www.group-ib.com Open in urlscan Pro
178.248.235.63 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.group-ib.com/cert.html
Submission: On August 09 via api (August 9th 2020, 1:52:19 pm UTC) from US

Summary HTTP 55 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 13 IPs in 8 countries across 14 domains to perform 55 HTTP transactions. The main IP is 178.248.235.63, located in Russian Federation and belongs to QRATOR, RU. The main domain is www.group-ib.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 8th 2020. Valid for: a year.

This is the only time www.group-ib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	178.248.235.63 178.248.235.63	197068 (QRATOR) (QRATOR)
1	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	104.16.96.80 104.16.96.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f1:... 2a02:26f0:f1:29c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.109.95.62 104.109.95.62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	134.213.193.62 134.213.193.62	15395 (RACKSPACE...) (RACKSPACE-LON)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
55	13

30 178.248.235.63 (Russian Federation)

ASN197068 (QRATOR, RU)

www.group-ib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.96.80 (United States)

ASN13335 (CLOUDFLARENET, US)

app-lon09.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f1:29c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.95.62 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-95-62.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.213.193.62 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)

689-lre-818.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	group-ib.com www.group-ib.com	9 MB
5	marketo.com app-lon09.marketo.com	73 KB
4	facebook.com www.facebook.com	638 B
4	facebook.net connect.facebook.net	360 KB
3	yandex.ru 1 redirects mc.yandex.ru	3 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	google-analytics.com www.google-analytics.com	48 KB
2	marketo.net munchkin.marketo.net	7 KB
1	mktoresp.com 689-lre-818.mktoresp.com	470 B
1	google.de www.google.de	492 B
1	google.com 1 redirects www.google.com	568 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	463 B
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
55	14

	Domain	Requested by
30	www.group-ib.com	www.group-ib.com
5	app-lon09.marketo.com	www.group-ib.com app-lon09.marketo.com
4	www.facebook.com	www.group-ib.com connect.facebook.net
4	connect.facebook.net	www.group-ib.com connect.facebook.net
3	mc.yandex.ru	1 redirects www.group-ib.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.group-ib.com
2	px.ads.linkedin.com	1 redirects www.group-ib.com
2	munchkin.marketo.net	www.group-ib.com munchkin.marketo.net
1	689-lre-818.mktoresp.com	munchkin.marketo.net
1	www.google.de	www.group-ib.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.group-ib.com
1	www.googletagmanager.com	www.group-ib.com
55	15

This site contains links to these domains. Also see Links.

Domain
www.group-ib.ru
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com
www.helpnetsecurity.com
www.zdnet.com
securityaffairs.co
economictimes.indiatimes.com
www.bleepingcomputer.com
thehackernews.com
tbsnews.net
www.nanalyze.com
www.bizbahrain.com
www.alayam.com
www.securityweek.com
www.lastampa.it
vtc.vn

Subject Issuer	Validity	Valid
group-ib.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-08` - `2021-06-17`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
app-lon09.marketo.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
www.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.group-ib.com/cert.html
Frame ID: DC0D373053AC1F5F874057B798C45C30
Requests: 69 HTTP requests in this frame

Frame: https://app-lon09.marketo.com/index.php/form/XDFrame
Frame ID: 99A5335AB4D960BEECF387281CF45379
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

script /munchkin\.marketo\.net\/munchkin\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

55
Requests

100 %
HTTPS

73 %
IPv6

14
Domains

15
Subdomains

13
IPs

8
Countries

9658 kB
Transfer

11026 kB
Size

14
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.group-ib.ru/
Title: русский

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groupibHQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/organization/1382013/

Search URL Search Domain Scan URL

URL: https://twitter.com/GroupIB_GIB

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GroupIB

Search URL Search Domain Scan URL

URL: https://www.helpnetsecurity.com/2020/04/16/phishing-kits-market/
Title: Help Net Security

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/phishing-kit-prices-skyrocketed-in-2019-by-149/
Title: ZDNet

Search URL Search Domain Scan URL

URL: https://securityaffairs.co/wordpress/101616/cyber-crime/underground-market-phishing-kits.html
Title: Security Affairs

Search URL Search Domain Scan URL

URL: https://economictimes.indiatimes.com/tech/internet/to-hack-or-not-to-hack-the-black-hat-hackers-ethical-dilemma-during-a-contagion/articleshow/75063432.cms
Title: The Economic Times

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/hackers-struggle-morally-and-economically-over-coronavirus/
Title: BleepingComputer

Search URL Search Domain Scan URL

URL: https://thehackernews.com/2020/02/like-of-the-year-scam.html
Title: The Hacker News

Search URL Search Domain Scan URL

URL: https://tbsnews.net/international/cert-gib-joins-oic-cert-bolster-cyber-defence-capabilities-islamic-countries-45473
Title: The Business Standard

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/shade-ransomware-is-the-most-actively-distributed-malware-via-email/
Title: Bleeping Computer

Search URL Search Domain Scan URL

URL: https://www.nanalyze.com/2019/08/elite-cybercrime-fighting-unit/
Title: Nanalyze

Search URL Search Domain Scan URL

URL: http://www.bizbahrain.com/group-ib-and-ngn-launch-intelligence-driven-247-security-operations-centre-in-bahrain/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+bizbahrain+%28bizbahrain%29
Title: Biz Bahrain

Search URL Search Domain Scan URL

URL: https://www.alayam.com/alayam/events/790051/News.html
Title: Alayam

Search URL Search Domain Scan URL

URL: https://www.bizbahrain.com/gcc-under-hackers-spotlight-in-2018-with-over-130-000-payment-cards-compromised/
Title: Biz Bahrain

Search URL Search Domain Scan URL

URL: https://www.securityweek.com/40000-government-user-credentials-found-dark-web
Title: Security Week

