Submitted URL: http://cert-gib.com/
Effective URL: https://www.group-ib.com/cert.html
Submission: On March 02 via api from TR — Scanned from DE

Summary

This website contacted 31 IPs in 7 countries across 24 domains to perform 97 HTTP transactions. The main IP is 3.72.181.255, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.group-ib.com. The Cisco Umbrella rank of the primary domain is 787660.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 28th 2022. Valid for: a year.
This is the only time www.group-ib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 5.9.185.28 24940 (HETZNER-AS)
1 35 3.72.181.255 16509 (AMAZON-02)
2 3.72.191.153 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.65.255.172 13335 (CLOUDFLAR...)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 104.16.92.80 13335 (CLOUDFLAR...)
2 6 2a00:1450:400... 15169 (GOOGLE)
2 172.65.232.43 13335 (CLOUDFLAR...)
6 104.96.140.70 16625 (AKAMAI-AS)
1 146.75.116.157 54113 (FASTLY)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 13.225.78.38 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 185.17.9.183 49505 (SELECTEL)
2 142.250.185.98 15169 (GOOGLE)
2 7 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:402... 15169 (GOOGLE)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
1 185.89.210.46 29990 (ASN-APPNEX)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
97 31
Apex Domain
Subdomains
Transfer
38 group-ib.com
www.group-ib.com — Cisco Umbrella Rank: 787660
fhp-aws-antibot-back.group-ib.com
ru.id.group-ib.com — Cisco Umbrella Rank: 188954
9 MB
11 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 4370
google.com — Cisco Umbrella Rank: 1
1 KB
8 google.de
www.google.de — Cisco Umbrella Rank: 6149
989 B
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
6 KB
7 6sc.co
j.6sc.co — Cisco Umbrella Rank: 6488
c.6sc.co — Cisco Umbrella Rank: 9745
ipv6.6sc.co — Cisco Umbrella Rank: 6917
b.6sc.co — Cisco Umbrella Rank: 4795
13 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
337 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
www.linkedin.com — Cisco Umbrella Rank: 564
px4.ads.linkedin.com — Cisco Umbrella Rank: 6058
3 KB
3 hsforms.com
forms-eu1.hsforms.com — Cisco Umbrella Rank: 31541
forms.hsforms.com — Cisco Umbrella Rank: 3883
27 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
222 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
235 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 163
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 813
377 B
1 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 377
822 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 628
395 B
1 t.co
t.co — Cisco Umbrella Rank: 536
376 B
1 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 4464
2 KB
1 neverbounce.com
cdn.neverbounce.com — Cisco Umbrella Rank: 101049
29 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 704
5 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 633
15 KB
1 marketo.com
app-lon09.marketo.com — Cisco Umbrella Rank: 352159
69 KB
1 hsforms.net
js-eu1.hsforms.net — Cisco Umbrella Rank: 73795
159 KB
1 cert-gib.com
cert-gib.com
201 B
97 24
Domain Requested by
35 www.group-ib.com 1 redirects fhp-aws-antibot-back.group-ib.com
www.group-ib.com
8 www.google.de www.group-ib.com
7 www.google.com 2 redirects www.group-ib.com
6 googleads.g.doubleclick.net 2 redirects www.googletagmanager.com
5 www.googletagmanager.com www.group-ib.com
www.googletagmanager.com
4 b.6sc.co www.group-ib.com
3 google.com fhp-aws-antibot-back.group-ib.com
3 connect.facebook.net www.group-ib.com
connect.facebook.net
2 px.ads.linkedin.com 2 redirects
2 www.facebook.com www.group-ib.com
2 stats.g.doubleclick.net fhp-aws-antibot-back.group-ib.com
2 www.googleadservices.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.group-ib.com
2 forms-eu1.hsforms.com fhp-aws-antibot-back.group-ib.com
www.group-ib.com
2 fonts.googleapis.com www.group-ib.com
2 fhp-aws-antibot-back.group-ib.com www.group-ib.com
1 px4.ads.linkedin.com www.group-ib.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io fhp-aws-antibot-back.group-ib.com
1 forms.hsforms.com www.group-ib.com
1 ipv6.6sc.co fhp-aws-antibot-back.group-ib.com
1 c.6sc.co fhp-aws-antibot-back.group-ib.com
1 secure.adnxs.com fhp-aws-antibot-back.group-ib.com
1 analytics.twitter.com www.group-ib.com
1 t.co www.group-ib.com
1 region1.analytics.google.com fhp-aws-antibot-back.group-ib.com
1 ru.id.group-ib.com www.group-ib.com
1 ws.zoominfo.com www.group-ib.com
1 cdn.neverbounce.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 j.6sc.co www.group-ib.com
1 app-lon09.marketo.com www.group-ib.com
1 js-eu1.hsforms.net www.group-ib.com
1 cert-gib.com 1 redirects
97 35
Subject Issuer Validity Valid
www.group-ib.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-28 -
2023-06-28
a year crt.sh
*.group-ib.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-29 -
2023-07-04
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-15 -
2023-06-15
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-01-10 -
2023-03-09
2 months crt.sh
app-lon09.marketo.com
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.6sc.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-08 -
2023-03-11
a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-22 -
2023-08-22
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-02-01 -
2024-01-31
a year crt.sh
neverbounce.com
Amazon RSA 2048 M02
2023-02-13 -
2024-03-12
a year crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3
2022-04-21 -
2023-04-21
a year crt.sh
*.id.group-ib.com
R3
2022-12-29 -
2023-03-29
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
www.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
www.google.de
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-05 -
2024-02-05
a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-05 -
2024-02-05
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01
2023-02-24 -
2023-08-06
5 months crt.sh
*.google.de
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.group-ib.com/cert.html
Frame ID: 7B9EFA34C5354F925991291F9F661F33
Requests: 109 HTTP requests in this frame

Frame: https://ru.id.group-ib.com/id.html
Frame ID: 82B147792AE29834F54D24D11E60FF87
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2C18A205C9DEB5EA194B9F3EE6C2BB74
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Response to information security incidents - CERT-GIB

Page URL History Show full URLs

  1. http://cert-gib.com/ HTTP 301
    http://www.group-ib.com/cert.html HTTP 301
    https://www.group-ib.com/cert.html Page URL
  2. https://www.group-ib.com/cert.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

