www.group-ib.com Open in urlscan Pro
3.72.181.255 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.group-ib.com/blog/cve---winrar-zero-day
Submission: On May 30 via api (May 30th 2024, 6:27:04 pm UTC) from BY — Scanned from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 41 HTTP transactions. The main IP is 3.72.181.255, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.group-ib.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 26th 2023. Valid for: a year.

This is the only time www.group-ib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	3.72.181.255 3.72.181.255	16509 (AMAZON-02) (AMAZON-02)
1	136.243.23.20 136.243.23.20	24940 (HETZNER-AS) (HETZNER-AS)
41	3

6 3.72.181.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

www.group-ib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.23.20 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.20.23.243.136.clients.your-server.de

fhp-de-js.group-ib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	group-ib.com www.group-ib.com fhp-de-js.group-ib.com	149 KB
0	hs-scripts.com Failed js-eu1.hs-scripts.com Failed
0	hsforms.net Failed js-eu1.hsforms.net Failed
41	3

	Domain	Requested by
6	www.group-ib.com	fhp-de-js.group-ib.com www.group-ib.com
1	fhp-de-js.group-ib.com	www.group-ib.com
0	js-eu1.hs-scripts.com Failed	www.group-ib.com
0	js-eu1.hsforms.net Failed	www.group-ib.com
41	4

This site contains no links.

Subject Issuer	Validity	Valid
www.group-ib.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-26` - `2024-06-28`	a year	crt.sh
*.group-ib.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-30` - `2024-07-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.group-ib.com/blog/cve---winrar-zero-day
Frame ID: FDE22944E5ED114CE2DFFB0B7EF5CCAC
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.group-ib.com/blog/cve---winrar-zero-day Page URL
https://www.group-ib.com/blog/cve---winrar-zero-day Page URL

Page Statistics

41
Requests

17 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

149 kB
Transfer

429 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.group-ib.com/blog/cve---winrar-zero-day Page URL
https://www.group-ib.com/blog/cve---winrar-zero-day Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 403 cve---winrar-zero-day Show response
www.group-ib.com/blog/ 7 KB
7 KB 185ms
38ms Document
text/html 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/blog/cve---winrar-zero-day
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bc08f79100f97884786f93d6401c23dc855770e058e6141309f9f290f8ad7e79

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, must-revalidate
content-type: text/html
date: Thu, 30 May 2024 18:26:56 GMT

GET
H/1.1 200
OK bt-autoinject.js Show response
fhp-de-js.group-ib.com/d/ 343 KB
135 KB 179ms
82ms Script
text/javascript 136.243.23.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fhp-de-js.group-ib.com/d/bt-autoinject.js
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/blog/cve---winrar-zero-day
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.23.20 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.20.23.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 90feab54b3acd83fa6182b1099d882d4aa602ec61b8bcdfec8c3c8f413df5fe0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.group-ib.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 18:26:57 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Methods: GET, POST, OPTIONS
x-envoy-upstream-service-time: 0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids,Authorization

GET
DATA 200
OK truncated
/ 488 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfc36b4d33ec327edcef5ada4fd43c97f1d5241e229cdc5fbc5162c13b3ff159

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9442c2b6c6420948b85980f53c7edd2916834f4a1e618ef1fe4cf42826cfb4bc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Show response
www.group-ib.com/api/fl/ 205 B
686 B 48ms
48ms XHR
application/json 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/api/fl/idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Requested by: Host: fhp-de-js.group-ib.com
URL: https://fhp-de-js.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7ba9e69e30c1c8e58d016ec93abdcb031a8d886c48fd48c634f39c1651a89f44

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.group-ib.com/blog/cve---winrar-zero-day
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
x-cfids: -

Response headers

date: Thu, 30 May 2024 18:26:57 GMT
content-encoding: gzip
server: nginx
etag: W/"K9OYs6kckY0M+XsIZRDsWkv5Or405zvLNjPxOFTmHubWAwQcZfkiXSuRjVjynqAYYiiNguf91y5sY5OYPq+KznbyV6s12wSoY9j+E38nREiOP8AiLPY0wWhA16MP5YRVQbPVaJpdwnrNdRkCaX0GaDrz"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache
x-envoy-upstream-service-time: 2

