sso.group-ib.com Open in urlscan Pro
162.55.218.201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://drp.group-ib.com/
Effective URL:
https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d...
Submission: On March 17 via manual (March 17th 2023, 5:54:27 am UTC) from AE — Scanned from DE

Summary HTTP 14 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 162.55.218.201, located in Germany and belongs to HETZNER-AS, DE. The main domain is sso.group-ib.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 29th 2022. Valid for: a year.

This is the only time sso.group-ib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	168.119.134.148 168.119.134.148	24940 (HETZNER-AS) (HETZNER-AS)
1 15	162.55.218.201 162.55.218.201	24940 (HETZNER-AS) (HETZNER-AS)
14	1

3 168.119.134.148 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.148.134.119.168.clients.your-server.de

drp.group-ib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 162.55.218.201 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.201.218.55.162.clients.your-server.de

sso.group-ib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	group-ib.com 4 redirects drp.group-ib.com sso.group-ib.com	1 MB
14	1

	Domain	Requested by
15	sso.group-ib.com	1 redirects sso.group-ib.com
3	drp.group-ib.com	3 redirects
14	2

This site contains links to these domains. Also see Links.

Domain
group-ib.com
www.group-ib.com

Subject Issuer	Validity	Valid
*.group-ib.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-29` - `2023-07-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
Frame ID: 7E924A89ABC691AAF8C43D2EB566590F
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Group-IB Authentication

Page URL History Show full URLs

http://drp.group-ib.com/ HTTP 301
https://drp.group-ib.com/ HTTP 307
https://drp.group-ib.com/auth/sso/connect/ HTTP 302
https://sso.group-ib.com/oauth/v2/auth?state=e832d289c59c7a1fc155d1bd5a5e1869&scope=app&response_type... HTTP 302
https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De... Page URL
https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De... Page URL

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

1122 kB
Transfer

2002 kB
Size

12
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://group-ib.com/

Search URL Search Domain Scan URL

URL: https://www.group-ib.com/products/threat-intelligence/
Title: Try demo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://drp.group-ib.com/ HTTP 301
https://drp.group-ib.com/ HTTP 307
https://drp.group-ib.com/auth/sso/connect/ HTTP 302
https://sso.group-ib.com/oauth/v2/auth?state=e832d289c59c7a1fc155d1bd5a5e1869&scope=app&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fdrp.group-ib.com%2Fsso%2Fcheck&client_id=dda44adf27ab36f91e50c1520fa059ebbae25a9f HTTP 302
https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f Page URL
https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://drp.group-ib.com/ HTTP 301
https://drp.group-ib.com/ HTTP 307
https://drp.group-ib.com/auth/sso/connect/ HTTP 302
https://sso.group-ib.com/oauth/v2/auth?state=e832d289c59c7a1fc155d1bd5a5e1869&scope=app&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fdrp.group-ib.com%2Fsso%2Fcheck&client_id=dda44adf27ab36f91e50c1520fa059ebbae25a9f HTTP 302
https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

/ Show response
sso.group-ib.com/
Redirect Chain

http://drp.group-ib.com/
https://drp.group-ib.com/
https://drp.group-ib.com/auth/sso/connect/
https://sso.group-ib.com/oauth/v2/auth?state=e832d289c59c7a1fc155d1bd5a5e1869&scope=app&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fdrp.group-ib.com%2Fsso%2Fcheck&client_id=d...
https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26...

564 B
629 B

12ms
12ms

Document
text/html

162.55.218.201
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.218.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.201.218.55.162.clients.your-server.de
Software: /
Resource Hash: f778be56068e0d16dfb9ab6daa56315420a4e857e51b0401e1b6483695c6a7e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 564
content-type: text/html
date: Fri, 17 Mar 2023 05:54:22 GMT

Redirect headers

allow: GET
cache-control: max-age=0, must-revalidate, private
content-security-policy: frame-ancestors 'self';
content-type: application/json
date: Fri, 17 Mar 2023 05:54:22 GMT
expires: Fri, 17 Mar 2023 05:54:22 GMT
feature-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
location: /?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
permissions-policy: camera=(),microphone=(),geolocation=(),encrypted-media=(),payment=(),speaker=(),usb=(),
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