Search URL Search Domain Scan URL

URL: https://www.lastampa.it/2018/12/11/tecnologia/groupib-ventimila-account-di-siti-governativi-italiani-sono-in-vendita-nella-darknet-rnvNE4afKFDRko6PzIuJCM/pagina.html
Title: La Stampa

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/over-40000-credentials-for-government-portals-found-online/
Title: ZDNet

Search URL Search Domain Scan URL

URL: https://vtc.vn/nds-tro-thanh-nha-phan-phoi-cho-cac-san-pham-va-dich-vu-cua-tap-doan-ib-tai-viet-nam-d432854.html
Title: VTC

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=71960&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&time=1596981122778 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D71960%26url%3Dhttps%253A%252F%252Fwww.group-ib.com%252Fcert.html%26time%3D1596981122778%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=71960&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&time=1596981122778&liSync=true

Request Chain 57

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-25492706-2&cid=1830332049.1596981123&jid=1548893527&gjid=1278342660&_gid=1872180068.1596981123&_u=YGBAgAADQ~&z=939598416 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25492706-2&cid=1830332049.1596981123&jid=1548893527&_v=j83&z=939598416 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25492706-2&cid=1830332049.1596981123&jid=1548893527&_v=j83&z=939598416&slf_rd=1&random=3314794358

Request Chain 58

https://mc.yandex.ru/watch/25634039?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1596981122056%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200809155202%3Aet%3A1596981123%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1186107959019%3Arqn%3A1%3Arn%3A639173844%3Ahid%3A69181436%3Ads%3A16%2C17%2C30%2C1%2C0%2C0%2C0%2C279%2C1%2C%2C%2C%2C346%3Afp%3A309%3Awn%3A37068%3Ahl%3A2%3Agdpr%3A14%3Av%3A1914%3Arqnl%3A1%3Ast%3A1596981123%3Au%3A1596981123986705379%3At%3AResponse%20to%20information%20security%20incidents%20-%20CERT-GIB HTTP 302
https://mc.yandex.ru/watch/25634039/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1596981122056%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200809155202%3Aet%3A1596981123%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1186107959019%3Arqn%3A1%3Arn%3A639173844%3Ahid%3A69181436%3Ads%3A16%2C17%2C30%2C1%2C0%2C0%2C0%2C279%2C1%2C%2C%2C%2C346%3Afp%3A309%3Awn%3A37068%3Ahl%3A2%3Agdpr%3A14%3Av%3A1914%3Arqnl%3A1%3Ast%3A1596981123%3Au%3A1596981123986705379%3At%3AResponse%20to%20information%20security%20incidents%20-%20CERT-GIB

55 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request cert.html Show response
www.group-ib.com/ 38 KB
11 KB 64ms
30ms Document
text/html 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 02e9cb82b0cd0d1cfa453faf3a0288414854a6187be0b71f34590baf9184d100

Request headers

Host: www.group-ib.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: QRATOR
Date: Sun, 09 Aug 2020 13:52:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip

GET
H/1.1 200
OK types-new-8bded7c8.css
www.group-ib.com/stylesheets/ 396 KB
396 KB 44ms
44ms Stylesheet
text/css 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/stylesheets/types-new-8bded7c8.css
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 4e83bbbf7fd8158894a47483dee9b3ec396710121cc5cedd9469759377b07c46

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Fri, 11 Oct 2019 23:29:55 GMT
Server: QRATOR
ETag: "5da11073-62e38"
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 405048
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK all-2956a91e.css
www.group-ib.com/stylesheets/ 1 MB
1 MB 40ms
29ms Stylesheet
text/css 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/stylesheets/all-2956a91e.css
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 2b14a6df800a025b78c823e56fdc5ff8a93cf30dc7d1a27928ff96e75d7a33f9

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Wed, 05 Aug 2020 22:26:51 GMT
Server: QRATOR
ETag: "5f2b322b-11127f"
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1118847
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK jquery-96f076a3.js Show response
www.group-ib.com/javascripts/ 85 KB
86 KB 48ms
36ms Script
application/javascript 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/javascripts/jquery-96f076a3.js
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: fe9a7ca1e475140e6b37fbc86a5efcd3251be4348137aa07231bd91ee8678b7c

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Thu, 10 Oct 2019 10:42:00 GMT
Server: QRATOR
ETag: "5d9f0af8-1550b"
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 87307
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK all-40ae5f3f.js Show response
www.group-ib.com/javascripts/ 196 KB
197 KB 26ms
26ms Script
application/javascript 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/javascripts/all-40ae5f3f.js
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: bebca6a7c73057ea498a5e1b334e217688583f44a85e019499bfeed2db344886

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Sun, 14 Jun 2020 12:02:51 GMT
Server: QRATOR
ETag: "5ee611eb-311c5"
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 201157
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK first@2x.png
www.group-ib.com/images/cert-partners/ 5 KB
6 KB 16ms
15ms Image
image/png 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/images/cert-partners/first@2x.png
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 0430dd3b974561238dac03eb963a67da014965080c3d2de38d5b7aa318f3053e

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Thu, 10 Oct 2019 10:36:11 GMT
Server: QRATOR
ETag: "5d9f099b-1538"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 5432
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK ti@2x.png
www.group-ib.com/images/cert-partners/ 5 KB
5 KB 15ms
14ms Image
image/png 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/images/cert-partners/ti@2x.png
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: cba8dab9146aa4c7695c71ec3c6dd57b5e7c3c26cf53709866aa9ca7da1de491

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Thu, 10 Oct 2019 10:36:11 GMT
Server: QRATOR
ETag: "5d9f099b-139b"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 5019
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK impact@2x.png
www.group-ib.com/images/cert-partners/ 4 KB
4 KB 15ms
15ms Image
image/png 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/images/cert-partners/impact@2x.png
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 3dd4b088ab105f30c06ccea664b41ad4d8308bca0d79497bfd795113e7d616c6

