sso.group-ib.com
Open in
urlscan Pro
162.55.218.201
Public Scan
Effective URL: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d...
Submission: On March 17 via manual from AE — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 29th 2022. Valid for: a year.
This is the only time sso.group-ib.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 3 | 168.119.134.148 168.119.134.148 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 15 | 162.55.218.201 162.55.218.201 | 24940 (HETZNER-AS) (HETZNER-AS) | |
14 | 1 |
ASN24940 (HETZNER-AS, DE)
PTR: static.148.134.119.168.clients.your-server.de
drp.group-ib.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.201.218.55.162.clients.your-server.de
sso.group-ib.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
group-ib.com
4 redirects
drp.group-ib.com sso.group-ib.com |
1 MB |
14 | 1 |
Domain | Requested by | |
---|---|---|
15 | sso.group-ib.com |
1 redirects
sso.group-ib.com
|
3 | drp.group-ib.com | 3 redirects |
14 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
group-ib.com |
www.group-ib.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.group-ib.com Sectigo RSA Domain Validation Secure Server CA |
2022-06-29 - 2023-07-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
Frame ID: 7E924A89ABC691AAF8C43D2EB566590F
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Group-IB AuthenticationPage URL History Show full URLs
-
http://drp.group-ib.com/
HTTP 301
https://drp.group-ib.com/ HTTP 307
https://drp.group-ib.com/auth/sso/connect/ HTTP 302
https://sso.group-ib.com/oauth/v2/auth?state=e832d289c59c7a1fc155d1bd5a5e1869&scope=app&response_type... HTTP 302
https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De... Page URL
- https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Try demo
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://drp.group-ib.com/
HTTP 301
https://drp.group-ib.com/ HTTP 307
https://drp.group-ib.com/auth/sso/connect/ HTTP 302
https://sso.group-ib.com/oauth/v2/auth?state=e832d289c59c7a1fc155d1bd5a5e1869&scope=app&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fdrp.group-ib.com%2Fsso%2Fcheck&client_id=dda44adf27ab36f91e50c1520fa059ebbae25a9f HTTP 302
https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f Page URL
- https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://drp.group-ib.com/ HTTP 301
- https://drp.group-ib.com/ HTTP 307
- https://drp.group-ib.com/auth/sso/connect/ HTTP 302
- https://sso.group-ib.com/oauth/v2/auth?state=e832d289c59c7a1fc155d1bd5a5e1869&scope=app&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fdrp.group-ib.com%2Fsso%2Fcheck&client_id=dda44adf27ab36f91e50c1520fa059ebbae25a9f HTTP 302
- https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
sso.group-ib.com/ Redirect Chain
|
564 B 629 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
02208d50-3388-11ed-99bf-b679f56265da.js
sso.group-ib.com/js/ |
284 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
idgib-w-sso
sso.group-ib.com/api/fl/ |
205 B 636 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
fl
sso.group-ib.com/api/ |
665 B 957 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
sso.group-ib.com/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
fl
sso.group-ib.com/api/ |
665 B 664 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.032779e5.chunk.css
sso.group-ib.com/static/css/ |
59 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.9e4736d9.chunk.css
sso.group-ib.com/static/css/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
02208d50-3388-11ed-99bf-b679f56265da.js
sso.group-ib.com/js/ |
