URL: https://www.group-ib.com/cert.html
Submission: On July 15 via manual from NL

Summary

This website contacted 12 IPs in 7 countries across 13 domains to perform 37 HTTP transactions. The main IP is 178.248.235.63, located in Russian Federation and belongs to QRATOR, RU. The main domain is www.group-ib.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 30th 2019. Valid for: a year.
This is the only time www.group-ib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 178.248.235.63 197068 (QRATOR)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 2a03:2880:f01... 32934 (FACEBOOK)
2 104.111.251.133 16625 (AKAMAI-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 134.213.193.62 15395 (RACKSPACE...)
1 4 2a02:6b8::1:119 13238 (YANDEX)
2 3 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2a05:f500:10:... 14413 (LINKEDIN)
37 12
Domain Requested by
18 www.group-ib.com www.group-ib.com
4 mc.yandex.ru 1 redirects
4 connect.facebook.net www.group-ib.com
connect.facebook.net
3 px.ads.linkedin.com 2 redirects
2 www.facebook.com www.group-ib.com
connect.facebook.net
2 munchkin.marketo.net www.group-ib.com
munchkin.marketo.net
2 www.google-analytics.com www.googletagmanager.com
www.group-ib.com
1 www.linkedin.com 1 redirects
1 689-lre-818.mktoresp.com munchkin.marketo.net
1 staticxx.facebook.com connect.facebook.net
1 www.google.de www.group-ib.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 snap.licdn.com www.group-ib.com
1 www.googletagmanager.com www.group-ib.com
37 15

This site contains links to these domains. Also see Links.

Domain
www.group-ib.ru
www.linkedin.com
twitter.com
www.youtube.com
Subject Issuer Validity Valid
group-ib.com
Sectigo RSA Domain Validation Secure Server CA
2019-05-30 -
2020-06-17
a year crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-06-18 -
2019-09-10
3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-06-06 -
2019-09-04
3 months crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA
2018-12-24 -
2020-03-24
a year crt.sh
www.google.de
Google Internet Authority G3
2019-06-18 -
2019-09-10
3 months crt.sh
*.mktoresp.com
GeoTrust RSA CA 2018
2018-02-05 -
2020-02-05
2 years crt.sh
bs.yandex.ru
Yandex CA
2018-10-03 -
2019-10-03
a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2019-05-29 -
2021-06-29
2 years crt.sh

This page contains 3 frames:

Primary Page: https://www.group-ib.com/cert.html
Frame ID: 1C53FD0AF4A5747DF7CF79A77DA8EF7E
Requests: 43 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9F51EDD15FD7A64FD751AC3E025E3FB9
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: EAC9F7FCDBA872D478A831E1368A6A08
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /munchkin\.marketo\.net\/munchkin\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

37
Requests

100 %
HTTPS

79 %
IPv6

13
Domains

15
Subdomains

12
IPs

7
Countries

6193 kB
Transfer

7803 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j77&tid=UA-25492706-2&cid=1130834783.1563195219&jid=1544033797&gjid=1762669756&_gid=991365616.1563195219&_u=YGBAgAAB~&z=410812507 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25492706-2&cid=1130834783.1563195219&jid=1544033797&_v=j77&z=410812507 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25492706-2&cid=1130834783.1563195219&jid=1544033797&_v=j77&z=410812507&slf_rd=1&random=1953338007
Request Chain 40
  • https://mc.yandex.ru/watch/25634039?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1563195215154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190715145347%3Aet%3A1563195228%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A468714258%3Ahid%3A598177598%3Ads%3A0%2C3160%2C169%2C3%2C0%2C0%2C0%2C524%2C0%2C%2C%2C%2C4111%3Afp%3A4190%3Awn%3A14988%3Ahl%3A2%3Agdpr%3A14%3Av%3A1609%3Ast%3A1563195228%3Au%3A1563195228571444734%3At%3AResponse%20to%20information%20security%20incidents%20-%20CERT-GIB HTTP 302
  • https://mc.yandex.ru/watch/25634039/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1563195215154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190715145347%3Aet%3A1563195228%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A468714258%3Ahid%3A598177598%3Ads%3A0%2C3160%2C169%2C3%2C0%2C0%2C0%2C524%2C0%2C%2C%2C%2C4111%3Afp%3A4190%3Awn%3A14988%3Ahl%3A2%3Agdpr%3A14%3Av%3A1609%3Ast%3A1563195228%3Au%3A1563195228571444734%3At%3AResponse%20to%20information%20security%20incidents%20-%20CERT-GIB
Request Chain 41
  • https://px.ads.linkedin.com/collect/?time=1563195227682&pid=71960&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&fmt=js&s=1 HTTP 302
  • https://px.ads.linkedin.com/collect/?time=1563195227682&pid=71960&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&fmt=js&s=1&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1563195227682%26pid%3D71960%26url%3Dhttps%253A%252F%252Fwww.group-ib.com%252Fcert.html%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect/?time=1563195227682&pid=71960&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&fmt=js&s=1&cookiesTest=true&liSync=true