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Thu, 10 Oct 2019 10:36:11 GMT
Server: QRATOR
ETag: "5d9f099b-f1b"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 3867
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK oic@2x.png
www.group-ib.com/images/cert-partners/ 12 KB
13 KB 17ms
15ms Image
image/png 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/images/cert-partners/oic@2x.png
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 7b12bc0e3c26c7489b7b00b5eac170133e840e004baac496b88c23db28353ad4

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Mon, 03 Feb 2020 09:49:17 GMT
Server: QRATOR
ETag: "5e37ec9d-3168"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 12648
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK cert@2x.png
www.group-ib.com/images/cert-partners/ 18 KB
19 KB 19ms
15ms Image
image/png 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/images/cert-partners/cert@2x.png
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: f5c7b1f81209556737cd5863284836c85bd6ca2071f9b5035a4f6cc31e40b262

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Thu, 10 Oct 2019 10:36:11 GMT
Server: QRATOR
ETag: "5d9f099b-4928"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 18728
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK azb-w@2x.png
www.group-ib.com/images/cert-partners/ 18 KB
19 KB 20ms
16ms Image
image/png 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/images/cert-partners/azb-w@2x.png
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 206d8cf5d1a0149c666651755b0f7b0b62a50882d61a5d18eaddc7317bb92a53

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Thu, 10 Oct 2019 10:36:11 GMT
Server: QRATOR
ETag: "5d9f099b-48ec"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 18668
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK onc@2x.png
www.group-ib.com/images/cert-partners/ 39 KB
40 KB 37ms
25ms Image
image/png 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/images/cert-partners/onc@2x.png
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: e879f79cf3432a5c0e30fe7ff7bbbccf97fb8adf675ea88a3349f22936b73a9d

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Thu, 10 Oct 2019 10:36:11 GMT
Server: QRATOR
ETag: "5d9f099b-9cc5"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 40133
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 107 KB
36 KB 43ms
22ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PW7265

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

758e3572a95920b781f50bb92dfe2b72523afc9e8fe5d7ba74a3a12a882e242e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 13:52:02 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35953
x-xss-protection: 0
last-modified: Sun, 09 Aug 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK sdk.js Show response
www.group-ib.com/javascripts/ 3 KB
3 KB 23ms
14ms Script
application/javascript 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/javascripts/sdk.js
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: b99126e73c660792da7b2a783944ddc2087719b80b87d1d6a3d6a25f117445e3

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Sat, 08 Aug 2020 22:10:01 GMT
Server: QRATOR
ETag: "5f2f22b9-c98"
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 3224
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK icons.svg
www.group-ib.com/images/ 398 KB
398 KB 31ms
18ms Other
image/svg+xml 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/images/icons.svg
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: f22ac6ff52d96462a968b1af9ae2c1a806e264f6a4acbf427cf0988e2c508e8b

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Mon, 27 Jul 2020 14:05:33 GMT
Server: QRATOR
ETag: "5f1edf2d-63790"
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 407440
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ee338bd03594461a939b661840e43fec02d7345e19e3ad12509c06ba37ad355

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 163cfcbd5a50639aa755d8eabd17f5d736f0d8d5a51989bd0540a05012427c9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 75 KB
75 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 163907259fa19c5b768aea83f82db575b01aad0fd5fbf9ac448d3db383229547

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://www.group-ib.com

Response headers

Content-Type: application/font-woff

GET
H/1.1 200
OK main-cover67.jpg
www.group-ib.com/images/covers/ 58 KB
58 KB 20ms
20ms Image
image/jpeg 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/images/covers/main-cover67.jpg
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 48dcfb6f699f2b4601e387a2c338ecd86589342e957bdc153650df90f3c175a9

Request headers

Referer: https://www.group-ib.com/stylesheets/all-2956a91e.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Thu, 10 Oct 2019 10:36:11 GMT
Server: QRATOR
ETag: "5d9f099b-e6ee"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 59118
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 412 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3dfb83a15a1a69fb2c6355797651535983e30f2ebee4666b987b217780a18f61

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 75 KB
75 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 077dad3be3a10854dc97527ce83bbf6422309d807f6e4b3492de78005d786cdc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://www.group-ib.com

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 75 KB
75 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b3ecc577e9722ca0bb5fd08ce6e5b800b114001af146f2a03865ab2859e9eb1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://www.group-ib.com

Response headers

Content-Type: application/font-woff

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 200 KB
61 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=118d9dcb5e21ba0d88956e18eb06fc69&ua=modern_es6

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/javascripts/all-40ae5f3f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

234461f6a70ebe2a1ef97306fb6e4835b08be54364b3dc3d1a04933cbbb1b036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.group-ib.com/cert.html
Origin: https://www.group-ib.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: upGdwDjaamnTHCe+uiAEbg==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 61695
etag: "8a7deda93b2c84ded46c700a5fd593f2"
x-fb-debug: K6W9VG2oGEk1tSghzZTEPrru9+MS1d/m+7ShlWQDQ/tFhMMBSK31WdlstbkDvQui1uWYFxnbqFW1yOvRaU2zNQ==
x-fb-trip-id: 664085054
x-fb-content-md5: 686617e5a3dd10436b8558c4541da821
x-frame-options: DENY
date: Sun, 09 Aug 2020 13:52:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Mon, 09 Aug 2021 02:32:04 GMT