284 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.d3dabe93.chunk.js
sso.group-ib.com/static/js/ |
571 KB 194 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.f27b0848.chunk.js
sso.group-ib.com/static/js/ |
133 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AI.3f16321e.png
sso.group-ib.com/static/media/ |
651 KB 652 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
idgib-w-sso
sso.group-ib.com/api/fl/ |
217 B 593 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
fl
sso.group-ib.com/api/ |
665 B 785 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| GIB function| evCustomInit boolean| __490b4151545cea713cb1b1346e7edd3b__ function| gibSetAttribute function| gibSetAttributeCallback function| gibRemoveAttribute function| gibHash function| gibEncrypt object| gib string| __guc__1.0.0 object| webpackJsonpgib-sso-login object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
drp.group-ib.com/ | Name: PHPSESSID Value: dk7c1i5llsutsc0cc8450ptj8t |
|
.sso.group-ib.com/ | Name: __zzatgib-w-sso Value: MDA0dBA=Fz2+aQ== |
|
.group-ib.com/ | Name: __zzatgib-w-sso Value: MDA0dBA=Fz2+aQ== |
|
sso.group-ib.com/ | Name: gssc114 Value: |
|
sso.group-ib.com/ | Name: PHPSESSID Value: 3ba68d14aea28ba70bedb8dc4c0a5548 |
|
sso.group-ib.com/ | Name: cfidsgib-w-sso Value: zf9xbA5KXY/hO2QVsn26YIyfCUmrMIAEgeQa0+HdZSZnn8Smoh5SkfQ4h5VWV3SHTr4iHLjofQTQRJz2XorIzMeLtXBjLMfqU08kfq0qY6NpSmhm1/fDaTG9CsaRAfnpJckyTHupUYAD6hCmHSZOcNrBccdOIo1VVhqj |
|
.sso.group-ib.com/ | Name: cfidsgib-w-sso Value: zf9xbA5KXY/hO2QVsn26YIyfCUmrMIAEgeQa0+HdZSZnn8Smoh5SkfQ4h5VWV3SHTr4iHLjofQTQRJz2XorIzMeLtXBjLMfqU08kfq0qY6NpSmhm1/fDaTG9CsaRAfnpJckyTHupUYAD6hCmHSZOcNrBccdOIo1VVhqj |
|
.group-ib.com/ | Name: cfidsgib-w-sso Value: zf9xbA5KXY/hO2QVsn26YIyfCUmrMIAEgeQa0+HdZSZnn8Smoh5SkfQ4h5VWV3SHTr4iHLjofQTQRJz2XorIzMeLtXBjLMfqU08kfq0qY6NpSmhm1/fDaTG9CsaRAfnpJckyTHupUYAD6hCmHSZOcNrBccdOIo1VVhqj |
|
.sso.group-ib.com/ | Name: gsscgib-w-sso Value: P6y3garoLmtxg/MfRMGz0a8wHMPwUBA/ztlpE30q0LTwZOH003IywEZaWyIT1DEa6AvRWj6zQn4e/QEov4nvZLyp29PVKxDRTiF8M1YQ3Q42raZUfswwyf+G6//daVRzZS3ztLVVCLgcYm9liE+VvEcjWJJveDEAw/tjBPM7mXffiZfBdD84g/0ULxluQ8kIdbtrgZZxpNweshn72g5aW7jmxxKR4fw0QcPkbnpwTVvBb/Ag6UtllqSKBx2ucQ== |
|
.group-ib.com/ | Name: gsscgib-w-sso Value: P6y3garoLmtxg/MfRMGz0a8wHMPwUBA/ztlpE30q0LTwZOH003IywEZaWyIT1DEa6AvRWj6zQn4e/QEov4nvZLyp29PVKxDRTiF8M1YQ3Q42raZUfswwyf+G6//daVRzZS3ztLVVCLgcYm9liE+VvEcjWJJveDEAw/tjBPM7mXffiZfBdD84g/0ULxluQ8kIdbtrgZZxpNweshn72g5aW7jmxxKR4fw0QcPkbnpwTVvBb/Ag6UtllqSKBx2ucQ== |
|
.sso.group-ib.com/ | Name: fgsscgib-w-sso Value: uZWi27b75a2aed3301af98481702ed33ed84e803 |
|
.group-ib.com/ | Name: fgsscgib-w-sso Value: uZWi27b75a2aed3301af98481702ed33ed84e803 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
drp.group-ib.com
sso.group-ib.com
162.55.218.201
168.119.134.148
33b4c76ed8097ae6f493df7e17bc58e48f0ad8134147cd413552cf6c69d1d76d
3673bcee336736fcb16e2d844b2ed95d4c5999060913ed02f1eb4b5019d189fa
5b1455bff6204de659e85fd0c3ef5d344887cd6af780a99fac40d47daf7b8ef2
5f228628ee324550754298eb95c7737d2f1c5933b1d7499cb923752141d5c514
7d740ca958f7ba50f4b39cc55fc687324e19a4189bbc2a00caaa519b8645683a
8074e5978b4b14893edbb702bd131abcc67089c844239d08313d445664a676e6
8ab01a7e941af63db457bd216ce8b0bedd531ee9e96354bdb8d7601877e57a9c
9c67a1dd333b528aeaaa280722239b3dda415e0eb0622d520c11e1cedf0ce6ee
a323f37e4aedcf2dd84db07ce50ff3f8bfc818bb24cc709f267bc5f29e392c7c
abb361908f9edb17b690769a4ca5629daa34b65693a6edf326f49c6f2abc1215
be1861bcf02c4701be3ec014f2dbdee4e363b60999faf4dc1be6a1015857095a
cce43ddbcdc363ba5733795500ad08848cb03adc37f5e0e92a0ca5e6d6194a6d
f778be56068e0d16dfb9ab6daa56315420a4e857e51b0401e1b6483695c6a7e1