GET
H2 200 02208d50-3388-11ed-99bf-b679f56265da.js Show response
sso.group-ib.com/js/ 284 KB
108 KB 35ms
35ms Script
application/javascript 162.55.218.201
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.group-ib.com/js/02208d50-3388-11ed-99bf-b679f56265da.js

Requested by

Host: sso.group-ib.com
URL: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.55.218.201 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.201.218.55.162.clients.your-server.de

Software

istio-envoy /

Resource Hash

7d740ca958f7ba50f4b39cc55fc687324e19a4189bbc2a00caaa519b8645683a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 05:54:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 17 Oct 2022 13:24:24 GMT
server: istio-envoy
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
feature-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
permissions-policy: camera=(),microphone=(),geolocation=(),encrypted-media=(),payment=(),speaker=(),usb=(),
accept-ranges: bytes

GET
H2 200 idgib-w-sso Show response
sso.group-ib.com/api/fl/ 205 B
636 B 22ms
22ms XHR
application/json 162.55.218.201
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.group-ib.com/api/fl/idgib-w-sso
Requested by: Host: sso.group-ib.com
URL: https://sso.group-ib.com/js/02208d50-3388-11ed-99bf-b679f56265da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.218.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.201.218.55.162.clients.your-server.de
Software: nginx /
Resource Hash: 8ab01a7e941af63db457bd216ce8b0bedd531ee9e96354bdb8d7601877e57a9c

Request headers

Referer: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
x-cfids: -

Response headers

date: Fri, 17 Mar 2023 05:54:23 GMT
content-encoding: gzip
server: nginx
etag: W/"hk3tX3X/RLHGa0Om9yd8rhWoxLbE0WJZInrke5IvbnQcaZo0HEyPITS8krvmRNsGWt0NSjIumW1EePM1k1tv2K4mjMUmO16mbLYIoxlSaUERVO4tyGiDeJ0zwNxvzbVy0V+zKueuuZ99VQsB4i5mpHdt"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache
x-envoy-upstream-service-time: 1

POST
H2 200 fl Show response
sso.group-ib.com/api/ 665 B
957 B 19ms
19ms XHR
application/json 162.55.218.201
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.group-ib.com/api/fl?u=0da2192607&mv=2&cfidsgib-w-sso=hk3tX3X%2FRLHGa0Om9yd8rhWoxLbE0WJZInrke5IvbnQcaZo0HEyPITS8krvmRNsGWt0NSjIumW1EePM1k1tv2K4mjMUmO16mbLYIoxlSaUERVO4tyGiDeJ0zwNxvzbVy0V%2BzKueuuZ99VQsB4i5mpHdt
Requested by: Host: sso.group-ib.com
URL: https://sso.group-ib.com/js/02208d50-3388-11ed-99bf-b679f56265da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.218.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.201.218.55.162.clients.your-server.de
Software: nginx /
Resource Hash: 5f228628ee324550754298eb95c7737d2f1c5933b1d7499cb923752141d5c514

Request headers

Referer: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 17 Mar 2023 05:54:24 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sso.group-ib.com
cache-control: no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids,Authorization

GET
H2 200 Primary Request / Show response
sso.group-ib.com/ 3 KB
3 KB 49ms
49ms Document
text/html 162.55.218.201
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.55.218.201 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.201.218.55.162.clients.your-server.de

Software

istio-envoy /

Resource Hash

be1861bcf02c4701be3ec014f2dbdee4e363b60999faf4dc1be6a1015857095a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

allow: GET
cache-control: max-age=0, must-revalidate, private
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=UTF-8
date: Fri, 17 Mar 2023 05:54:24 GMT
expires: Fri, 17 Mar 2023 05:54:24 GMT
feature-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
permissions-policy: camera=(),microphone=(),geolocation=(),encrypted-media=(),payment=(),speaker=(),usb=(),
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