GET
H2 200 forms2.min.js Show response
app-lon09.marketo.com/js/forms2/js/ 205 KB
68 KB 191ms
19ms Script
application/x-javascript 104.16.96.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-lon09.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/javascripts/all-40ae5f3f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.96.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f24c51a94a931f1bdd7c3dacc9ebb3848305f5eb5a3feddf0b01227f6c778c17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 13:52:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2875
status: 200
cf-request-id: 0475172dff000097907009a200000001
last-modified: Wed, 22 Jul 2020 19:04:14 GMT
server: cloudflare
etag: "2210e3-33237-5ab0c67dc4780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 5c01f48fff2d9790-FRA
expires: Sun, 09 Aug 2020 17:52:02 GMT

GET
H/1.1 206
Partial Content cert-video.mp4
www.group-ib.com/video/ 6 MB
6 MB 27ms
27ms Media
video/mp4 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/video/cert-video.mp4
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 2182c7c52d0d00a3867cd805e699903609504621a5088a51c9cdd07ad5a53197

Request headers

Referer: https://www.group-ib.com/cert.html
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Thu, 10 Oct 2019 10:36:12 GMT
Server: QRATOR
ETag: "5d9f099c-5bd9a6"
Content-Type: video/mp4
Content-Range: bytes 0-6019493/6019494
Connection: keep-alive
Keep-Alive: timeout=15
Content-Length: 6019494

GET
H/1.1 200
OK 1.jpg
www.group-ib.com/images/cert-events/ 42 KB
43 KB 55ms
54ms Image
image/jpeg 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/images/cert-events/1.jpg
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 6febacd146fa041f434b17fb6984b12d509e990c2544b72353baa069f857fc0f

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Wed, 10 Jun 2020 01:24:42 GMT
Server: QRATOR
ETag: "5ee0365a-a933"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 43315
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK 2.jpg
www.group-ib.com/images/cert-events/ 33 KB
33 KB 55ms
54ms Image
image/jpeg 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/images/cert-events/2.jpg
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 4b253f3cd47a903ffdf1fe25945aabc9d1eded4ab53aba8ffd02d4fbb3db97f5

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Wed, 10 Jun 2020 01:24:42 GMT
Server: QRATOR
ETag: "5ee0365a-841e"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 33822
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK 3.jpg
www.group-ib.com/images/cert-events/ 130 KB
130 KB 61ms
60ms Image
image/jpeg 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/images/cert-events/3.jpg
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 6279a84ba0471d2e677b3ab9ac99e24c92761349dce29ecb812bfd4b3729b7b9

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Wed, 10 Jun 2020 01:24:42 GMT
Server: QRATOR
ETag: "5ee0365a-207f5"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 133109
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f76fca582f32f2da3a5f6c1fbfd29f75a599227fc58c9a3acde24fd25550246

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 873b0f296cc53130ff0148c0c8049a5d59903ee62da607a1bd5308b678ae0d8e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98798d0e87b53006f4a5e5225a1c3f968075937b75aa0d7cca0506bda9063e55

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 756fc1c26e7451568fba7f9b0e1365c1d3f3585d911c49020ee0678564da7d06

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 72 KB
72 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea8a38dd231bd18f82c0fe04c7a14115ecd5600c62be4e7296251f4fd8385b8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://www.group-ib.com

Response headers

Content-Type: application/font-woff

GET
H/1.1 200
OK admin-ajax.php Show response
www.group-ib.com/media/wp-admin/ 26 KB
4 KB 163ms
163ms XHR
text/html 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/media/wp-admin/admin-ajax.php?action=mediaforcert

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/javascripts/jquery-96f076a3.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

3e8f3946384565a0289ca46e1908eecb94d88629dfa062ed8716a1a15c767b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.group-ib.com/cert.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: QRATOR
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: noindex
Keep-Alive: timeout=15
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 59ms
39ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 4701
date: Sun, 09 Aug 2020 12:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Sun, 09 Aug 2020 14:33:41 GMT

GET
H/1.1 200
OK watch.js Show response
www.group-ib.com/javascripts/ 140 KB
141 KB 59ms
59ms Script
application/javascript 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/javascripts/watch.js
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 455fd61edcf6d3aa8e71196d17da84c3537c9b0de3c98844ac820b9633a361fc

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Thu, 06 Aug 2020 13:53:31 GMT
Server: QRATOR
ETag: "5f2c0b5b-2313b"
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 143675
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 58ms
38ms Script
application/x-javascript 2a02:26f0:f1:29c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:29c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=66756
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34269
x-xss-protection: 0
pragma: public
x-fb-debug: ifl8UPG4BkxDltDnhH0zdN+g5w+mxgZ5sqeWhl5Idcsq6rvPN2cREDsSwmtl/iijJDjRiyH3Xhz67zwjuM0/vA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sun, 09 Aug 2020 13:52:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 57ms
40ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H/1.1 200
OK phishing-2019-preview-gib.jpg
www.group-ib.com/media/wp-content/uploads/2020/05/ 28 KB
28 KB 98ms
97ms Image
image/jpeg 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/media/wp-content/uploads/2020/05/phishing-2019-preview-gib.jpg
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 5ec481a53a632cc4b46393ed346213f80f342d8b73583a368d3052362f92fb45

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Thu, 07 May 2020 21:45:07 GMT
Server: QRATOR
ETag: "5eb48163-6fa4"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 28580
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK phishing-preview-gib.jpg
www.group-ib.com/media/wp-content/uploads/2020/04/ 35 KB
35 KB 30ms
29ms Image
image/jpeg 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/media/wp-content/uploads/2020/04/phishing-preview-gib.jpg
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 7c3f6b40679e7499a963c31409abfceac84e68d93b95577d090cd1102ffb8c3b

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Tue, 14 Apr 2020 21:40:51 GMT
Server: QRATOR
ETag: "5e962de3-8c66"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 35942
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK covid-preview-gib.jpg
www.group-ib.com/media/wp-content/uploads/2020/04/ 26 KB
27 KB 90ms
89ms Image
image/jpeg 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/media/wp-content/uploads/2020/04/covid-preview-gib.jpg
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: c63cca3a14f5fafdf2527fc8a396291b911f11144aa04a058b7977d1d5c1c1bf

