJdyWv/9aBILGlX9Petl5SH8u73djPc4Y1PCAu6eVBV9KgXlKOvIM7gAUftJnnpLJUhLM/WZXWIGeANZyf1HCDB8Ce4o9+WKDA4OGd/fztmOooPm31nPNG6lUjuEhWUnkxrXZfavklVSIxvm5hWPuRD/R/MWCVo/rABdB6BP45vaVcnel1KAGYd/IH35pFfgs5g==
.www.group-ib.com/	1970-01-21 07:03:10	Name: fgsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: eqkF2f728ba141bda3c32bb33a17e6d7e6a11705
.group-ib.com/	1970-01-21 07:03:10	Name: fgsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: eqkF2f728ba141bda3c32bb33a17e6d7e6a11705
www.group-ib.com/	1970-01-21 07:03:10	Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: pijfbe0LAginuh3NlwzfZpCRjI5MHtzaEWSL0N+xzeQOzg1ICj+U5D13OZ1G23nWyJJyZIP43Dr2jsdFwhJSULtZx/whfG2obxFhjS+Zk6E+oDmJ2dyTK1H1EWm6UIGQoMxQ3r70PXRvmJ8ETUQV9Z9rZaztc8K07x3r
.www.group-ib.com/	1970-01-21 07:03:10	Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: pijfbe0LAginuh3NlwzfZpCRjI5MHtzaEWSL0N+xzeQOzg1ICj+U5D13OZ1G23nWyJJyZIP43Dr2jsdFwhJSULtZx/whfG2obxFhjS+Zk6E+oDmJ2dyTK1H1EWm6UIGQoMxQ3r70PXRvmJ8ETUQV9Z9rZaztc8K07x3r
.group-ib.com/	1970-01-21 07:03:10	Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: pijfbe0LAginuh3NlwzfZpCRjI5MHtzaEWSL0N+xzeQOzg1ICj+U5D13OZ1G23nWyJJyZIP43Dr2jsdFwhJSULtZx/whfG2obxFhjS+Zk6E+oDmJ2dyTK1H1EWm6UIGQoMxQ3r70PXRvmJ8ETUQV9Z9rZaztc8K07x3r