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request cert.html
www.group-ib.com/
33 KB
10 KB
Document
General
Full URL
https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR / PHP/7.0.22
Resource Hash
152219868cef4635b4972013cd154c5d5568fa47ff662a1a527620401b60e152

Request headers

Host
www.group-ib.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
QRATOR
Date
Mon, 15 Jul 2019 12:53:38 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
X-Powered-By
PHP/7.0.22
Content-Encoding
gzip
types-new-8bded7c8.css
www.group-ib.com/stylesheets/
396 KB
305 KB
Stylesheet
General
Full URL
https://www.group-ib.com/stylesheets/types-new-8bded7c8.css
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
4e83bbbf7fd8158894a47483dee9b3ec396710121cc5cedd9469759377b07c46

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jul 2019 07:06:08 GMT
Server
QRATOR
ETag
W/"5d26dfe0-62e38"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Mon, 22 Jul 2019 12:53:38 GMT
all-e40871cd.css
www.group-ib.com/stylesheets/
791 KB
132 KB
Stylesheet
General
Full URL
https://www.group-ib.com/stylesheets/all-e40871cd.css
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
3d182ee0f07ddfce11becaa93eaf8f34c919d8d1d04a066ee3e8096cc40b025f

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jul 2019 07:06:07 GMT
Server
QRATOR
ETag
W/"5d26dfdf-c5a89"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Mon, 22 Jul 2019 12:53:39 GMT
jquery-96f076a3.js
www.group-ib.com/javascripts/
85 KB
35 KB
Script
General
Full URL
https://www.group-ib.com/javascripts/jquery-96f076a3.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
fe9a7ca1e475140e6b37fbc86a5efcd3251be4348137aa07231bd91ee8678b7c

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jul 2019 07:06:06 GMT
Server
QRATOR
ETag
W/"5d26dfde-1550b"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Mon, 22 Jul 2019 12:53:39 GMT
all-2e81f0da.js
www.group-ib.com/javascripts/
56 KB
19 KB
Script
General
Full URL
https://www.group-ib.com/javascripts/all-2e81f0da.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
639e4227700e66031f86c3b756c5bfd5389bd9dc8d679c0f5368c51b0d047cae

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jul 2019 07:06:05 GMT
Server
QRATOR
ETag
W/"5d26dfdd-df8c"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Mon, 22 Jul 2019 12:53:39 GMT
first@2x.png
www.group-ib.com/images/cert-partners/
5 KB
5 KB
Image
General
Full URL
https://www.group-ib.com/images/cert-partners/first@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
dd2344a168bef37c706400f1a5656fc16f231ad7e43744132c8b08e8474a33ca

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:39 GMT
Last-Modified
Tue, 23 May 2017 12:45:11 GMT
Server
QRATOR
ETag
"59242ed7-1356"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
4950
Expires
Mon, 22 Jul 2019 12:53:39 GMT
ti@2x.png
www.group-ib.com/images/cert-partners/
5 KB
5 KB
Image
General
Full URL
https://www.group-ib.com/images/cert-partners/ti@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
09273e08ac3dfff9b50d542399a39e01549d1eb79202aba74cbdc4bca5849372