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Wed, 08 Apr 2020 22:58:40 GMT
Server: QRATOR
ETag: "5e8e5720-69d8"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 27096
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK gib-oic-cert-preview.jpg
www.group-ib.com/media/wp-content/uploads/2020/02/ 38 KB
39 KB 95ms
94ms Image
image/jpeg 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/media/wp-content/uploads/2020/02/gib-oic-cert-preview.jpg
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: cf1b414e6c079f655c9a0c516ebe59ce3e2dea862e2348d7d90bdee3301f443e

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Mon, 17 Feb 2020 09:29:38 GMT
Server: QRATOR
ETag: "5e4a5d02-990f"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 39183
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK ransomeware-preview-gib.jpg
www.group-ib.com/media/wp-content/uploads/2019/11/ 41 KB
41 KB 111ms
110ms Image
image/jpeg 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/media/wp-content/uploads/2019/11/ransomeware-preview-gib.jpg
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 293d5835b6380f86a12f4a9904bef2486cd3d151658dee26e60f38733a5e4cc3

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Tue, 19 Nov 2019 01:20:26 GMT
Server: QRATOR
ETag: "5dd3435a-a45b"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 42075
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK ecf-gib-preview@2x-570x270.jpg
www.group-ib.com/media/wp-content/uploads/2019/11/ 26 KB
26 KB 18ms
18ms Image
image/jpeg 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/media/wp-content/uploads/2019/11/ecf-gib-preview@2x-570x270.jpg
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 6756b3fcf6aac3fbaf84fb3d05b76944408701384386480a797229e17c79d782

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Fri, 01 Nov 2019 18:04:06 GMT
Server: QRATOR
ETag: "5dbc7396-6687"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 26247
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK tag-gib-preview.jpg
www.group-ib.com/media/wp-content/uploads/2019/06/ 34 KB
34 KB 26ms
25ms Image
image/jpeg 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/media/wp-content/uploads/2019/06/tag-gib-preview.jpg
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 5318b49a33e592132bafb76a1d14f4d9499aba7631e9f1fd15700ac395dc9e52

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Thu, 20 Jun 2019 14:13:07 GMT
Server: QRATOR
ETag: "5d0b9473-874e"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 34638
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H/1.1 200
OK ngn-preview-gib.jpg
www.group-ib.com/media/wp-content/uploads/2019/03/ 18 KB
18 KB 18ms
18ms Image
image/jpeg 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/media/wp-content/uploads/2019/03/ngn-preview-gib.jpg
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 4d186a0594cfd0cb61b634d4ef0ab3c1af0fcede9a07a3bcf0f3189b1c309c08

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Mon, 11 Mar 2019 09:33:28 GMT
Server: QRATOR
ETag: "5c862b68-478f"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 18319
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
DATA 200
OK truncated
/ 278 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3976e744f9adf8c331739695158a685668b3136052882117b91d543df93ff9ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 470 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e047cd5037a6a28ba99c0f75f648fe2f775527f39ef08cd42ae61a91f04a1102

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK stamp.png
www.group-ib.com/images/ 9 KB
10 KB 14ms
14ms Image
image/png 178.248.235.63
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.group-ib.com/images/stamp.png
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/javascripts/all-40ae5f3f.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: b1c49b524c7c7db109ad5d5e422b272f845becd0ffcebac859a376e58d69b187

Request headers

Referer: https://www.group-ib.com/stylesheets/all-2956a91e.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Thu, 10 Oct 2019 10:36:12 GMT
Server: QRATOR
ETag: "5d9f099c-2556"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 9558
Expires: Sun, 16 Aug 2020 13:52:02 GMT

GET
H2 200 getForm Show response
app-lon09.marketo.com/index.php/form/ 4 KB
2 KB 35ms
34ms Script
application/javascript 104.16.96.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-lon09.marketo.com/index.php/form/getForm?munchkinId=689-LRE-818&form=1673&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&callback=jQuery11240881116024540509_1596981122677&_=1596981122678
Requested by: Host: app-lon09.marketo.com
URL: https://app-lon09.marketo.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.96.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20b5c84911d9d945bfd961caf8ba0ee7586af364c4909c889c42e5675f4c5169

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 13:52:02 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cf-request-id: 0475172ed900009790700a4200000001
cf-ray: 5c01f49158399790-FRA
cached: true

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 7ms
7ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Tue, 17 Nov 2020 13:52:02 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=71960&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&time=1596981122778
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D71960%26url%3Dhttps%253A%252F%252Fwww.group-ib.com%252Fcert.html%26time%3D1596981...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=71960&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&time=1596981122778&liSync=true

0
80 B

166ms
166ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=71960&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&time=1596981122778&liSync=true
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 13:52:03 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: vwmj096dKRbQg0+pRisAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: SyOwyt6dKRYQfQY+5yoAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: 58DACEB072D44C179A70FC7802102271 Ref B: FRAEDGE1216 Ref C: 2020-08-09T13:52:03Z
x-frame-options: sameorigin
date: Sun, 09 Aug 2020 13:52:02 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=71960&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&time=1596981122778&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 2069478869985463 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 80ms
80ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2069478869985463?v=2.9.23&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55ba7caabb0f56952f84a86b78f1d3b69d0c7acbc8fb5a3c2a45c4c5df642296

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: wstlTNvp+O666uZlzraADuIxNAnaxH0dLKmRC9OAC9B9nFnT8mNgaqrie0exTAU95P856+ejwlxF6NVLhY5j/A==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sun, 09 Aug 2020 13:52:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 75 KB
30 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-W6XV92M&t=gtm3&cid=1830332049.1596981123