POST
H2 200 fl
sso.group-ib.com/api/ 665 B
664 B 18ms
18ms Ping
application/json 162.55.218.201
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.group-ib.com/api/fl?u=0da2192607&mv=2&cfidsgib-w-sso=WoGalNwwBZW4ka0Cr%2FavGp%2BYt8HiTaUDwE9b4A%2FQkbYN4yMnC5OllzOk1RY%2BjvYgSfOzwwEMyv49sZvkticSN%2BYeYUlgTfRTc04Zb7jJIVd%2Bc10gWpEAZyUPl9eAWkoYEFBg5mksxYy3LcjGBEp3jXpueY3yuy5O637k
Requested by: Host: sso.group-ib.com
URL: https://sso.group-ib.com/js/02208d50-3388-11ed-99bf-b679f56265da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.218.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.201.218.55.162.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Referer: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 17 Mar 2023 05:54:24 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sso.group-ib.com
cache-control: no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids,Authorization

GET
H2 200 2.032779e5.chunk.css
sso.group-ib.com/static/css/ 59 KB
11 KB 64ms
62ms Stylesheet
text/css 162.55.218.201
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.group-ib.com/static/css/2.032779e5.chunk.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.55.218.201 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.201.218.55.162.clients.your-server.de

Software

istio-envoy /

Resource Hash

a323f37e4aedcf2dd84db07ce50ff3f8bfc818bb24cc709f267bc5f29e392c7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 05:54:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 24 Oct 2022 17:21:49 GMT
server: istio-envoy
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
feature-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
permissions-policy: camera=(),microphone=(),geolocation=(),encrypted-media=(),payment=(),speaker=(),usb=(),
accept-ranges: bytes

GET
H2 200 main.9e4736d9.chunk.css
sso.group-ib.com/static/css/ 14 KB
4 KB 113ms
111ms Stylesheet
text/css 162.55.218.201
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.group-ib.com/static/css/main.9e4736d9.chunk.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.55.218.201 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.201.218.55.162.clients.your-server.de

Software

istio-envoy /

Resource Hash

8074e5978b4b14893edbb702bd131abcc67089c844239d08313d445664a676e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 05:54:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 13 Feb 2023 05:18:25 GMT
server: istio-envoy
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
feature-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
permissions-policy: camera=(),microphone=(),geolocation=(),encrypted-media=(),payment=(),speaker=(),usb=(),
accept-ranges: bytes

GET
H2 200 02208d50-3388-11ed-99bf-b679f56265da.js Show response
sso.group-ib.com/js/ 284 KB
108 KB 33ms
32ms Script
application/javascript 162.55.218.201
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.group-ib.com/js/02208d50-3388-11ed-99bf-b679f56265da.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.55.218.201 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.201.218.55.162.clients.your-server.de

Software

istio-envoy /

Resource Hash

cce43ddbcdc363ba5733795500ad08848cb03adc37f5e0e92a0ca5e6d6194a6d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 05:54:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 17 Oct 2022 13:24:24 GMT
server: istio-envoy
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
feature-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
permissions-policy: camera=(),microphone=(),geolocation=(),encrypted-media=(),payment=(),speaker=(),usb=(),
accept-ranges: bytes

GET
H2 200 2.d3dabe93.chunk.js Show response
sso.group-ib.com/static/js/ 571 KB
194 KB 34ms
33ms Script
application/javascript 162.55.218.201
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.group-ib.com/static/js/2.d3dabe93.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.55.218.201 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.201.218.55.162.clients.your-server.de

Software

istio-envoy /

Resource Hash

33b4c76ed8097ae6f493df7e17bc58e48f0ad8134147cd413552cf6c69d1d76d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 05:54:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 13 Jan 2023 14:15:42 GMT
server: istio-envoy
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
feature-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
permissions-policy: camera=(),microphone=(),geolocation=(),encrypted-media=(),payment=(),speaker=(),usb=(),
accept-ranges: bytes