GET
H2 200 favicon.ico
www.group-ib.com/ 7 KB
3 KB 47ms
47ms Other
image/vnd.microsoft.icon 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c9b877bf594a1febfdc224f3e0aaf8c6db32315529a7569d185496225aea3ade

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.group-ib.com/blog/cve---winrar-zero-day
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 30 May 2024 18:26:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2882
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 29 Jun 2022 11:31:28 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/vnd.microsoft.icon
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=2592000, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Sat, 29 Jun 2024 18:26:57 GMT

POST
H2 200 fl Show response
www.group-ib.com/api/ 685 B
1 KB 159ms
158ms XHR
application/json 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/api/fl?u=0085cb90-831e-11ee-9493-816cec585ffa&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=K9OYs6kckY0M%2BXsIZRDsWkv5Or405zvLNjPxOFTmHubWAwQcZfkiXSuRjVjynqAYYiiNguf91y5sY5OYPq%2BKznbyV6s12wSoY9j%2BE38nREiOP8AiLPY0wWhA16MP5YRVQbPVaJpdwnrNdRkCaX0GaDrz
Requested by: Host: fhp-de-js.group-ib.com
URL: https://fhp-de-js.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef5036e37c0c1147faaefcea84641d05ec7ad466f9bbe83ff51b5f9be2140e02

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.group-ib.com/blog/cve---winrar-zero-day
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 May 2024 18:26:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 65
access-control-allow-headers: Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids,Authorization

GET
H2 404 Primary Request cve---winrar-zero-day
www.group-ib.com/blog/ 65 KB
0 6123ms
6122ms Document
text/html 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/blog/cve---winrar-zero-day

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/cve---winrar-zero-day

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.group-ib.com/blog/cve---winrar-zero-day
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 14328
content-type: text/html; charset=UTF-8
date: Thu, 30 May 2024 18:27:04 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-Forwarded-Proto,Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

POST
H2 200 fl
www.group-ib.com/api/ 685 B
1 KB 75ms
74ms Ping
application/json 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/api/fl?u=0085cb90-831e-11ee-9493-816cec585ffa&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=4Hn5xYxgW5MGL7%2BZCJGeLP0rwy1HNDsRVcitbDaIp%2FRctqh5w0GaOr%2B9lKCshecrSzrDDycOlgsFYjuvicpNE%2BL1aESNAjUnhyc8wNAXK0jcxVKanQbbXDDb3sG1HwNiNaY6CmYanqZ%2FHkRp9NLSZrVWVZhU9FtkPls0
Requested by: Host: fhp-de-js.group-ib.com
URL: https://fhp-de-js.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.group-ib.com/blog/cve---winrar-zero-day
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 May 2024 18:26:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 26
access-control-allow-headers: Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids,Authorization

GET bt-autoinject.js
fhp-de-js.group-ib.com/d/ 0
0

GET swiper-bundle.min.js
www.group-ib.com/wp-content/themes/gib-theme/assets/js/ 0
0

GET classic-themes.min.css
www.group-ib.com/wp-includes/css/ 0
0

GET dashicons.min.css
www.group-ib.com/wp-includes/css/ 0
0

GET frontend.min.css
www.group-ib.com/wp-content/plugins/post-views-counter/css/ 0
0

GET jquery.min.js
www.group-ib.com/wp-includes/js/jquery/ 0
0

GET page-404.css
www.group-ib.com/wp-content/themes/gib-theme/assets/css/ 0
0

GET v2.js
js-eu1.hsforms.net/forms/ 0
0

GET main-logo.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 0
0

GET ti.png
www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 0
0

GET asm.png
www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 0
0

GET fp.png
www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 0
0

GET drp.png
www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 0
0

GET mxdr.png
www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 0
0

GET bep.png
www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 0
0

GET search-icon.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 0
0

GET close-24.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 0
0

GET 404.png
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 0
0

GET manage_search.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/gradient-icons/ 0
0