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c3e772d949519e92ca3d9cbb84ce6b944aa951e2b0c6e56e91e784dd7403b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 13:52:02 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30091
x-xss-protection: 0
last-modified: Sun, 09 Aug 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 Aug 2020 13:52:02 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 6ms
5ms Image
image/gif 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=307521570&t=pageview&_s=1&dl=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ul=en-us&de=UTF-8&dt=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAADQ~&jid=1548893527&gjid=1278342660&cid=1830332049.1596981123&tid=UA-25492706-2&_gid=1872180068.1596981123&gtm=2wg7v1PW7265&cg1=COM%3A%20CERT&cd1=1830332049.1596981123&z=1714395872

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jul 2020 23:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1606171
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-25492706-2&cid=1830332049.1596981123&jid=1548893527&gjid=1278342660&_gid=1872180068.1596981123&_u=YGBAgAADQ~&z=939598416
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25492706-2&cid=1830332049.1596981123&jid=1548893527&_v=j83&z=939598416
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25492706-2&cid=1830332049.1596981123&jid=1548893527&_v=j83&z=939598416&slf_rd=1&random=3314794358

42 B
492 B

39ms
19ms

Image
image/gif

2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25492706-2&cid=1830332049.1596981123&jid=1548893527&_v=j83&z=939598416&slf_rd=1&random=3314794358

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 13:52:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Aug 2020 13:52:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25492706-2&cid=1830332049.1596981123&jid=1548893527&_v=j83&z=939598416&slf_rd=1&random=3314794358
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

1 Show response
mc.yandex.ru/watch/25634039/
Redirect Chain

https://mc.yandex.ru/watch/25634039?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1596981122056%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3...
https://mc.yandex.ru/watch/25634039/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1596981122056%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr...

152 B
704 B

51ms
51ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/25634039/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1596981122056%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200809155202%3Aet%3A1596981123%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1186107959019%3Arqn%3A1%3Arn%3A639173844%3Ahid%3A69181436%3Ads%3A16%2C17%2C30%2C1%2C0%2C0%2C0%2C279%2C1%2C%2C%2C%2C346%3Afp%3A309%3Awn%3A37068%3Ahl%3A2%3Agdpr%3A14%3Av%3A1914%3Arqnl%3A1%3Ast%3A1596981123%3Au%3A1596981123986705379%3At%3AResponse%20to%20information%20security%20incidents%20-%20CERT-GIB

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

7513afc9104f393ff684a7aec5a9e95354b2195424998bdc9840c670dd8985db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 13:52:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 09-Aug-2020 13:52:03 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.group-ib.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 152
X-XSS-Protection: 1; mode=block
Expires: Sun, 09-Aug-2020 13:52:03 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 13:52:02 GMT
Last-Modified: Sun, 09-Aug-2020 13:52:02 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://www.group-ib.com
Strict-Transport-Security: max-age=31536000
Location: /watch/25634039/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1596981122056%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200809155202%3Aet%3A1596981123%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1186107959019%3Arqn%3A1%3Arn%3A639173844%3Ahid%3A69181436%3Ads%3A16%2C17%2C30%2C1%2C0%2C0%2C0%2C279%2C1%2C%2C%2C%2C346%3Afp%3A309%3Awn%3A37068%3Ahl%3A2%3Agdpr%3A14%3Av%3A1914%3Arqnl%3A1%3Ast%3A1596981123%3Au%3A1596981123986705379%3At%3AResponse%20to%20information%20security%20incidents%20-%20CERT-GIB
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sun, 09-Aug-2020 13:52:02 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
425 B 165ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 13:52:03 GMT
Last-Modified: Mon, 06 Jul 2020 15:32:05 GMT
Server: nginx/1.14.2
ETag: "5f0343f5-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 09 Aug 2020 14:52:03 GMT

GET
H/1.1 200
OK visitWebPage Show response
689-lre-818.mktoresp.com/webevents/ 2 B
470 B 220ms
33ms XHR
text/plain 134.213.193.62
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://689-lre-818.mktoresp.com/webevents/visitWebPage?_mchNc=1596981122898&_mchCn=&_mchId=689-LRE-818&_mchTk=_mch-group-ib.com-1596981122898-11579&_mchHo=www.group-ib.com&_mchPo=&_mchRu=%2Fcert.html&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.193.62 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 09 Aug 2020 13:52:03 GMT
Content-Encoding: gzip
Server: akka-http/10.1.11
Transfer-Encoding: chunked
X-Request-Id: 874cf9c0-a8bc-43d6-adb2-f3bd320755ff
Content-Type: text/plain; charset=UTF-8

GET
H2 200 forms2.css
app-lon09.marketo.com/js/forms2/css/ 13 KB
3 KB 18ms
18ms Stylesheet
text/css 104.16.96.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-lon09.marketo.com/js/forms2/css/forms2.css

Requested by

Host: app-lon09.marketo.com
URL: https://app-lon09.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.96.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 13:52:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1150
status: 200
vary: Accept-Encoding
content-length: 2623
cf-request-id: 0475172f5700009790700b0200000001
last-modified: Wed, 22 Jul 2020 19:04:14 GMT
server: cloudflare
etag: "5c11d4-3437-5ab0c67dc4780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5c01f49228c39790-FRA
expires: Sun, 09 Aug 2020 17:52:02 GMT

GET
H2 200 forms2-theme-simple.css
app-lon09.marketo.com/js/forms2/css/ 826 B
383 B 17ms
17ms Stylesheet
text/css 104.16.96.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-lon09.marketo.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: app-lon09.marketo.com
URL: https://app-lon09.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.96.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 13:52:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3418
status: 200
vary: Accept-Encoding
content-length: 242
cf-request-id: 0475172f5700009790700b1200000001
last-modified: Wed, 22 Jul 2020 19:04:14 GMT
server: cloudflare
etag: "5c11d8-33a-5ab0c67dc4780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5c01f49228c49790-FRA
expires: Sun, 09 Aug 2020 17:52:02 GMT