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.group-ib.com/blog/boolka/ Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fhp-de-js.group-ib.com
www.group-ib.com
www.group-ib.com
136.243.23.113
3.72.181.255
0d585aebb9cb31821fbcc6b030e0d882b5639e17bb403f8eb5ce7b3b19f4a1c9
14034460331ad4d1cc2fb12ccc794f41430522b19afe927f4c4615b2a4d12dae
15534f98c260c3c3caaedf53335d912010b2de1731477a9fd4dbea89fb4995d9
1db4f61fc847956f183dc06258e777d70d4502cdbb4bce91d6cfe1df9cbc226f
1efe16c9efbadde5e242d88a315eca3906a55669fcd4882a904fbc723306a4e4
24f273155b782865a64f7818858b09c6d4347f558ac52e2ae53e8e215f0d118a
2769d81a1ba68cee2a9b7cc297b65dee2860c5e7d301862f916d0f3987d96d08
2dec53059573d1387671a6b02498460137e1de2f197ff40a70541339a0d76e08
31d1c5bd0cd38e6e6b8eb944944df273044e826c7d3daacbe602caead3068c7a
3689e488f5478e26f0347353ad608ccd66e4d62992021c51d9db93f89d43c880
3b63b449bde0f2c40eb23801ac24bd82666bd3a766c77b953ff75e6f3e257460
3fe82b3d01b8583a4d444f00720e4a4d5f708912ad5462999ab799a78c3410ba
414674bf216d29c2fa61aecdb39aa89fc53c5877212381e7009a6f987e278070
45471bd7c2bf25c0d650f729e381e598a1af91f4330912a6732d3f89c26e3ac2
45564ca3c37e3def5d8436bae81a64a5a13143247fe10f510975cceccfd3e3ef
45d44c2f23a04d49dbbb3f216ba72782ad80278cf7c4c330b1f03b8263c544ee
518a92131be0b0201d0b5a7e1d89623eaa7682b28ce10f206d374db8d00e9bdc
554214bddf4fc6af4c4b301db9ee29704ddd4b053ec6edfecc37678fe84d7138
574ab1a3d7b47add5d43a927f62c87698264f63572acd70b42081dd4a1dc5ced
58dce0919037761c043be8b1b96e05a2ca7fd9f51feeb5b39e0df86cfee09a6a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
6101edce92a845671f95cbcab15ab5f262bdfb31f46b742d97f50deb6245093c
652184cfceaa5784b41b5ffcbe443c98d195d4e5011a803178b7402e901b57a1
6b0775723ccade5ca3170fcc6a321c5b4768a5dc2b7c83b8b8b595407a2f0018
6cee0fb06339ba13e1f15d044e0e4904bbeeb7fbe4351e3f102b6d80b2465061
7574ba97d4ee7e81bd60873a52a31ff13359f246d0ac492ef2dabf96233a99e6
7661bfade22daebeba97f359ace33094ec08369825e793d7f811d7be1bee5d14
785155f56788ad6bce2b39333600e2022a5b7efd13667680c836aa84c80f6a3e
7bcfa119b0f56ed4b6a8a614362500dde5dfe38be4184bc65d0840fcb863e227
8063e95f8874c2de7589ba713958e2032f5ccfb149f4d67928d599d1ac6b2254
815b5cccfbd24b7139961c19bae6228020a597e698c099c153098d16a26a5b04
8276d99808a3a111dcb2dc61c895388c21341d48be9c3f87d905787a49c2b832
8d15a221986226efe4f742f390f46f9d5ae8b2008a6edd40e10ff121ef9cca9b
8d8a3076d111af749d1c94c0d37c58f9079743c90e6be0deeb74233fefe38917
90feab54b3acd83fa6182b1099d882d4aa602ec61b8bcdfec8c3c8f413df5fe0
a300a894e169169882504968fae71958a87e0a4322e2aee1b6b0bbd63fd9621f
a7049024006e7771a82beb0b4bac43f6c2f99e66fc81818cb74ce322efe9f990
a91a703da4777ca3308d0cc3e7d00a97b5c9973201a0a8bed09fb3ea1eb38eee
b12f4088edfdedeabfe95d97e690de3f4df3aeb8c876c11926ff4df4a5550a4b
b624e1e378abe009ef0de69a698b0a3e734af47efcdbd6816d5fcb8fc64c8bfe
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
c9b877bf594a1febfdc224f3e0aaf8c6db32315529a7569d185496225aea3ade
cb40ddd8db8cdc5da0910a2604f02599c2c8fd5f3925e16ac339eccbf6302bf9
cc5dcea4d483d798630d7fe0846a1b784618aa3d4f86bdfa655083d81750322a
cdc4d10b6b74ad79b55333b9882e854f054ee8b9953c6203dc46c68dc74eb0fb
cf73fb18b800d7d55a0534b0b6817a113d6bd53db993d5df6ef5d961c8a60f01
dfb059f8aa219769088fd6c85d85aae789f1e72bfe3d314748f1f3ccfffffb1c
e637ea38e5dedb270c8fee0c352f0cfdf7ab1081c00ee683e1a80c47788042b2
e91c5731358570d3e4cd684118251d243fc799059648b152403dcd775ceba632
f006e8bbfa4f0537780571436b5bed50ff10ff28759924c53b67732ec5af28ba
f367bbc4429fc9fb0a93045245aef519a000ab275549645cddecb3f953e0a05f
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f4991587d5312981e74087707ed399bd3820d83f773e7773c013ce00d6835f28
fa4859289ded4c674dcee233811758743116b1d7ce4e9f0c0e7e259391504c43
faf1fba19f2a95791954ff24c07bbbef0feebefb3a7f9fd72d2ab244d4c4cdc6
fc7b51ea81e3ecf45496865b4faf757354e6f353343faf438f95a5fcbb074b32
fd6f1cc062b724ab5174512b13ed85c0f2bbf5c49d38b3050996a3723db5f9d9

www.group-ib.com Open in urlscan Pro 3.72.181.255 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

88 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

3 IPs

1 Countries

606 kBTransfer

1613 kBSize

10 Cookies

24 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.group-ib.com Open in urlscan Pro
3.72.181.255 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

88 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

3
IPs

1
Countries

606 kB
Transfer

1613 kB
Size

10
Cookies

49 HTTP transactions
17 data transactions