GET library_books.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/gradient-icons/ 0
0

GET school.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/gradient-icons/ 0
0

GET groups.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/gradient-icons/ 0
0

GET Arrow_Forward_Up.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 0
0

GET twitter-icon.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 0
0

GET linkedin-icon.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 0
0

GET instagram-icon.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 0
0

GET facebook-icon.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 0
0

GET telegram-icon.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 0
0

GET medium-icon.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 0
0

GET jquery-ui.js
www.group-ib.com/wp-content/themes/gib-theme/assets/libs/jquery-ui/ 0
0

GET fancybox.umd.js
www.group-ib.com/wp-content/themes/gib-theme/assets/libs/fancybox/ 0
0

GET main.js
www.group-ib.com/wp-content/themes/gib-theme/assets/js/ 0
0

GET lazyload.min.js
www.group-ib.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 0
0

GET 25755956.js
js-eu1.hs-scripts.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fhp-de-js.group-ib.com
URL: https://fhp-de-js.group-ib.com/d/bt-autoinject.js

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/js/swiper-bundle.min.js

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-includes/css/classic-themes.min.css

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-includes/css/dashicons.min.css

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/plugins/post-views-counter/css/frontend.min.css

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-includes/js/jquery/jquery.min.js

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/css/page-404.css

Domain: js-eu1.hsforms.net
URL: https://js-eu1.hsforms.net/forms/v2.js

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-logo.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ti.png

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/asm.png

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/fp.png

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/drp.png

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/mxdr.png

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/bep.png

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/search-icon.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/close-24.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/404.png

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/gradient-icons/manage_search.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/gradient-icons/library_books.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/gradient-icons/school.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/gradient-icons/groups.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/Arrow_Forward_Up.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/twitter-icon.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/linkedin-icon.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/instagram-icon.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/facebook-icon.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/telegram-icon.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/medium-icon.svg

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/libs/jquery-ui/jquery-ui.js

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/libs/fancybox/fancybox.umd.js

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/themes/gib-theme/assets/js/main.js

Domain: www.group-ib.com
URL: https://www.group-ib.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js