GET
H2 200 545899479446758 Show response
connect.facebook.net/signals/config/ 524 KB
133 KB 64ms
63ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/545899479446758?v=2.9.23&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c365ace5df2add2fbd4f496fb03486e5d2efb4edb1fe02b60d05829f28599e8f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: sYi6brVPFN2Lvz2HKF+56/a0OEBCoQm8JhboXsi4K6md2edcuQvE2ZtW6p3Zlm3Ae1P5CvrcOVUUv7wEoFgT6Q==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sun, 09 Aug 2020 13:52:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
378 B 20ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2069478869985463&ev=PageView&dl=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&rl=&if=false&ts=1596981122972&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1596981122971.1450938526&it=1596981122786&coo=false&rqm=GET

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 13:52:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 09 Aug 2020 13:52:02 GMT

GET
H2 200 XDFrame
app-lon09.marketo.com/index.php/form/ Frame 99A5 0
0 253ms
252ms Document
text/html 104.16.96.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-lon09.marketo.com/index.php/form/XDFrame

Requested by

Host: app-lon09.marketo.com
URL: https://app-lon09.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.96.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: app-lon09.marketo.com
:scheme: https
:path: /index.php/form/XDFrame
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.group-ib.com/cert.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cf_bm=d69d421c740d29d0d813fa3ce517557a7f21306e-1596981122-1800-ARF+p92gfUC9uC+Z0jFq0oOZlRzUWggYMjghPSkkWA8rTSsscL7u3S5Idy15Tn68WInQ2XaU8n8BG9Bio26eMnI=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.group-ib.com/cert.html

Response headers

status: 200
date: Sun, 09 Aug 2020 13:52:03 GMT
content-type: text/html; charset=utf-8
content-length: 653
set-cookie: __cfduid=df9c9b5856fc87aba1b4289b5de8ac9e81596981123; expires=Tue, 08-Sep-20 13:52:03 GMT; path=/; domain=.app-lon09.marketo.com; HttpOnly; SameSite=Lax RSMKTO1=3204520876.47617.0000; path=/; Httponly; Secure
cache-control: max-age=3600
strict-transport-security: max-age=63113904
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-request-id: 0475172fe200009790700b7200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c01f49309639790-FRA

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=545899479446758&ev=PageView&dl=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&rl=&if=false&ts=1596981123075&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1596981122971.1450938526&it=1596981122786&coo=false&rqm=GET

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 13:52:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 09 Aug 2020 13:52:03 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
84 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary0X6SK8Q8RCyWZiyZ

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 09 Aug 2020 13:52:03 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.group-ib.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.group-ib.com/cert.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryKnR2EG5IOjrim5fc

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 09 Aug 2020 13:52:03 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.group-ib.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app-lon09.marketo.com/	1969-12-31 23:59:59	Name: RSMKTO1 Value: 3204520876.47617.0000
.group-ib.com/	1970-01-19 11:36:22	Name: _ym_visorc_25634039 Value: w
.group-ib.com/	1970-01-19 20:21:57	Name: _ym_d Value: 1596981123
.group-ib.com/	1970-01-19 13:45:57	Name: _fbp Value: fb.1.1596981122971.1450938526
.group-ib.com/	1970-01-19 11:37:47	Name: _gid Value: GA1.2.1872180068.1596981123
.group-ib.com/	1970-01-20 05:07:33	Name: _ga Value: GA1.2.1830332049.1596981123
.group-ib.com/	1970-01-19 11:37:33	Name: _ym_isad Value: 2
.group-ib.com/	1970-01-19 15:55:33	Name: bpmTrackingId Value: 024eaa45-8d12-5f52-ca86-74ef13134c23
.app-lon09.marketo.com/	1970-01-19 11:36:22	Name: __cf_bm Value: d69d421c740d29d0d813fa3ce517557a7f21306e-1596981122-1800-ARF+p92gfUC9uC+Z0jFq0oOZlRzUWggYMjghPSkkWA8rTSsscL7u3S5Idy15Tn68WInQ2XaU8n8BG9Bio26eMnI=
.group-ib.com/	1970-01-20 05:07:33	Name: _mkto_trk Value: id:689-LRE-818&token:_mch-group-ib.com-1596981122898-11579
.group-ib.com/	1970-01-19 11:36:21	Name: _dc_gtm_UA-25492706-2 Value: 1
.group-ib.com/	1970-01-19 15:55:33	Name: bpmHref Value: https://www.group-ib.com/cert.html
.group-ib.com/	1970-01-19 20:21:57	Name: _ym_uid Value: 1596981123986705379
.group-ib.com/	1970-01-19 15:55:33	Name: bpmRef Value:

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.group-ib.com/javascripts/all-40ae5f3f.js(Line 26) Message: The Facebook JSSDK is more than 7 days old.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