97
Requests

97 %
HTTPS

53 %
IPv6

24
Domains

35
Subdomains

31
IPs

7
Countries

10483 kB
Transfer

12811 kB
Size

37
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cert-gib.com/ HTTP 301
    http://www.group-ib.com/cert.html HTTP 301
    https://www.group-ib.com/cert.html Page URL
  2. https://www.group-ib.com/cert.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cert-gib.com/ HTTP 301
  • http://www.group-ib.com/cert.html HTTP 301
  • https://www.group-ib.com/cert.html
Request Chain 83
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1677763812124&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4496601%26time%3D1677763812124%26url%3Dhttps%253A%252F%252Fwww.group-ib.com%252Fcert.html%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1677763812124&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1677763812124&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2&liSync=true&e_ipv6=AQLT53wRG0HTowAAAYaihB0Um-0b0Za9rKfaio6l9UjWo2nHEeR0Lm-9p25ddQewRwY1eqqkhFlxeQ
Request Chain 93
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863262324/?random=1238645576&cv=11&fst=1677763811788&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=NAwCCJTDvd8CEPSs0ZsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=5KQAZI7WA9jm1gbElowo&sscte=1&crd=&pscrd=EkxDaEFJZ0stQm9BWVE1cVQwaG9MQW8td3VFaVVBcVZVdjhWVjJxTnNPb056VU5MTkdMdGxOUkFfT0RxcFQzdmd0Tm0zcGlqeUJKZmJXGlhDaEVJZ0stQm9BWVFuLVR3eEpfLTU5XzdBUkl0QUExSU5WQlN2SWQtRkxLRWRIa0NKQ3VxdWEzeTdDOE0zN19GQjZSb0x6ajAwSUc4cXhuYTQ3Z2VMY1lF HTTP 302
  • https://www.google.com/pagead/1p-conversion/863262324/?random=1238645576&cv=11&fst=1677763811788&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=NAwCCJTDvd8CEPSs0ZsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0stQm9BWVE1cVQwaG9MQW8td3VFaVVBcVZVdjhWVjJxTnNPb056VU5MTkdMdGxOUkFfT0RxcFQzdmd0Tm0zcGlqeUJKZmJXGlhDaEVJZ0stQm9BWVFuLVR3eEpfLTU5XzdBUkl0QUExSU5WQlN2SWQtRkxLRWRIa0NKQ3VxdWEzeTdDOE0zN19GQjZSb0x6ajAwSUc4cXhuYTQ3Z2VMY1lF&is_vtc=1&ocp_id=5KQAZI7WA9jm1gbElowo&cid=CAQSKQDUE5ymiWXmwkY84pFvLrxt3_PAxKkhM3DJfKtzGKuu0WGvLRTi0VKc&random=3451223376 HTTP 302
  • https://www.google.de/pagead/1p-conversion/863262324/?random=1238645576&cv=11&fst=1677763811788&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=NAwCCJTDvd8CEPSs0ZsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0stQm9BWVE1cVQwaG9MQW8td3VFaVVBcVZVdjhWVjJxTnNPb056VU5MTkdMdGxOUkFfT0RxcFQzdmd0Tm0zcGlqeUJKZmJXGlhDaEVJZ0stQm9BWVFuLVR3eEpfLTU5XzdBUkl0QUExSU5WQlN2SWQtRkxLRWRIa0NKQ3VxdWEzeTdDOE0zN19GQjZSb0x6ajAwSUc4cXhuYTQ3Z2VMY1lF&is_vtc=1&ocp_id=5KQAZI7WA9jm1gbElowo&cid=CAQSKQDUE5ymiWXmwkY84pFvLrxt3_PAxKkhM3DJfKtzGKuu0WGvLRTi0VKc&random=3451223376&ipr=y&prhg=0
Request Chain 94
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10865976765/?random=1141178806&cv=11&fst=1677763812137&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=FfadCJnh_KkDEL3Lpr0o&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=5KQAZPPPCc3VxwLp2ZKIBw&sscte=1&crd=&pscrd=EkxDaEFJZ0stQm9BWVE1cVQwaG9MQW8td3VFaVVBcVZVdjhWVjJxTnNPb056VU5MTkdMdGxOUkFfT0RxcFQzdmd0Tm0zcGlqeUJKZmJXGlhDaEVJZ0stQm9BWVFuLVR3eEpfLTU5XzdBUkl0QUExSU5WQ2dlTUJhN1VoQ1VIMGVXdFZBVXRpUi15RVJRVWJVOHdYQlVwd3NVbk1EYnM4UENmX3FEdmM3 HTTP 302
  • https://www.google.com/pagead/1p-conversion/10865976765/?random=1141178806&cv=11&fst=1677763812137&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=FfadCJnh_KkDEL3Lpr0o&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0stQm9BWVE1cVQwaG9MQW8td3VFaVVBcVZVdjhWVjJxTnNPb056VU5MTkdMdGxOUkFfT0RxcFQzdmd0Tm0zcGlqeUJKZmJXGlhDaEVJZ0stQm9BWVFuLVR3eEpfLTU5XzdBUkl0QUExSU5WQ2dlTUJhN1VoQ1VIMGVXdFZBVXRpUi15RVJRVWJVOHdYQlVwd3NVbk1EYnM4UENmX3FEdmM3&is_vtc=1&ocp_id=5KQAZPPPCc3VxwLp2ZKIBw&cid=CAQSKQDUE5ymWAOutgnlr-KHkDGBfEWKlKq9QwvAgtrrrUlE1hlcoGK1u0YY&random=1867109627 HTTP 302
  • https://www.google.de/pagead/1p-conversion/10865976765/?random=1141178806&cv=11&fst=1677763812137&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=FfadCJnh_KkDEL3Lpr0o&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0stQm9BWVE1cVQwaG9MQW8td3VFaVVBcVZVdjhWVjJxTnNPb056VU5MTkdMdGxOUkFfT0RxcFQzdmd0Tm0zcGlqeUJKZmJXGlhDaEVJZ0stQm9BWVFuLVR3eEpfLTU5XzdBUkl0QUExSU5WQ2dlTUJhN1VoQ1VIMGVXdFZBVXRpUi15RVJRVWJVOHdYQlVwd3NVbk1EYnM4UENmX3FEdmM3&is_vtc=1&ocp_id=5KQAZPPPCc3VxwLp2ZKIBw&cid=CAQSKQDUE5ymWAOutgnlr-KHkDGBfEWKlKq9QwvAgtrrrUlE1hlcoGK1u0YY&random=1867109627&ipr=y&prhg=0

97 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
cert.html
www.group-ib.com/
Redirect Chain
  • http://cert-gib.com/
  • http://www.group-ib.com/cert.html
  • https://www.group-ib.com/cert.html
7 KB
7 KB
Document
General
Full URL
https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
dfef3b3b725657391e24cf6811a83b43162d15068bc0ce8544e88f06512b9450