GET
H2 200 main.f27b0848.chunk.js Show response
sso.group-ib.com/static/js/ 133 KB
39 KB 81ms
81ms Script
application/javascript 162.55.218.201
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.group-ib.com/static/js/main.f27b0848.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.55.218.201 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.201.218.55.162.clients.your-server.de

Software

istio-envoy /

Resource Hash

3673bcee336736fcb16e2d844b2ed95d4c5999060913ed02f1eb4b5019d189fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 05:54:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 07:40:15 GMT
server: istio-envoy
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
feature-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
permissions-policy: camera=(),microphone=(),geolocation=(),encrypted-media=(),payment=(),speaker=(),usb=(),
accept-ranges: bytes

GET
H2 200 AI.3f16321e.png
sso.group-ib.com/static/media/ 651 KB
652 KB 40ms
39ms Image
image/png 162.55.218.201
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.group-ib.com/static/media/AI.3f16321e.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.55.218.201 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.201.218.55.162.clients.your-server.de

Software

istio-envoy /

Resource Hash

abb361908f9edb17b690769a4ca5629daa34b65693a6edf326f49c6f2abc1215

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Fri, 17 Mar 2023 05:54:24 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-dns-prefetch-control: off
content-length: 666842
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 17 Oct 2022 13:24:24 GMT
server: istio-envoy
etag: "634d5788-a2cda"
x-download-options: noopen
x-frame-options: sameorigin
content-type: image/png
feature-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
permissions-policy: camera=(),microphone=(),geolocation=(),encrypted-media=(),payment=(),speaker=(),usb=(),
accept-ranges: bytes

GET
H2 200 idgib-w-sso Show response
sso.group-ib.com/api/fl/ 217 B
593 B 20ms
19ms XHR
application/json 162.55.218.201
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.group-ib.com/api/fl/idgib-w-sso
Requested by: Host: sso.group-ib.com
URL: https://sso.group-ib.com/js/02208d50-3388-11ed-99bf-b679f56265da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.218.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.201.218.55.162.clients.your-server.de
Software: nginx /
Resource Hash: 5b1455bff6204de659e85fd0c3ef5d344887cd6af780a99fac40d47daf7b8ef2

Request headers

Referer: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
X-GIB-GSSCgib-w-sso: VkPXs91lCFb8leSwYrxB4TnnO7o1FmZfBjuhs5PGNYJudzSbHoaTz3r6nT4+Era1NmkE/CTsZS9QWOCbVEa/opdhx440xTnCQx3v0SJbmAxkf97y0hcXyeFqjkIlDfWtNxNUTYzLtpwT4QeVySYkf0+MqyOzLGVUSMPLMG5GwjtdzkgCQfbBkKS/oo9OSM/hKwb/er+gdmsaVhMJGXrOKtWrYIff/PPs0GtU7IjQjywHYmQfl09di15xmK5UNA==
accept-language: de-DE,de;q=0.9
X-GIB-FGSSCgib-w-sso: uDVEa9d93745d5bcc8b6209d1dcaca750535b637
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
x-cfids: WoGalNwwBZW4ka0Cr/avGp+Yt8HiTaUDwE9b4A/QkbYN4yMnC5OllzOk1RY+jvYgSfOzwwEMyv49sZvkticSN+YeYUlgTfRTc04Zb7jJIVd+c10gWpEAZyUPl9eAWkoYEFBg5mksxYy3LcjGBEp3jXpueY3yuy5O637k

Response headers

date: Fri, 17 Mar 2023 05:54:24 GMT
content-encoding: gzip
server: nginx
etag: W/"nlEDMEPqhnuwupJY1aG2QlF4r7bam52cSWxyKg9Th6Xil9lJnq5FWM1KeMiVtd3FlVjigOH2pcGplxA3T6ZQL37KPQr2mt764alQutIxlcuo586ojYsBXT4wESeGYDsJsG4apUDN7mm4DR4DBgDNFiI9t20l1ifA1AU5"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache
x-envoy-upstream-service-time: 0