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:39 GMT
Last-Modified
Tue, 23 May 2017 12:45:08 GMT
Server
QRATOR
ETag
"59242ed4-12ad"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
4781
Expires
Mon, 22 Jul 2019 12:53:39 GMT
impact@2x.png
www.group-ib.com/images/cert-partners/
3 KB
3 KB
Image
General
Full URL
https://www.group-ib.com/images/cert-partners/impact@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
d8f54e5dd44ac9f01e822ec4c2586b26ded075692f88bc3510e5e96264b17a62

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:39 GMT
Last-Modified
Thu, 22 Jun 2017 02:42:01 GMT
Server
QRATOR
ETag
"594b2e79-a94"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
2708
Expires
Mon, 22 Jul 2019 12:53:39 GMT
cert@2x.png
www.group-ib.com/images/cert-partners/
16 KB
17 KB
Image
General
Full URL
https://www.group-ib.com/images/cert-partners/cert@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
98536ae3b508805f0c4d00d2b8238b937a9bf3e3cd86e2cb2f67cb4360e1987e

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:39 GMT
Last-Modified
Tue, 23 May 2017 12:45:10 GMT
Server
QRATOR
ETag
"59242ed6-4108"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
16648
Expires
Mon, 22 Jul 2019 12:53:39 GMT
azb-w@2x.png
www.group-ib.com/images/cert-partners/
18 KB
19 KB
Image
General
Full URL
https://www.group-ib.com/images/cert-partners/azb-w@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
206d8cf5d1a0149c666651755b0f7b0b62a50882d61a5d18eaddc7317bb92a53

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:39 GMT
Last-Modified
Sun, 20 Jan 2019 21:54:16 GMT
Server
QRATOR
ETag
"5c44ee08-48ec"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
18668
Expires
Mon, 22 Jul 2019 12:53:39 GMT
onc@2x.png
www.group-ib.com/images/cert-partners/
39 KB
40 KB
Image
General
Full URL
https://www.group-ib.com/images/cert-partners/onc@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
e879f79cf3432a5c0e30fe7ff7bbbccf97fb8adf675ea88a3349f22936b73a9d

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:39 GMT
Last-Modified
Sat, 05 Jan 2019 22:24:53 GMT
Server
QRATOR
ETag
"5c312eb5-9cc5"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
40133
Expires
Mon, 22 Jul 2019 12:53:39 GMT
gtm.js
www.googletagmanager.com/
85 KB
27 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
001573bc52d5156b85d784f94bd06e0754de86452ea9858c78ce43de30ea5998
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 12:53:39 GMT
content-encoding
br
last-modified
Mon, 15 Jul 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
26968
x-xss-protection
0
expires
Mon, 15 Jul 2019 12:53:39 GMT
sdk.js
www.group-ib.com/javascripts/
3 KB
2 KB
Script
General
Full URL
https://www.group-ib.com/javascripts/sdk.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
55c5a17535255eb3e25bd024a07ef44f54dbb56f3a2783ee6cfa6e86afe1363b

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:40 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Jul 2019 22:10:01 GMT
Server
QRATOR
ETag
W/"5d2ba839-c98"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Mon, 22 Jul 2019 12:53:40 GMT
icons.svg
www.group-ib.com/images/
343 KB
113 KB
Other
General
Full URL
https://www.group-ib.com/images/icons.svg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
b72e11af33a0a0218cb9f5f99a967727ec4a6f25cdcfebaa8fe9d0fe0115e72c

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jun 2019 08:32:03 GMT
Server
QRATOR
ETag
W/"5d075003-55a2a"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Mon, 22 Jul 2019 12:53:40 GMT
truncated
/
121 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ee338bd03594461a939b661840e43fec02d7345e19e3ad12509c06ba37ad355

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9359fb2ede98f399018bc11fdd644e8ae4909fd7e836b61e88f1998a42fd6ee

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
75 KB
75 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
163907259fa19c5b768aea83f82db575b01aad0fd5fbf9ac448d3db383229547