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-type
text/html
date
Thu, 02 Mar 2023 13:30:08 GMT

Redirect headers

Content-Length
70
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Mar 2023 13:30:08 GMT
Location
https://www.group-ib.com:/cert.html
bt-autoinject.js
fhp-aws-antibot-back.group-ib.com/d/
348 KB
146 KB
Script
General
Full URL
https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.191.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-191-153.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
5979e1170f6b2c707bf46ad3e998261a4d811ffca0b56200a47fb6f5fa799da8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:09 GMT
content-encoding
gzip
x-envoy-upstream-service-time
1
server
istio-envoy
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
truncated
/
488 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae18a90239622457b4480a7b680302e038c67e8913d4057569c409d1306c4c9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f60874d2e582af8c774cbef1d208f8a02fd770495d769bbb4d2b0c06814ed8af

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
www.group-ib.com/api/fl/
205 B
692 B
XHR
General
Full URL
https://www.group-ib.com/api/fl/idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e31c2148495879e37632753f2b1020cf7ff852f0b06b90dc3005d529bbcf958e

Request headers

Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
x-cfids
-

Response headers

date
Thu, 02 Mar 2023 13:30:09 GMT
content-encoding
gzip
server
istio-envoy
etag
W/"U6nmdhc4lztq+/ZQ5yG+AGl1mB4RTpFQtrFdcKYU5YJcVptVyru0AJFnhiQQWQYZvXn4ixD0SF9JwEhtoQsIkhgdbI2oVDSOGl0PfLXc0twQfa0S0FRNT0POvG5TvaTEfCa7HHz/U0Vz1KpOhiMQ68SK"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache
x-envoy-upstream-service-time
2
fl
www.group-ib.com/api/
665 B
834 B
XHR
General
Full URL
https://www.group-ib.com/api/fl?u=6be38e00-b86b-11ed-b39e-b20c7082bf77&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=U6nmdhc4lztq%2B%2FZQ5yG%2BAGl1mB4RTpFQtrFdcKYU5YJcVptVyru0AJFnhiQQWQYZvXn4ixD0SF9JwEhtoQsIkhgdbI2oVDSOGl0PfLXc0twQfa0S0FRNT0POvG5TvaTEfCa7HHz%2FU0Vz1KpOhiMQ68SK
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Mar 2023 13:30:10 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
fl
www.group-ib.com/api/
665 B
696 B
Ping
General
Full URL
https://www.group-ib.com/api/fl?u=6be38e00-b86b-11ed-b39e-b20c7082bf77&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=schi92KqHLAbZfqp9idJ6TJZPIeY1QLvqLdaYvCnMuX1fg%2F8egUDJ8M2%2B6%2FAIROF8IeJwCqAvXsuRk43sP4yvLfbD163aFmQKSn3GUcXSCd1uuFUCYVK82Te%2B0uofSCzH2D53neZTqGBTJJDW7A7ijL99npJwWhJiCLk
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Mar 2023 13:30:10 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
Primary Request cert.html
www.group-ib.com/
45 KB
11 KB
Document
General
Full URL
https://www.group-ib.com/cert.html
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
77d394a1dd590551f25748c1daceb7b5ebcb49d55ef7ec69dce4c4b33a5b4161
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/ frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/ ALLOW-FROM https://groupib.pathfactory.com/ SAMEORIGIN sameorigin
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://www.group-ib.com/cert.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
https://www.group-ib.com
cache-control
private, max-age=3600
content-encoding
gzip
content-length
10830
content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/ frame-ancestors 'self';
content-type
text/html; charset=UTF-8
date
Thu, 02 Mar 2023 13:30:10 GMT
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(), accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
referrer-policy
no-referrer strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/ ALLOW-FROM https://groupib.pathfactory.com/ SAMEORIGIN sameorigin
x-xss-protection
1; mode=block 1; mode=block
bt-autoinject.js
fhp-aws-antibot-back.group-ib.com/d/
348 KB
146 KB
Script
General
Full URL
https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.191.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-191-153.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
5979e1170f6b2c707bf46ad3e998261a4d811ffca0b56200a47fb6f5fa799da8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:10 GMT
content-encoding
gzip
x-envoy-upstream-service-time
2
server
istio-envoy
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
hubspot-form-0d3ea2cd.css
www.group-ib.com/hubspot-form/
4 KB
4 KB
Stylesheet
General
Full URL
https://www.group-ib.com/hubspot-form/hubspot-form-0d3ea2cd.css
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
66d609b0c975493c48e785524fbb6cfa5d28ea59d8d7e5e12bd4a8c5b8556f67
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
3831
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sun, 22 May 2022 18:42:44 GMT
server
nginx
etag
"628a8424-ef7"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
text/css
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:10 GMT
main_26755_2be51925_563_1764.js
www.group-ib.com/build/
297 KB
298 KB
Script
General
Full URL
https://www.group-ib.com/build/main_26755_2be51925_563_1764.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
844bb56d9d924583139e6f89aa998b215f3a7516cafc5e448c64e8cde29361e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:10 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
304595
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 25 May 2022 09:25:21 GMT
server
nginx
etag
"628df601-4a5d3"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
access-control-allow-origin
https://www.group-ib.com
cache-control
private, max-age=3600
permissions-policy
accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
js
www.googletagmanager.com/gtag/
130 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-392399615
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ee8ee2a6b7105c210abdee26cc08db78c81d6409857639a8f8c084f955cb55f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51373
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Mar 2023 13:30:11 GMT
css2
fonts.googleapis.com/
2 KB
894 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500&display=swap
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1a76ecbcbefc0b357ce381eba61f68a4d2c8c5297ec27ec3380ed03edbe5744
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 Mar 2023 13:30:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 12:10:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Mar 2023 13:30:10 GMT
css2
fonts.googleapis.com/
1 KB
535 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Prata&display=swap
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96c4e58e8a03bbdefeb244e74873ce152349cdb30b308628dd7c3e2d7c7e118a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 Mar 2023 13:30:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 13:30:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Mar 2023 13:30:10 GMT
types-new-38330f89.css
www.group-ib.com/stylesheets/
462 KB
462 KB
Stylesheet
General
Full URL
https://www.group-ib.com/stylesheets/types-new-38330f89.css
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c678f7ebeaf42ae73a6b84255ed78e47baa5f2fa1718892dd24d5064bfe67117
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
472773
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Thu, 06 May 2021 06:58:10 GMT
server
nginx
etag
"60939382-736c5"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
text/css
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:10 GMT
all-508e897e.css
www.group-ib.com/stylesheets/
1 MB
1 MB
Stylesheet
General
Full URL
https://www.group-ib.com/stylesheets/all-508e897e.css
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cbd38f4d44ad316257c6d3179f980798a97688e6ff1df6d94f66cad4b46945a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
1516216