Domain: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25755956.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.group-ib.com/	1970-01-21 05:43:49	Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: 4Hn5xYxgW5MGL7+ZCJGeLP0rwy1HNDsRVcitbDaIp/Rctqh5w0GaOr+9lKCshecrSzrDDycOlgsFYjuvicpNE+L1aESNAjUnhyc8wNAXK0jcxVKanQbbXDDb3sG1HwNiNaY6CmYanqZ/HkRp9NLSZrVWVZhU9FtkPls0
.group-ib.com/	1970-01-21 05:43:49	Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: 4Hn5xYxgW5MGL7+ZCJGeLP0rwy1HNDsRVcitbDaIp/Rctqh5w0GaOr+9lKCshecrSzrDDycOlgsFYjuvicpNE+L1aESNAjUnhyc8wNAXK0jcxVKanQbbXDDb3sG1HwNiNaY6CmYanqZ/HkRp9NLSZrVWVZhU9FtkPls0
.www.group-ib.com/	1970-01-21 05:43:49	Name: gsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: 9nU0PVPQST78xeXQ7GGF6x3DNsbn6oI8xnBxh5x05IlwUVZdzGptWlzEPE7grqfAxvcV7XqwvRWsp+NXRmoRVPXkPq4jPHL9wXXjQrSqUj9fFTaBtgnqiTh3ii8qtoRPOO+cSfL+cJM8cdzelcKxzH77v3rqiLK98UnSx+oQoNoY7k/HuQjvcygNGfG6um0AuAioPzGuYnq2XLAv3Lvwi8GRycHM2xM7iOwCr7Y5It5BpJlwNuLxXq0gAgeJc6eu911AZbevCTvswYFdbg==
.group-ib.com/	1970-01-21 05:43:49	Name: gsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: 9nU0PVPQST78xeXQ7GGF6x3DNsbn6oI8xnBxh5x05IlwUVZdzGptWlzEPE7grqfAxvcV7XqwvRWsp+NXRmoRVPXkPq4jPHL9wXXjQrSqUj9fFTaBtgnqiTh3ii8qtoRPOO+cSfL+cJM8cdzelcKxzH77v3rqiLK98UnSx+oQoNoY7k/HuQjvcygNGfG6um0AuAioPzGuYnq2XLAv3Lvwi8GRycHM2xM7iOwCr7Y5It5BpJlwNuLxXq0gAgeJc6eu911AZbevCTvswYFdbg==
.www.group-ib.com/	1970-01-21 05:43:49	Name: fgsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: otAh735506495c150b91fdeb0a19884351d1a352
.group-ib.com/	1970-01-21 05:43:49	Name: fgsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: otAh735506495c150b91fdeb0a19884351d1a352
.www.group-ib.com/	1970-01-21 05:43:49	Name: __zzatgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: MDA0dBA=Fz2+aQ==
.group-ib.com/	1970-01-21 05:43:49	Name: __zzatgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: MDA0dBA=Fz2+aQ==
www.group-ib.com/	1970-01-21 05:43:49	Name: gsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: JdigeGqEwy5Q+wtpHizDzTaA1ry1b+XhDrecuMtWLXlhvimf6JnJwUxFf4sf8P+PFzxdrFfwuxxIVikmaIzqzz9kfsQfEHpZBvMB0WnAlaSi/FGph4p6uxXWV27gjiznNeB+aPY7dKcpCC7PmcnCja8zzFrJLJ9A3hHjnOs9OGc7ReUz/Gxq9Q6Raz5A0T6aW6Bl8SjDaREXESauWvCyaD4QSeSSPGNZDAqPN7U/I/9D0pp0Reep7Cz7zORQp1EYCDG6tEY6bL4bImXg8A==
www.group-ib.com/	1970-01-21 05:43:49	Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: RSV+FqqIJ4UyOOd0v5NErtgk1iXXX7fBFkhq7+WSFtZYylYKDHmo11VqfweMA1TxlNh5mTv9kZ1MH5MecdU2zXgGLnDGKjSUqw0iXlaUi1nF7uE6xzEsWAZF7j5Yyv8RtT+Kh/ZvP7j3fUETR880M5nAtGXdBcs0Agy7

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.group-ib.com/blog/cve---winrar-zero-day Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.group-ib.com/blog/cve---winrar-zero-day Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fhp-de-js.group-ib.com
js-eu1.hs-scripts.com
js-eu1.hsforms.net
www.group-ib.com
fhp-de-js.group-ib.com
js-eu1.hs-scripts.com
js-eu1.hsforms.net
www.group-ib.com
136.243.23.20
3.72.181.255
7ba9e69e30c1c8e58d016ec93abdcb031a8d886c48fd48c634f39c1651a89f44
90feab54b3acd83fa6182b1099d882d4aa602ec61b8bcdfec8c3c8f413df5fe0
9442c2b6c6420948b85980f53c7edd2916834f4a1e618ef1fe4cf42826cfb4bc
bc08f79100f97884786f93d6401c23dc855770e058e6141309f9f290f8ad7e79
c9b877bf594a1febfdc224f3e0aaf8c6db32315529a7569d185496225aea3ade
dfc36b4d33ec327edcef5ada4fd43c97f1d5241e229cdc5fbc5162c13b3ff159
ef5036e37c0c1147faaefcea84641d05ec7ad466f9bbe83ff51b5f9be2140e02

www.group-ib.com Open in urlscan Pro 3.72.181.255 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

41 Requests

17 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

3 IPs

1 Countries

149 kBTransfer

429 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

10 Cookies

2 Console Messages

Indicators

www.group-ib.com Open in urlscan Pro
3.72.181.255 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

17 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

149 kB
Transfer

429 kB
Size

10
Cookies

41 HTTP transactions
2 data transactions