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.group-ib.com

Response headers

Content-Type
application/font-woff
main-cover67@2x.jpg
www.group-ib.com/images/covers/
93 KB
94 KB
Image
General
Full URL
https://www.group-ib.com/images/covers/main-cover67@2x.jpg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
a3424bb952a5417354cb6fcae176b363a43900d9a3596c3c2e7a0228febbea67

Request headers

Referer
https://www.group-ib.com/stylesheets/all-e40871cd.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:39 GMT
Last-Modified
Sat, 05 Jan 2019 22:23:45 GMT
Server
QRATOR
ETag
"5c312e71-175fb"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
95739
Expires
Mon, 22 Jul 2019 12:53:39 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
cert-hit@2x.jpg
www.group-ib.com/images/covers/
352 KB
352 KB
Image
General
Full URL
https://www.group-ib.com/images/covers/cert-hit@2x.jpg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
931d989e86a959fa8537a45b9833ea9c97eb12097dfd40731a458a0348ee7990

Request headers

Referer
https://www.group-ib.com/stylesheets/all-e40871cd.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:40 GMT
Last-Modified
Sat, 05 Jan 2019 22:23:45 GMT
Server
QRATOR
ETag
"5c312e71-57f26"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
360230
Expires
Mon, 22 Jul 2019 12:53:40 GMT
main-cover47.jpg
www.group-ib.com/images/covers/
79 KB
79 KB
Image
General
Full URL
https://www.group-ib.com/images/covers/main-cover47.jpg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
404a6340a98cb50c415b3fd2e66074fe487a4f1b87c424320c7c48281230c5d7

Request headers

Referer
https://www.group-ib.com/stylesheets/all-e40871cd.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:40 GMT
Last-Modified
Fri, 02 Mar 2018 14:03:06 GMT
Server
QRATOR
ETag
"5a99599a-13aa5"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
80549
Expires
Mon, 22 Jul 2019 12:53:40 GMT
truncated
/
75 KB
75 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
077dad3be3a10854dc97527ce83bbf6422309d807f6e4b3492de78005d786cdc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.group-ib.com

Response headers

Content-Type
application/font-woff
truncated
/
72 KB
72 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea8a38dd231bd18f82c0fe04c7a14115ecd5600c62be4e7296251f4fd8385b8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.group-ib.com

Response headers

Content-Type
application/font-woff
truncated
/
75 KB
75 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b3ecc577e9722ca0bb5fd08ce6e5b800b114001af146f2a03865ab2859e9eb1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.group-ib.com

Response headers

Content-Type
application/font-woff
cert-video.mp4
www.group-ib.com/video/
4 MB
4 MB
Media
General
Full URL
https://www.group-ib.com/video/cert-video.mp4
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
b4b270e405f3680387545b2613ed4efb0e20a2924e1848be905e424324fd6fc3

Request headers

Referer
https://www.group-ib.com/cert.html
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 15 Jul 2019 12:53:40 GMT
Last-Modified
Tue, 22 Jan 2019 19:04:29 GMT
Server
QRATOR
ETag
"5c47693d-450c68"
Content-Type
video/mp4
Content-Range
bytes 0-4525159/4525160
Connection
keep-alive
Keep-Alive
timeout=15
Content-Length
4525160
analytics.js
www.google-analytics.com/
43 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
391
date
Mon, 15 Jul 2019 12:47:08 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17707
expires
Mon, 15 Jul 2019 14:47:08 GMT
watch.js
www.group-ib.com/javascripts/
132 KB
52 KB
Script
General
Full URL
https://www.group-ib.com/javascripts/watch.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
8701b62242d142522860f439f260d43b078c37a0b1c0030354a23eafdb944737