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Mon, 17 Oct 2022 07:53:19 GMT
server
nginx
etag
"634d09ef-1722b8"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
text/css
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:10 GMT
jquery-96f076a3.js
www.group-ib.com/javascripts/
85 KB
85 KB
Script
General
Full URL
https://www.group-ib.com/javascripts/jquery-96f076a3.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fe9a7ca1e475140e6b37fbc86a5efcd3251be4348137aa07231bd91ee8678b7c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:10 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
87307
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Thu, 18 Mar 2021 09:02:08 GMT
server
nginx
etag
"60531710-1550b"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
application/javascript
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:10 GMT
all-2bd8fcd3.js
www.group-ib.com/javascripts/
199 KB
199 KB
Script
General
Full URL
https://www.group-ib.com/javascripts/all-2bd8fcd3.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3cbdeb53c566f58fa2298177c12defc90c733843c50e2fd4147d9597d33a1e34
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:11 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
203894
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 04 Aug 2021 14:28:19 GMT
server
nginx
etag
"610aa403-31c76"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
application/javascript
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:11 GMT
first@2x.png
www.group-ib.com/images/cert-partners/
5 KB
6 KB
Image
General
Full URL
https://www.group-ib.com/images/cert-partners/first@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0430dd3b974561238dac03eb963a67da014965080c3d2de38d5b7aa318f3053e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:11 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
5432
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-1538"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:11 GMT
ti@2x.png
www.group-ib.com/images/cert-partners/
5 KB
5 KB
Image
General
Full URL
https://www.group-ib.com/images/cert-partners/ti@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cba8dab9146aa4c7695c71ec3c6dd57b5e7c3c26cf53709866aa9ca7da1de491
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:11 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
5019
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-139b"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:11 GMT
impact@2x.png
www.group-ib.com/images/cert-partners/
4 KB
4 KB
Image
General
Full URL
https://www.group-ib.com/images/cert-partners/impact@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3dd4b088ab105f30c06ccea664b41ad4d8308bca0d79497bfd795113e7d616c6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:11 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
3867
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-f1b"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:11 GMT
oic@2x.png
www.group-ib.com/images/cert-partners/
12 KB
12 KB
Image
General
Full URL
https://www.group-ib.com/images/cert-partners/oic@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7b12bc0e3c26c7489b7b00b5eac170133e840e004baac496b88c23db28353ad4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:11 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
12648
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-3168"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:11 GMT
azb-w@2x.png
www.group-ib.com/images/cert-partners/
18 KB
18 KB
Image
General
Full URL
https://www.group-ib.com/images/cert-partners/azb-w@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
206d8cf5d1a0149c666651755b0f7b0b62a50882d61a5d18eaddc7317bb92a53
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:11 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
18668
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-48ec"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:11 GMT
onc@2x.png
www.group-ib.com/images/cert-partners/
39 KB
39 KB
Image
General
Full URL
https://www.group-ib.com/images/cert-partners/onc@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e879f79cf3432a5c0e30fe7ff7bbbccf97fb8adf675ea88a3349f22936b73a9d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:11 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
40133
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-9cc5"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:11 GMT
apwg@2x.png
www.group-ib.com/images/cert-partners/
11 KB
11 KB
Image
General
Full URL
https://www.group-ib.com/images/cert-partners/apwg@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
141397708f146e91f2a8137f1897e36d558af1c3c2e552c6aeda5f5d0a7448b0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:11 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
11163
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-2b9b"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:11 GMT
award-2021_gold.png
www.group-ib.com/images/certificates/
11 KB
11 KB
Image
General
Full URL
https://www.group-ib.com/images/certificates/award-2021_gold.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
74a02ff107402492b9e19e4c7c550a9db662bfcb3a8bebc372d4ac8fb0a90fff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:11 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
10858
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 12 May 2021 18:13:10 GMT
server
nginx
etag
"609c1ab6-2a6a"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:11 GMT
v2.js
js-eu1.hsforms.net/forms/
509 KB
159 KB
Script
General
Full URL
https://js-eu1.hsforms.net/forms/v2.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0123eded788d31af982c69073accde95512f79937578813e722c1bf4abbed27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-encoding
br
age
57
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2759/bundles/project-v2.js&cfRay=7a19fcc69e773677-FRA, 7a19fcc69e773677-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"869bc78fe9fd236cb063fe2745027fbe"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.2759/bundles/project-v2.js
date
Thu, 02 Mar 2023 13:30:11 GMT
x-amz-version-id
fHf4ZmN_s8uqGdt86M.bqjroQdn5TwKN
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
2b92131e-6e42-48e9-8f79-456178d5261c
last-modified
Wed, 01 Mar 2023 12:15:21 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzAIGGNS5TTY0LHAqWJmufXZZev8zI7vjUCZlox4gBvjLfaFp4lLYpwEGyPj61qgbQ4Uv39TuKXtGOHXn99I7JNHoBvZ1mSYeINMjtFmE%2BEVSQ7ZOVSrIMEtr2Z%2FpcdWrPjJyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-7cb8fdd96d-6m77k
cf-ray
7a19fe2abf0e3625-FRA
x-amz-cf-id
NxKr8Fys85aBcpW3EFAzutuPvTcWmyoG_XOGwwKE9aNFODlFabasdA==
truncated
/
491 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db2159b8171386f6118d208aa28781d078dbba4a9e918e8fb0178e9ea7853629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54312170e3dc88acab6b48a1262be650d760d4e3509d1f2d7cc69ac8acf75ec8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
www.group-ib.com/api/fl/
217 B
700 B
XHR
General
Full URL
https://www.group-ib.com/api/fl/idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
1469e452ab1d117413807176eb66fef473ec98c63d7c5f11f7701d07d5438ebf

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
0GLju1usondrcyWK1Uh8jIwpVVKcDoysnV9paOKJ2pQKbgMINmxo6ARfU5jUpmb8t6ZxAsoKLsb4jjfmZFEbXpilCH/7LmDFCaEMWFYeYFCyU13649IE949xUbHPoHD6pxMmnmvVFcCS0MAqBBF9Xlk4gC0+yVG99T+DfB5db7RzjW0bzyF4oAYYG7pXWX2UakHduzLO4NDln4tD2fWOk1ZySEVlEiGlCTFHolUkngVeOmd0iA4qfWavGbbP1g==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
hAQN81c40b31e87c45b56ab483447ba25cec8a59
x-cfids
schi92KqHLAbZfqp9idJ6TJZPIeY1QLvqLdaYvCnMuX1fg/8egUDJ8M2+6/AIROF8IeJwCqAvXsuRk43sP4yvLfbD163aFmQKSn3GUcXSCd1uuFUCYVK82Te+0uofSCzH2D53neZTqGBTJJDW7A7ijL99npJwWhJiCLk