POST
H2 200 fl Show response
sso.group-ib.com/api/ 665 B
785 B 20ms
20ms XHR
application/json 162.55.218.201
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.group-ib.com/api/fl?u=0da2192607&mv=2&cfidsgib-w-sso=nlEDMEPqhnuwupJY1aG2QlF4r7bam52cSWxyKg9Th6Xil9lJnq5FWM1KeMiVtd3FlVjigOH2pcGplxA3T6ZQL37KPQr2mt764alQutIxlcuo586ojYsBXT4wESeGYDsJsG4apUDN7mm4DR4DBgDNFiI9t20l1ifA1AU5
Requested by: Host: sso.group-ib.com
URL: https://sso.group-ib.com/js/02208d50-3388-11ed-99bf-b679f56265da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.218.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.201.218.55.162.clients.your-server.de
Software: nginx /
Resource Hash: 9c67a1dd333b528aeaaa280722239b3dda415e0eb0622d520c11e1cedf0ce6ee

Request headers

Referer: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f
X-GIB-GSSCgib-w-sso: VkPXs91lCFb8leSwYrxB4TnnO7o1FmZfBjuhs5PGNYJudzSbHoaTz3r6nT4+Era1NmkE/CTsZS9QWOCbVEa/opdhx440xTnCQx3v0SJbmAxkf97y0hcXyeFqjkIlDfWtNxNUTYzLtpwT4QeVySYkf0+MqyOzLGVUSMPLMG5GwjtdzkgCQfbBkKS/oo9OSM/hKwb/er+gdmsaVhMJGXrOKtWrYIff/PPs0GtU7IjQjywHYmQfl09di15xmK5UNA==
accept-language: de-DE,de;q=0.9
X-GIB-FGSSCgib-w-sso: Gu5Ac802594731814b1c87012dd583b41aa75d2c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 17 Mar 2023 05:54:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sso.group-ib.com
cache-control: no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids,Authorization

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
drp.group-ib.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: dk7c1i5llsutsc0cc8450ptj8t
.sso.group-ib.com/	1970-01-20 19:09:28	Name: __zzatgib-w-sso Value: MDA0dBA=Fz2+aQ==
.group-ib.com/	1970-01-20 19:09:28	Name: __zzatgib-w-sso Value: MDA0dBA=Fz2+aQ==
sso.group-ib.com/	1970-01-20 10:23:52	Name: gssc114 Value:
sso.group-ib.com/	1970-01-20 10:25:18	Name: PHPSESSID Value: 3ba68d14aea28ba70bedb8dc4c0a5548
sso.group-ib.com/	1970-01-20 19:09:28	Name: cfidsgib-w-sso Value: zf9xbA5KXY/hO2QVsn26YIyfCUmrMIAEgeQa0+HdZSZnn8Smoh5SkfQ4h5VWV3SHTr4iHLjofQTQRJz2XorIzMeLtXBjLMfqU08kfq0qY6NpSmhm1/fDaTG9CsaRAfnpJckyTHupUYAD6hCmHSZOcNrBccdOIo1VVhqj
.sso.group-ib.com/	1970-01-20 19:09:28	Name: cfidsgib-w-sso Value: zf9xbA5KXY/hO2QVsn26YIyfCUmrMIAEgeQa0+HdZSZnn8Smoh5SkfQ4h5VWV3SHTr4iHLjofQTQRJz2XorIzMeLtXBjLMfqU08kfq0qY6NpSmhm1/fDaTG9CsaRAfnpJckyTHupUYAD6hCmHSZOcNrBccdOIo1VVhqj
.group-ib.com/	1970-01-20 19:09:28	Name: cfidsgib-w-sso Value: zf9xbA5KXY/hO2QVsn26YIyfCUmrMIAEgeQa0+HdZSZnn8Smoh5SkfQ4h5VWV3SHTr4iHLjofQTQRJz2XorIzMeLtXBjLMfqU08kfq0qY6NpSmhm1/fDaTG9CsaRAfnpJckyTHupUYAD6hCmHSZOcNrBccdOIo1VVhqj
.sso.group-ib.com/	1970-01-20 19:09:28	Name: gsscgib-w-sso Value: P6y3garoLmtxg/MfRMGz0a8wHMPwUBA/ztlpE30q0LTwZOH003IywEZaWyIT1DEa6AvRWj6zQn4e/QEov4nvZLyp29PVKxDRTiF8M1YQ3Q42raZUfswwyf+G6//daVRzZS3ztLVVCLgcYm9liE+VvEcjWJJveDEAw/tjBPM7mXffiZfBdD84g/0ULxluQ8kIdbtrgZZxpNweshn72g5aW7jmxxKR4fw0QcPkbnpwTVvBb/Ag6UtllqSKBx2ucQ==
.group-ib.com/	1970-01-20 19:09:28	Name: gsscgib-w-sso Value: P6y3garoLmtxg/MfRMGz0a8wHMPwUBA/ztlpE30q0LTwZOH003IywEZaWyIT1DEa6AvRWj6zQn4e/QEov4nvZLyp29PVKxDRTiF8M1YQ3Q42raZUfswwyf+G6//daVRzZS3ztLVVCLgcYm9liE+VvEcjWJJveDEAw/tjBPM7mXffiZfBdD84g/0ULxluQ8kIdbtrgZZxpNweshn72g5aW7jmxxKR4fw0QcPkbnpwTVvBb/Ag6UtllqSKBx2ucQ==
.sso.group-ib.com/	1970-01-20 19:09:28	Name: fgsscgib-w-sso Value: uZWi27b75a2aed3301af98481702ed33ed84e803
.group-ib.com/	1970-01-20 19:09:28	Name: fgsscgib-w-sso Value: uZWi27b75a2aed3301af98481702ed33ed84e803