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jul 2019 15:41:59 GMT
Server
QRATOR
ETag
W/"5d2758c7-2113f"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Mon, 22 Jul 2019 12:53:47 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
15 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 23:03:30 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=74450
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4571
fbevents.js
connect.facebook.net/en_US/
53 KB
17 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
16120
x-xss-protection
0
pragma
public
x-fb-debug
vpY7ZhRnetQJ0PL/TACocRWvUNHPG/41S9moSPdhkpc0ALCwgUKvSIMTonUK4EfKC28gmJ07Asa98VOGeUODdQ==
x-fb-trip-id
997090344
date
Mon, 15 Jul 2019 12:53:39 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
munchkin.js
munchkin.marketo.net/
1 KB
1 KB
Script
General
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.133 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-251-133.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Apr 2019 02:53:44 GMT
Server
Apache
ETag
"54520320df20b526337717d6d28181fc:1554432824"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
752
collect
www.google-analytics.com/
35 B
197 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j77&a=1803282981&t=pageview&_s=1&dl=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ul=en-us&de=UTF-8&dt=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgAAB~&jid=1544033797&gjid=1762669756&cid=1130834783.1563195219&tid=UA-25492706-2&_gid=991365616.1563195219&gtm=2wg6q1PW7265&cg1=COM%3A%20CERT&cd1=1130834783.1563195219&z=1119503701
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jun 2019 03:00:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2714013
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j77&tid=UA-25492706-2&cid=1130834783.1563195219&jid=1544033797&gjid=1762669756&_gid=991365616.1563195219&_u=YGBAgAAB~&z=410812507
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25492706-2&cid=1130834783.1563195219&jid=1544033797&_v=j77&z=410812507
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25492706-2&cid=1130834783.1563195219&jid=1544033797&_v=j77&z=410812507&slf_rd=1&random=1953338007
42 B
374 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25492706-2&cid=1130834783.1563195219&jid=1544033797&_v=j77&z=410812507&slf_rd=1&random=1953338007
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jul 2019 12:53:39 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jul 2019 12:53:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25492706-2&cid=1130834783.1563195219&jid=1544033797&_v=j77&z=410812507&slf_rd=1&random=1953338007
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2069478869985463
connect.facebook.net/signals/config/
228 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2069478869985463?v=2.8.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
9efa2c392ae079ad57599b3ba03aecdb8e975ffe3e3b3c9f666cad209f1a3b1a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
gVoMkPKJDjkxTcz88J/PmEXERd/zt3d26p2yfE9QSvIauMWfaTqGwapiOXEDKoYdeZOGdshBOtOqu9G4pmLqkw==
x-fb-trip-id
997090344
date
Mon, 15 Jul 2019 12:53:39 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/
1 KB
896 B
Script
General
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
qJQz6j0unuHTAmf2cnJOw2KYGz1UgZhtbBhbDmTexN1xcsPiRsJsiStjr4mFh4SlxEN4MPAGra/b8bIJubkVUA==
x-fb-trip-id
997090344
date
Mon, 15 Jul 2019 12:53:39 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
324 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2069478869985463&ev=PageView&dl=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&rl=&if=false&ts=1563195219523&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1563195219522.1697681785&it=1563195219451&coo=false&rqm=GET
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 12:53:39 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 15 Jul 2019 12:53:39 GMT
/
www.facebook.com/tr/ Frame 9F51
0
0
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
1920
pragma
no-cache
cache-control
no-cache
origin
https://www.group-ib.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.group-ib.com/cert.html
accept-encoding
gzip, deflate, br
cookie
fr=0TR2FCdkCGmdkZkAg..BdLHdT...1.0.BdLHdT.
Origin
https://www.group-ib.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.group-ib.com/cert.html