Response headers

date
Thu, 02 Mar 2023 13:30:10 GMT
content-encoding
gzip
server
istio-envoy
etag
W/"pLJPUeVNosknk/qQ1VDrmqgSK8i27OD2yuE2vQVd73N5xAckVac0e4zp3+TKdYm9opY+QE4ZhBJrwhOZSXctYPHY6YAkfUUe6PBOWXR+LlIcpAujKE4EcFDuxx98R6g13tUcu9wbIrIGuIpSAGQ/Atj9Hl48t4g8kT/X"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache
x-envoy-upstream-service-time
0
gtm.js
www.googletagmanager.com/
261 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23bdee2f5a108811f9bcf18c3dfe32e60d77a5c76851d2aa8c73a14f4f2411cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86477
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Mar 2023 13:30:11 GMT
sdk.js
www.group-ib.com/javascripts/
3 KB
3 KB
Script
General
Full URL
https://www.group-ib.com/javascripts/sdk.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
28aabea3885481e4a5fe0c4031bbea2e9ab1d4cca1adeac5ccde868d49ec0019
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:11 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
3093
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 01 Mar 2023 22:10:01 GMT
server
nginx
etag
"63ffcd39-c15"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
application/javascript
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:11 GMT
icons.svg
www.group-ib.com/images/
440 KB
440 KB
Other
General
Full URL
https://www.group-ib.com/images/icons.svg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a138c249b501af8ef53ac907a5cc8f9ba7a7a75b35d7c4cd4951eda4c4aa6e54
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:11 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
450279
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Mon, 06 Feb 2023 09:02:09 GMT
server
nginx
etag
"63e0c211-6dee7"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/svg+xml
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:11 GMT
truncated
/
121 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ee338bd03594461a939b661840e43fec02d7345e19e3ad12509c06ba37ad355

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
logo-new.svg
www.group-ib.com/images/
2 KB
2 KB
Image
General
Full URL
https://www.group-ib.com/images/logo-new.svg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/stylesheets/all-508e897e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
74711bb799e7d4712bcdc9fdf42f5acb835448d1ec23936a1d46a087e192e378
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/stylesheets/all-508e897e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:11 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
2432
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Thu, 02 Dec 2021 07:15:15 GMT
server
nginx
etag
"61a87283-980"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/svg+xml
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:11 GMT
truncated
/
75 KB
75 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
077dad3be3a10854dc97527ce83bbf6422309d807f6e4b3492de78005d786cdc

Request headers

Referer
Origin
https://www.group-ib.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/
75 KB
75 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
163907259fa19c5b768aea83f82db575b01aad0fd5fbf9ac448d3db383229547

Request headers

Referer
Origin
https://www.group-ib.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/
487 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7241c9be158561a06dec27b1546746edb4cdfad13b49b22a59906f3b223721a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22f34f75d7f159a8ce4360c04415313ed42074684d46983713e3a015f8771927

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
main-cover67.jpg
www.group-ib.com/images/covers/
58 KB
58 KB
Image
General
Full URL
https://www.group-ib.com/images/covers/main-cover67.jpg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/stylesheets/all-508e897e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
48dcfb6f699f2b4601e387a2c338ecd86589342e957bdc153650df90f3c175a9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/stylesheets/all-508e897e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:11 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
59118
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:53 GMT
server
nginx
etag
"6051a12d-e6ee"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/jpeg
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:11 GMT
truncated
/
75 KB
75 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b3ecc577e9722ca0bb5fd08ce6e5b800b114001af146f2a03865ab2859e9eb1

Request headers

Referer
Origin
https://www.group-ib.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
application/font-woff
idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
www.group-ib.com/api/fl/
217 B
719 B
XHR
General
Full URL
https://www.group-ib.com/api/fl/idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
9952fe5c50e3a31a36b54a8444c45b4c54081ee133d1b19229f0996840c82a3f

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
0GLju1usondrcyWK1Uh8jIwpVVKcDoysnV9paOKJ2pQKbgMINmxo6ARfU5jUpmb8t6ZxAsoKLsb4jjfmZFEbXpilCH/7LmDFCaEMWFYeYFCyU13649IE949xUbHPoHD6pxMmnmvVFcCS0MAqBBF9Xlk4gC0+yVG99T+DfB5db7RzjW0bzyF4oAYYG7pXWX2UakHduzLO4NDln4tD2fWOk1ZySEVlEiGlCTFHolUkngVeOmd0iA4qfWavGbbP1g==, 0GLju1usondrcyWK1Uh8jIwpVVKcDoysnV9paOKJ2pQKbgMINmxo6ARfU5jUpmb8t6ZxAsoKLsb4jjfmZFEbXpilCH/7LmDFCaEMWFYeYFCyU13649IE949xUbHPoHD6pxMmnmvVFcCS0MAqBBF9Xlk4gC0+yVG99T+DfB5db7RzjW0bzyF4oAYYG7pXWX2UakHduzLO4NDln4tD2fWOk1ZySEVlEiGlCTFHolUkngVeOmd0iA4qfWavGbbP1g==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
s83v9f39e3e8c48af8f0fbf4e02a0b3450ac5192, C19rb0dafe327f8e27a5f24bbfdf8bfc479645cb
x-cfids
pLJPUeVNosknk/qQ1VDrmqgSK8i27OD2yuE2vQVd73N5xAckVac0e4zp3+TKdYm9opY+QE4ZhBJrwhOZSXctYPHY6YAkfUUe6PBOWXR+LlIcpAujKE4EcFDuxx98R6g13tUcu9wbIrIGuIpSAGQ/Atj9Hl48t4g8kT/X