689-lre-818.mktoresp.com
app-lon09.marketo.com
connect.facebook.net
mc.yandex.ru
munchkin.marketo.net
px.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.group-ib.com
www.linkedin.com
104.109.95.62
104.16.96.80
134.213.193.62
178.248.235.63
2620:1ec:21::14
2a00:1450:4001:800::2004
2a00:1450:4001:814::200e
2a00:1450:4001:815::2008
2a00:1450:4001:81a::2003
2a00:1450:400c:c00::9a
2a02:26f0:f1:29c::25ea
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
02e9cb82b0cd0d1cfa453faf3a0288414854a6187be0b71f34590baf9184d100
0430dd3b974561238dac03eb963a67da014965080c3d2de38d5b7aa318f3053e
077dad3be3a10854dc97527ce83bbf6422309d807f6e4b3492de78005d786cdc
0ea8a38dd231bd18f82c0fe04c7a14115ecd5600c62be4e7296251f4fd8385b8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
163907259fa19c5b768aea83f82db575b01aad0fd5fbf9ac448d3db383229547
163cfcbd5a50639aa755d8eabd17f5d736f0d8d5a51989bd0540a05012427c9d
206d8cf5d1a0149c666651755b0f7b0b62a50882d61a5d18eaddc7317bb92a53
20b5c84911d9d945bfd961caf8ba0ee7586af364c4909c889c42e5675f4c5169
2182c7c52d0d00a3867cd805e699903609504621a5088a51c9cdd07ad5a53197
234461f6a70ebe2a1ef97306fb6e4835b08be54364b3dc3d1a04933cbbb1b036
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
293d5835b6380f86a12f4a9904bef2486cd3d151658dee26e60f38733a5e4cc3
2b14a6df800a025b78c823e56fdc5ff8a93cf30dc7d1a27928ff96e75d7a33f9
3976e744f9adf8c331739695158a685668b3136052882117b91d543df93ff9ed
3dd4b088ab105f30c06ccea664b41ad4d8308bca0d79497bfd795113e7d616c6
3dfb83a15a1a69fb2c6355797651535983e30f2ebee4666b987b217780a18f61
3e8f3946384565a0289ca46e1908eecb94d88629dfa062ed8716a1a15c767b6c
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
455fd61edcf6d3aa8e71196d17da84c3537c9b0de3c98844ac820b9633a361fc
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
48dcfb6f699f2b4601e387a2c338ecd86589342e957bdc153650df90f3c175a9
4b253f3cd47a903ffdf1fe25945aabc9d1eded4ab53aba8ffd02d4fbb3db97f5
4d186a0594cfd0cb61b634d4ef0ab3c1af0fcede9a07a3bcf0f3189b1c309c08
4e83bbbf7fd8158894a47483dee9b3ec396710121cc5cedd9469759377b07c46
5318b49a33e592132bafb76a1d14f4d9499aba7631e9f1fd15700ac395dc9e52
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55ba7caabb0f56952f84a86b78f1d3b69d0c7acbc8fb5a3c2a45c4c5df642296
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5ec481a53a632cc4b46393ed346213f80f342d8b73583a368d3052362f92fb45
6279a84ba0471d2e677b3ab9ac99e24c92761349dce29ecb812bfd4b3729b7b9
6756b3fcf6aac3fbaf84fb3d05b76944408701384386480a797229e17c79d782
6febacd146fa041f434b17fb6984b12d509e990c2544b72353baa069f857fc0f
7513afc9104f393ff684a7aec5a9e95354b2195424998bdc9840c670dd8985db
756fc1c26e7451568fba7f9b0e1365c1d3f3585d911c49020ee0678564da7d06
758e3572a95920b781f50bb92dfe2b72523afc9e8fe5d7ba74a3a12a882e242e
7b12bc0e3c26c7489b7b00b5eac170133e840e004baac496b88c23db28353ad4
7c3f6b40679e7499a963c31409abfceac84e68d93b95577d090cd1102ffb8c3b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
873b0f296cc53130ff0148c0c8049a5d59903ee62da607a1bd5308b678ae0d8e
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
8b3ecc577e9722ca0bb5fd08ce6e5b800b114001af146f2a03865ab2859e9eb1
8c3e772d949519e92ca3d9cbb84ce6b944aa951e2b0c6e56e91e784dd7403b12
98798d0e87b53006f4a5e5225a1c3f968075937b75aa0d7cca0506bda9063e55
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9ee338bd03594461a939b661840e43fec02d7345e19e3ad12509c06ba37ad355
9f76fca582f32f2da3a5f6c1fbfd29f75a599227fc58c9a3acde24fd25550246
b1c49b524c7c7db109ad5d5e422b272f845becd0ffcebac859a376e58d69b187
b99126e73c660792da7b2a783944ddc2087719b80b87d1d6a3d6a25f117445e3
bebca6a7c73057ea498a5e1b334e217688583f44a85e019499bfeed2db344886
c365ace5df2add2fbd4f496fb03486e5d2efb4edb1fe02b60d05829f28599e8f
c63cca3a14f5fafdf2527fc8a396291b911f11144aa04a058b7977d1d5c1c1bf
cba8dab9146aa4c7695c71ec3c6dd57b5e7c3c26cf53709866aa9ca7da1de491
cf1b414e6c079f655c9a0c516ebe59ce3e2dea862e2348d7d90bdee3301f443e
e047cd5037a6a28ba99c0f75f648fe2f775527f39ef08cd42ae61a91f04a1102
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e879f79cf3432a5c0e30fe7ff7bbbccf97fb8adf675ea88a3349f22936b73a9d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22ac6ff52d96462a968b1af9ae2c1a806e264f6a4acbf427cf0988e2c508e8b
f24c51a94a931f1bdd7c3dacc9ebb3848305f5eb5a3feddf0b01227f6c778c17
f5c7b1f81209556737cd5863284836c85bd6ca2071f9b5035a4f6cc31e40b262
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fe9a7ca1e475140e6b37fbc86a5efcd3251be4348137aa07231bd91ee8678b7c

www.group-ib.com Open in urlscan Pro 178.248.235.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

73 %IPv6

14 Domains

15 Subdomains

13 IPs

8 Countries

9658 kBTransfer

11026 kBSize

14 Cookies

21 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.group-ib.com Open in urlscan Pro
178.248.235.63 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

73 %
IPv6

14
Domains

15
Subdomains

13
IPs

8
Countries

9658 kB
Transfer

11026 kB
Size

14
Cookies

55 HTTP transactions
15 data transactions