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Mon, 15 Jul 2019 12:53:40 GMT
sdk.js
connect.facebook.net/ru_RU/
198 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=b6b8b8abc1ec14e975de72bea5a3e25d&ua=modern_es6
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/javascripts/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2c586667f2d7b7b6800bf99c6e6d07ad7e4c2065ad3d535d506a2e1ee4aa5c70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.group-ib.com/cert.html
Origin
https://www.group-ib.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
H88aNmsq1gLZnQ8kcshO2Q==
status
200
date
Mon, 15 Jul 2019 12:53:40 GMT
vary
Accept-Encoding
content-length
60279
x-fb-debug
PXMTPbJVefIfYsHsYpPo8hmR9PLy15hCwUHW4maFdBGvs+dzT/bAv1iundI5H4KonTXnPVgXgKOoQSLowVoiEQ==
x-fb-trip-id
997090344
x-fb-content-md5
c8b8d87d920eb91eadadca8bae7b72d2
etag
"7237a6bc77e750266771d2ac6a67c209"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Tue, 14 Jul 2020 05:42:50 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame EAC9
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=b6b8b8abc1ec14e975de72bea5a3e25d&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.group-ib.com/cert.html
accept-encoding
gzip, deflate, br
cookie
fr=0TR2FCdkCGmdkZkAg..BdLHdT...1.0.BdLHdT.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.group-ib.com/cert.html

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sat, 11 Jul 2020 21:11:12 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
ZciBi2uJ24se62KiIeJsJk+ODVgVcxnV2itiywli5nlctOYcWFJ4YjG5kjcULP4CF/rXvetHDaBoudNXLTM70g==
content-length
11470
x-fb-trip-id
997090344
date
Mon, 15 Jul 2019 12:53:40 GMT
munchkin.js
munchkin.marketo.net/155/
9 KB
4 KB
Script
General
Full URL
https://munchkin.marketo.net/155/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.251.133 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-251-133.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Nov 2018 03:18:20 GMT
Server
Apache
ETag
"c67dad42946949112916578f78706df8:1543547900"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
3923
Expires
Wed, 23 Oct 2019 12:53:42 GMT
visitWebPage
689-lre-818.mktoresp.com/webevents/
2 B
438 B
XHR
General
Full URL
https://689-lre-818.mktoresp.com/webevents/visitWebPage?_mchNc=1563195222831&_mchCn=&_mchId=689-LRE-818&_mchTk=_mch-group-ib.com-1563195222829-94740&_mchHo=www.group-ib.com&_mchPo=&_mchRu=%2Fcert.html&_mchPc=https%3A&_mchVr=155&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/155/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.213.193.62 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
spray-can/1.3.3 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.group-ib.com/cert.html
Origin
https://www.group-ib.com

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 15 Jul 2019 12:53:43 GMT
Content-Encoding
gzip
Server
spray-can/1.3.3
Content-Length
22
X-Request-Id
ea3b2dc4-333a-4c61-8fa9-e93a8e7b2b0d
Content-Type
text/plain; charset=UTF-8
1
mc.yandex.ru/watch/25634039/
Redirect Chain
  • https://mc.yandex.ru/watch/25634039?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1563195215154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3...
  • https://mc.yandex.ru/watch/25634039/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1563195215154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr...
0
-1 B
XHR
General
Full URL
https://mc.yandex.ru/watch/25634039/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1563195215154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190715145347%3Aet%3A1563195228%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A468714258%3Ahid%3A598177598%3Ads%3A0%2C3160%2C169%2C3%2C0%2C0%2C0%2C524%2C0%2C%2C%2C%2C4111%3Afp%3A4190%3Awn%3A14988%3Ahl%3A2%3Agdpr%3A14%3Av%3A1609%3Ast%3A1563195228%3Au%3A1563195228571444734%3At%3AResponse%20to%20information%20security%20incidents%20-%20CERT-GIB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jul 2019 12:53:47 GMT
Last-Modified
Mon, 15-Jul-2019 12:53:47 GMT
Server
nginx/1.14.2
Location
/watch/25634039/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1563195215154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190715145347%3Aet%3A1563195228%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A468714258%3Ahid%3A598177598%3Ads%3A0%2C3160%2C169%2C3%2C0%2C0%2C0%2C524%2C0%2C%2C%2C%2C4111%3Afp%3A4190%3Awn%3A14988%3Ahl%3A2%3Agdpr%3A14%3Av%3A1609%3Ast%3A1563195228%3Au%3A1563195228571444734%3At%3AResponse%20to%20information%20security%20incidents%20-%20CERT-GIB
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://www.group-ib.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 15-Jul-2019 12:53:47 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 15 Jul 2019 12:53:47 GMT
Last-Modified
Mon, 15-Jul-2019 12:53:47 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://www.group-ib.com
Strict-Transport-Security
max-age=31536000
Location
/watch/25634039/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1563195215154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190715145347%3Aet%3A1563195228%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A468714258%3Ahid%3A598177598%3Ads%3A0%2C3160%2C169%2C3%2C0%2C0%2C0%2C524%2C0%2C%2C%2C%2C4111%3Afp%3A4190%3Awn%3A14988%3Ahl%3A2%3Agdpr%3A14%3Av%3A1609%3Ast%3A1563195228%3Au%3A1563195228571444734%3At%3AResponse%20to%20information%20security%20incidents%20-%20CERT-GIB
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 15-Jul-2019 12:53:47 GMT
/
px.ads.linkedin.com/collect/
Redirect Chain
  • https://px.ads.linkedin.com/collect/?time=1563195227682&pid=71960&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&fmt=js&s=1
  • https://px.ads.linkedin.com/collect/?time=1563195227682&pid=71960&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&fmt=js&s=1&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1563195227682%26pid%3D71960%26url%3Dhttps%253A%252F%252Fwww.group-ib.com%252Fcert.html%26fmt%3Dj...
  • https://px.ads.linkedin.com/collect/?time=1563195227682&pid=71960&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&fmt=js&s=1&cookiesTest=true&liSync=true
0
110 B
Script
General
Full URL
https://px.ads.linkedin.com/collect/?time=1563195227682&pid=71960&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&fmt=js&s=1&cookiesTest=true&liSync=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 12:53:48 GMT
content-encoding
gzip
server
Play
vary
Accept-Encoding
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
20
x-li-uuid
o8DIjcKVsRVg6QcnzyoAAA==