Response headers

date
Thu, 02 Mar 2023 13:30:11 GMT
content-encoding
gzip
server
istio-envoy
etag
W/"uXceJL8jXHnLoPs52oF2mn/K37OFKJr0D61zFqOgp9a2KVVAlfUPKwNqJz5NqN2yS4uPcwqYUfPX9oB/KnkrMwoFS1owde8OLveiGqqZCS3bzY1VB+ooxSr9WItaeWxUEyUBVO8sh5nV2qRY33HKJZkkDtrBqImIaD2d"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache
x-envoy-upstream-service-time
3
idgib-w-group-ib
www.group-ib.com/api/fl/
0
18 B
XHR
General
Full URL
https://www.group-ib.com/api/fl/idgib-w-group-ib
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
0GLju1usondrcyWK1Uh8jIwpVVKcDoysnV9paOKJ2pQKbgMINmxo6ARfU5jUpmb8t6ZxAsoKLsb4jjfmZFEbXpilCH/7LmDFCaEMWFYeYFCyU13649IE949xUbHPoHD6pxMmnmvVFcCS0MAqBBF9Xlk4gC0+yVG99T+DfB5db7RzjW0bzyF4oAYYG7pXWX2UakHduzLO4NDln4tD2fWOk1ZySEVlEiGlCTFHolUkngVeOmd0iA4qfWavGbbP1g==, 0GLju1usondrcyWK1Uh8jIwpVVKcDoysnV9paOKJ2pQKbgMINmxo6ARfU5jUpmb8t6ZxAsoKLsb4jjfmZFEbXpilCH/7LmDFCaEMWFYeYFCyU13649IE949xUbHPoHD6pxMmnmvVFcCS0MAqBBF9Xlk4gC0+yVG99T+DfB5db7RzjW0bzyF4oAYYG7pXWX2UakHduzLO4NDln4tD2fWOk1ZySEVlEiGlCTFHolUkngVeOmd0iA4qfWavGbbP1g==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
sKDl6e8b0c90d1b1c2e2dbf7d76ee9977d615e95, bVsy33118d412f771e8fc03e81bb8e1319660515
x-cfids
-

Response headers

date
Thu, 02 Mar 2023 13:30:11 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
content-length
0
sdk.js
connect.facebook.net/ru_RU/
302 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=118d9dcb5e21ba0d88956e18eb06fc69&ua=modern_es6
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/javascripts/all-2bd8fcd3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7061e8c6ca7c7b9eb635d5bc9154ade9f524ed694c9b4834f3404b2af189c610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.group-ib.com/
Origin
https://www.group-ib.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Mar 2023 13:30:11 GMT
content-md5
Bw3o7i0N0y8HGR91HbZy9w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87309
x-fb-rlafr
0
x-fb-debug
irBk/0vLyQPICd2nvONQIPTdVjKBIoCa7UEn8wyHwP9sC/D/aDxgcDOeoeQypACAir2Jc0fthnGv+gNODai0cw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
x-fb-content-md5
cd356d1520e034e0f361b4dfe5b72e6a
cross-origin-opener-policy
same-origin-allow-popups
etag
"7235fa370c560a64ee596ad1807c65a8"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 01 Mar 2024 09:35:21 GMT
forms2.min.js
app-lon09.marketo.com/js/forms2/js/
208 KB
69 KB
Script
General
Full URL
https://app-lon09.marketo.com/js/forms2/js/forms2.min.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/javascripts/all-2bd8fcd3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.92.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63113904
last-modified
Thu, 12 Jan 2023 20:56:20 GMT
server
cloudflare
cf-cache-status
HIT
age
2274
etag
"d20ea5-33e51-5f217594de500"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
7a19fe2eafaa30f4-FRA
expires
Thu, 02 Mar 2023 17:30:11 GMT
cert-video.mp4
www.group-ib.com/video/
6 MB
6 MB
Media
General
Full URL
https://www.group-ib.com/video/cert-video.mp4
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2182c7c52d0d00a3867cd805e699903609504621a5088a51c9cdd07ad5a53197
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.group-ib.com/cert.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range
bytes=0-

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:11 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
Content-Range
bytes 0-6019493/6019494
Content-Length
6019494
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:56 GMT
server
nginx
etag
"6051a130-5bd9a6"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
video/mp4
access-control-allow-origin
https://www.group-ib.com
cache-control
private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/392399615/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/392399615/?random=1677763811504&cv=11&fst=1677763811504&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-392399615
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
430f521406ecf205965fcced5f471b20aee9e7afc086c835df774a10666302cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
130 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-863262324&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-392399615
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77946d2e0c9dc05598fd43c854c357709def17f2eb08a80b38f2368b608c2e07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51444
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Mar 2023 13:30:11 GMT
json
forms-eu1.hsforms.com/embed/v3/form/25755956/55a22738-d5a5-43f9-9c1c-fa4c1a6eb349/
68 KB
26 KB
XHR
General
Full URL
https://forms-eu1.hsforms.com/embed/v3/form/25755956/55a22738-d5a5-43f9-9c1c-fa4c1a6eb349/json?hs_static_app=forms-embed&hs_static_app_version=1.2759&X-HubSpot-Static-App-Info=forms-embed-1.2759
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949f51955b17f22d4d90d2a0406e7f7aed0d2242f8ea51b981f8029d0005146a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.group-ib.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

X-Origin-Hublet
eu1
Date
Thu, 02 Mar 2023 13:30:12 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
br
CF-Cache-Status
DYNAMIC
X-HubSpot-Correlation-Id
fe8bcf64-d9f0-43eb-999c-adf543051b45
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server
cloudflare
X-Trace
2BF1AAAB63843655B2DBE5758CDBE21B15BB05115C000000000000000000
Vary
origin
Access-Control-Allow-Methods
OPTIONS, GET
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.group-ib.com
Access-Control-Expose-Headers
X-Origin-Hublet
Access-Control-Max-Age
180
Access-Control-Allow-Credentials
false
Cache-Control
max-age=0, no-cache, no-store
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
7a19fe3139d19220-FRA
truncated
/
412 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dfb83a15a1a69fb2c6355797651535983e30f2ebee4666b987b217780a18f61

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f76fca582f32f2da3a5f6c1fbfd29f75a599227fc58c9a3acde24fd25550246

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98798d0e87b53006f4a5e5225a1c3f968075937b75aa0d7cca0506bda9063e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
756fc1c26e7451568fba7f9b0e1365c1d3f3585d911c49020ee0678564da7d06