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sso.group-ib.com/?redirect_uri=https%3A%2F%2Fsso.group-ib.com%2Foauth%2Fv2%2Fauth%3Fstate%3De832d289c59c7a1fc155d1bd5a5e1869%26scope%3Dapp%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fdrp.group-ib.com%252Fsso%252Fcheck%26client_id%3Ddda44adf27ab36f91e50c1520fa059ebbae25a9f Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security	error	Message: Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

drp.group-ib.com
sso.group-ib.com
162.55.218.201
168.119.134.148
33b4c76ed8097ae6f493df7e17bc58e48f0ad8134147cd413552cf6c69d1d76d
3673bcee336736fcb16e2d844b2ed95d4c5999060913ed02f1eb4b5019d189fa
5b1455bff6204de659e85fd0c3ef5d344887cd6af780a99fac40d47daf7b8ef2
5f228628ee324550754298eb95c7737d2f1c5933b1d7499cb923752141d5c514
7d740ca958f7ba50f4b39cc55fc687324e19a4189bbc2a00caaa519b8645683a
8074e5978b4b14893edbb702bd131abcc67089c844239d08313d445664a676e6
8ab01a7e941af63db457bd216ce8b0bedd531ee9e96354bdb8d7601877e57a9c
9c67a1dd333b528aeaaa280722239b3dda415e0eb0622d520c11e1cedf0ce6ee
a323f37e4aedcf2dd84db07ce50ff3f8bfc818bb24cc709f267bc5f29e392c7c
abb361908f9edb17b690769a4ca5629daa34b65693a6edf326f49c6f2abc1215
be1861bcf02c4701be3ec014f2dbdee4e363b60999faf4dc1be6a1015857095a
cce43ddbcdc363ba5733795500ad08848cb03adc37f5e0e92a0ca5e6d6194a6d
f778be56068e0d16dfb9ab6daa56315420a4e857e51b0401e1b6483695c6a7e1

sso.group-ib.com Open in urlscan Pro 162.55.218.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

1122 kBTransfer

2002 kBSize

12 Cookies

2 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

12 Cookies

3 Console Messages

Indicators

sso.group-ib.com Open in urlscan Pro
162.55.218.201 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

1122 kB
Transfer

2002 kB
Size

12
Cookies

14 HTTP transactions
0 data transactions