Redirect headers

date
Mon, 15 Jul 2019 12:53:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
302
x-li-pop
prod-efr5
content-length
20
x-li-uuid
qEPyHMeVsRUggIs42SoAAA==
pragma
no-cache
server
Play
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect/?time=1563195227682&pid=71960&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
445 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 15 Jul 2019 12:53:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.14.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Mon, 15 Jul 2019 13:53:47 GMT
1
mc.yandex.ru/watch/25634039/
133 B
685 B
XHR
General
Full URL
https://mc.yandex.ru/watch/25634039/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1563195215154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190715145347%3Aet%3A1563195228%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A468714258%3Ahid%3A598177598%3Ads%3A0%2C3160%2C169%2C3%2C0%2C0%2C0%2C524%2C0%2C%2C%2C%2C4111%3Afp%3A4190%3Awn%3A14988%3Ahl%3A2%3Agdpr%3A14%3Av%3A1609%3Ast%3A1563195228%3Au%3A1563195228571444734%3At%3AResponse%20to%20information%20security%20incidents%20-%20CERT-GIB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
feca9b103b70e76ad125afdad69b63e9d7d8e54904dcc600b59cbb879d560159
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.group-ib.com/cert.html
Origin
https://www.group-ib.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 15 Jul 2019 12:53:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 15-Jul-2019 12:53:47 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.group-ib.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
133
X-XSS-Protection
1; mode=block
Expires
Mon, 15-Jul-2019 12:53:47 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| dataLayer function| $ function| jQuery object| conf function| fbAsyncInit object| google_tag_manager function| _classCallCheck function| executeFunctionByName function| _createClass object| landing function| Action object| actions function| CubicGallery function| CubicGallery2 function| Parallax function| Popup function| SelectThis function| CubicForm function| CubicSticky function| SwipeDetector function| CubicSwitcher function| CubicTabs function| ChangeForm function| Accordeon function| EmailsBase function| wr function| Cookies function| CrmForm object| gacid object| gaClientId function| metrics object| News object| showMore object| News2 function| PollForm function| fillPoll function| share_vacancy_fb function| share_vacancy_tw function| ShowMore2 function| CubicTags function| Tumbler function| initTumbler function| Unsubscribe string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| fbq function| _fbq object| popups function| initCrmForms object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| FB function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| MunchkinTracker object| Ya object| yaCounter25634039 function| _bizo_local_logger function| _bizo_fire_partners boolean| _bizo_main_already_called