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
6si.min.js
j.6sc.co/
33 KB
10 KB
Script
General
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-140-70.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
beeb705b69f299ad7567ae7ba292ae685556a7082531220a088a0d3b3307c410
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 Feb 2023 18:18:39 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63e538ff-820b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, proxy-revalidate
accept-ranges
bytes
content-length
10438
expires
Thu, 02 Mar 2023 13:30:11 GMT
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:11 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230133-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/
13 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=15949
accept-ranges
bytes
content-length
4777
fbevents.js
connect.facebook.net/en_US/
106 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 02 Mar 2023 13:30:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
S/wkZki2g0xSilpI+vc/kgNc2MwDnnGCw17PXJS/zK5FPKydR3WlQJxdXV8TW3zhKWUwX+Tk2BF1oMAuqoCvDA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
NeverBounce.js
cdn.neverbounce.com/widget/dist/
96 KB
29 KB
Script
General
Full URL
https://cdn.neverbounce.com/widget/dist/NeverBounce.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-38.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 03:09:52 GMT
content-encoding
gzip
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
last-modified
Mon, 02 Mar 2020 18:37:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
37220
etag
W/"c1e06621030dfcba15b88abbcaa546eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
LOe0YwvDeXjMWyvH6qQhmgN_2K1Kwq2ebdymPGspMPaAMxzE025o-A==
63e267f61a03d71ea3df5fe7
ws.zoominfo.com/pixel/
2 KB
2 KB
Script
General
Full URL
https://ws.zoominfo.com/pixel/63e267f61a03d71ea3df5fe7
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3c493c0e0e1465b5defe03de82e9f666563a56560c341cdc6e69f5f1336cf34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7a19fe2ee9829028-FRA
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/
248 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QMES53K3Y2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fd357cc2e7bb468b19a1078aa15a4c4e1fa4a2e5bf824d4074396b9ae5c5e418
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85161
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 02 Mar 2023 13:30:11 GMT
fl
www.group-ib.com/api/
45 B
138 B
XHR
General
Full URL
https://www.group-ib.com/api/fl?u=d5fb122505&mv=2&cfidsgib-w-group-ib=
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e51d180997efe01b05d525240cff9025620bf4cc3b34487c6890742a2b1ed7d4

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
0GLju1usondrcyWK1Uh8jIwpVVKcDoysnV9paOKJ2pQKbgMINmxo6ARfU5jUpmb8t6ZxAsoKLsb4jjfmZFEbXpilCH/7LmDFCaEMWFYeYFCyU13649IE949xUbHPoHD6pxMmnmvVFcCS0MAqBBF9Xlk4gC0+yVG99T+DfB5db7RzjW0bzyF4oAYYG7pXWX2UakHduzLO4NDln4tD2fWOk1ZySEVlEiGlCTFHolUkngVeOmd0iA4qfWavGbbP1g==, 0GLju1usondrcyWK1Uh8jIwpVVKcDoysnV9paOKJ2pQKbgMINmxo6ARfU5jUpmb8t6ZxAsoKLsb4jjfmZFEbXpilCH/7LmDFCaEMWFYeYFCyU13649IE949xUbHPoHD6pxMmnmvVFcCS0MAqBBF9Xlk4gC0+yVG99T+DfB5db7RzjW0bzyF4oAYYG7pXWX2UakHduzLO4NDln4tD2fWOk1ZySEVlEiGlCTFHolUkngVeOmd0iA4qfWavGbbP1g==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
nFcPf566be344d41acf65c37c6f21cd6b9a52dce, kVSb6863929676732fcdeb078e045ae1b80ddf48
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Mar 2023 13:30:11 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
admin-ajax.php
www.group-ib.com/media/wp-admin/
796 B
381 B
XHR
General
Full URL
https://www.group-ib.com/media/wp-admin/admin-ajax.php?action=mediaforcert
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f861bad7e2c91ffabeed5b2eceeb943001ebe1c4ff4fa131a2b574e1a6c34b1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
0GLju1usondrcyWK1Uh8jIwpVVKcDoysnV9paOKJ2pQKbgMINmxo6ARfU5jUpmb8t6ZxAsoKLsb4jjfmZFEbXpilCH/7LmDFCaEMWFYeYFCyU13649IE949xUbHPoHD6pxMmnmvVFcCS0MAqBBF9Xlk4gC0+yVG99T+DfB5db7RzjW0bzyF4oAYYG7pXWX2UakHduzLO4NDln4tD2fWOk1ZySEVlEiGlCTFHolUkngVeOmd0iA4qfWavGbbP1g==, 0GLju1usondrcyWK1Uh8jIwpVVKcDoysnV9paOKJ2pQKbgMINmxo6ARfU5jUpmb8t6ZxAsoKLsb4jjfmZFEbXpilCH/7LmDFCaEMWFYeYFCyU13649IE949xUbHPoHD6pxMmnmvVFcCS0MAqBBF9Xlk4gC0+yVG99T+DfB5db7RzjW0bzyF4oAYYG7pXWX2UakHduzLO4NDln4tD2fWOk1ZySEVlEiGlCTFHolUkngVeOmd0iA4qfWavGbbP1g==
Referer
https://www.group-ib.com/cert.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
UXH56a472b09ea3cb890c27aa2c0ab1a597023f0, 012M9ee5b57f6edb2b42cc356886fab511f3f7cd

Response headers

date
Thu, 02 Mar 2023 13:30:11 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-content-type-options
nosniff
x-frame-options
sameorigin
content-type
text/html
access-control-allow-origin
https://www.group-ib.com
permissions-policy
accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
content-length
334
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Mar 2023 12:14:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4521
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 02 Mar 2023 14:14:50 GMT
id.html
ru.id.group-ib.com/ Frame 82B1
524 B
1 KB
Document
General
Full URL
https://ru.id.group-ib.com/id.html
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/build/main_26755_2be51925_563_1764.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.17.9.183 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
721c3b992942c1a26e693c8eabd0242d4b26c1a55d6a1cfdf3a7a8f14ae6c1cc