4 Cookies

Domain/Path Name / Value
.group-ib.com/ Name: _ym_visorc_25634039
Value: w
.group-ib.com/ Name: _ym_isad
Value: 2
.group-ib.com/ Name: _ym_d
Value: 1563195228
.group-ib.com/ Name: _ym_uid
Value: 1563195228571444734

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

689-lre-818.mktoresp.com
connect.facebook.net
mc.yandex.ru
munchkin.marketo.net
px.ads.linkedin.com
snap.licdn.com
staticxx.facebook.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.group-ib.com
www.linkedin.com
104.111.251.133
134.213.193.62
178.248.235.63
2a00:1450:4001:808::2004
2a00:1450:4001:817::2008
2a00:1450:4001:819::2003
2a00:1450:4001:81e::200e
2a00:1450:400c:c04::9a
2a02:26f0:6c00:296::25ea
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:11:101::b93f:9005
001573bc52d5156b85d784f94bd06e0754de86452ea9858c78ce43de30ea5998
077dad3be3a10854dc97527ce83bbf6422309d807f6e4b3492de78005d786cdc
09273e08ac3dfff9b50d542399a39e01549d1eb79202aba74cbdc4bca5849372
0ea8a38dd231bd18f82c0fe04c7a14115ecd5600c62be4e7296251f4fd8385b8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
152219868cef4635b4972013cd154c5d5568fa47ff662a1a527620401b60e152
163907259fa19c5b768aea83f82db575b01aad0fd5fbf9ac448d3db383229547
206d8cf5d1a0149c666651755b0f7b0b62a50882d61a5d18eaddc7317bb92a53
2c586667f2d7b7b6800bf99c6e6d07ad7e4c2065ad3d535d506a2e1ee4aa5c70
3d182ee0f07ddfce11becaa93eaf8f34c919d8d1d04a066ee3e8096cc40b025f
404a6340a98cb50c415b3fd2e66074fe487a4f1b87c424320c7c48281230c5d7
4e83bbbf7fd8158894a47483dee9b3ec396710121cc5cedd9469759377b07c46
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c5a17535255eb3e25bd024a07ef44f54dbb56f3a2783ee6cfa6e86afe1363b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
639e4227700e66031f86c3b756c5bfd5389bd9dc8d679c0f5368c51b0d047cae
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8701b62242d142522860f439f260d43b078c37a0b1c0030354a23eafdb944737
8b3ecc577e9722ca0bb5fd08ce6e5b800b114001af146f2a03865ab2859e9eb1
931d989e86a959fa8537a45b9833ea9c97eb12097dfd40731a458a0348ee7990
98536ae3b508805f0c4d00d2b8238b937a9bf3e3cd86e2cb2f67cb4360e1987e
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9ee338bd03594461a939b661840e43fec02d7345e19e3ad12509c06ba37ad355
9efa2c392ae079ad57599b3ba03aecdb8e975ffe3e3b3c9f666cad209f1a3b1a
a3424bb952a5417354cb6fcae176b363a43900d9a3596c3c2e7a0228febbea67
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
b4b270e405f3680387545b2613ed4efb0e20a2924e1848be905e424324fd6fc3
b72e11af33a0a0218cb9f5f99a967727ec4a6f25cdcfebaa8fe9d0fe0115e72c
b9359fb2ede98f399018bc11fdd644e8ae4909fd7e836b61e88f1998a42fd6ee
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d8f54e5dd44ac9f01e822ec4c2586b26ded075692f88bc3510e5e96264b17a62
dd2344a168bef37c706400f1a5656fc16f231ad7e43744132c8b08e8474a33ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e879f79cf3432a5c0e30fe7ff7bbbccf97fb8adf675ea88a3349f22936b73a9d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775
fe9a7ca1e475140e6b37fbc86a5efcd3251be4348137aa07231bd91ee8678b7c
feca9b103b70e76ad125afdad69b63e9d7d8e54904dcc600b59cbb879d560159