Request headers

Referer
https://www.group-ib.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Mar 2023 13:30:12 GMT
Server
nginx
Transfer-Encoding
chunked
cache-control
no-cache
content-encoding
gzip
etag
W/"579RNuCrnVf0RCW7XUFxpAcNozdYKIGXIgXHFPgITJqea24vAMzzfTC2ADT5lV1Y3hDDPwTqVttVvx4pB1UO82BK3fMMfuxUpnYvB5Y83w-5tkbvJa5L1CFQjB+9"
vary
Accept-Encoding
x-envoy-upstream-service-time
1
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/863262324/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863262324/?random=1677763811762&cv=11&fst=1677763811762&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-863262324&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ded55cbf9d02c49eb0d17a6b7bac0b8285445c1a54a2d7f8f292ace570defc8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/863262324/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/863262324/?random=1677763811788&cv=11&fst=1677763811788&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=NAwCCJTDvd8CEPSs0ZsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-863262324&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
aae7ad9457e2dd2c98a7865cdafb37b38e36ee435fb273ab067e70df891e8d7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1568
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/392399615/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/392399615/?random=1677763811504&cv=11&fst=1677762000000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=520209424&rmt_tld=0&ipr=y
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/392399615/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/392399615/?random=1677763811504&cv=11&fst=1677762000000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=520209424&rmt_tld=1&ipr=y
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
649324202964935
connect.facebook.net/signals/config/
380 KB
108 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/649324202964935?v=2.9.97&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5c383c66beae35484e29311a9e17e2be6dc409c6fcf365e5cf9b11df2e6fe336
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 02 Mar 2023 13:30:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110789
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
0EkLTH4cNWVDt6Rtp5RV57w+ZX72lsmUM0szUcEKdeLA3WwDWZHeF/SV4KFicFeTXKwADmUhv26wy8AH4Ac0gQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
destination
www.googletagmanager.com/gtag/
192 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10865976765&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMES53K3Y2&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf7d55489b695be4668942c917f903214288c46c3af6b59f6adee681626ed9bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70284
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Mar 2023 13:30:12 GMT
collect
region1.analytics.google.com/g/
0
255 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-QMES53K3Y2&gtm=45je32r0&_p=1787478158&_gaz=1&cid=1287132248.1677763812&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677763811&sct=1&seg=0&dl=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&dr=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&dt=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
255 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QMES53K3Y2&cid=1287132248.1677763812&gtm=45je32r0&aip=1
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QMES53K3Y2&cid=1287132248.1677763812&gtm=45je32r0&aip=1&z=852483369
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fl
www.group-ib.com/api/
665 B
779 B
XHR
General
Full URL
https://www.group-ib.com/api/fl?u=6be38e00-b86b-11ed-b39e-b20c7082bf77&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=pLJPUeVNosknk%2FqQ1VDrmqgSK8i27OD2yuE2vQVd73N5xAckVac0e4zp3%2BTKdYm9opY%2BQE4ZhBJrwhOZSXctYPHY6YAkfUUe6PBOWXR%2BLlIcpAujKE4EcFDuxx98R6g13tUcu9wbIrIGuIpSAGQ%2FAtj9Hl48t4g8kT%2FX
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
1c1f84999ca1b5630dd3773613004cf8cb9832bf030595dc4f42bf343a0581c4

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
0GLju1usondrcyWK1Uh8jIwpVVKcDoysnV9paOKJ2pQKbgMINmxo6ARfU5jUpmb8t6ZxAsoKLsb4jjfmZFEbXpilCH/7LmDFCaEMWFYeYFCyU13649IE949xUbHPoHD6pxMmnmvVFcCS0MAqBBF9Xlk4gC0+yVG99T+DfB5db7RzjW0bzyF4oAYYG7pXWX2UakHduzLO4NDln4tD2fWOk1ZySEVlEiGlCTFHolUkngVeOmd0iA4qfWavGbbP1g==, 0GLju1usondrcyWK1Uh8jIwpVVKcDoysnV9paOKJ2pQKbgMINmxo6ARfU5jUpmb8t6ZxAsoKLsb4jjfmZFEbXpilCH/7LmDFCaEMWFYeYFCyU13649IE949xUbHPoHD6pxMmnmvVFcCS0MAqBBF9Xlk4gC0+yVG99T+DfB5db7RzjW0bzyF4oAYYG7pXWX2UakHduzLO4NDln4tD2fWOk1ZySEVlEiGlCTFHolUkngVeOmd0iA4qfWavGbbP1g==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
sif4b2a938011db32e752e32c175b52e4f0c4f3b, 6cTQfff362e75b45daa79865e81f3e0153b52437
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Mar 2023 13:30:12 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
adsct
t.co/i/
43 B
376 B
Image
General
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=c4f1a3ce-99fc-4dd5-983a-a3d22f835e5c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=75bc4220-96dd-421e-acfd-df8e085248e1&tw_document_href=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6fwj&type=javascript&version=2.3.29
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time
115
date
Thu, 02 Mar 2023 13:30:11 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
c1c74eb11ba00ed4
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
2a5b3b0f247d50bacaa3ee90c9ba214df6fd51ff00be05305f3e19405c507383
content-length
43
adsct
analytics.twitter.com/i/
43 B
395 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=c4f1a3ce-99fc-4dd5-983a-a3d22f835e5c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=75bc4220-96dd-421e-acfd-df8e085248e1&tw_document_href=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6fwj&type=javascript&version=2.3.29
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time
106
date
Thu, 02 Mar 2023 13:30:11 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
9d4b6c9064516de9
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
99ea275dd2f8dd926519ee04a9aca91551874f62f905208a25ebab7bd9f63699
content-length
43
getuidj
secure.adnxs.com/
11 B
822 B
XHR
General
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 13:30:12 GMT
AN-X-Request-Uuid
c5e11074-d3e6-4a5f-9ee1-b9a371c4ca5d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.group-ib.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.138; 178.162.209.138; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/
7 B
203 B
XHR
General
Full URL
https://c.6sc.co/
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-140-70.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:12 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://www.group-ib.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/
24 B
319 B
XHR
General
Full URL
https://ipv6.6sc.co/
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:39e::1c91 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d6b766a86ee59cc94e61ba039af69a6adf0dc75e9eaa15522072d970f5090fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2a00:c98:2050:a007:2::10
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466045_1600460636_1563835505_12_695_16_0";dur=1
content-length
24
expires
Thu, 02 Mar 2023 13:30:12 GMT
collect
stats.g.doubleclick.net/j/
4 B
151 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25492706-2&cid=1287132248.1677763812&jid=1731881237&gjid=631454655&_gid=360363956.1677763812&_u=YCDAgEABAAAAAEAEK~&z=892173807
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 02 Mar 2023 13:30:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1787478158&t=pageview&_s=1&dl=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ul=en-us&de=UTF-8&dt=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAEK~&jid=1731881237&gjid=631454655&cid=1287132248.1677763812&tid=UA-25492706-2&_gid=360363956.1677763812&gtm=45He32r0n71PW7265&cg1=COM%3A%20CERT&cd1=1287132248.1677763812&z=324030697
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 02:17:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40339
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=649324202964935&ev=PageView&dl=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&rl=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&if=false&ts=1677763812101&sw=1600&sh=1200&v=2.9.97&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677763812100.1781688689&it=1677763811810&coo=false&rqm=GET
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 02 Mar 2023 13:30:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
counters.gif
forms.hsforms.com/embed/v3/
35 B
667 B
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 13:30:12 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
DYNAMIC
X-HubSpot-Correlation-Id
cbb4228d-bb79-4165-abab-2132af14b94f
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
35
Server
cloudflare
X-Trace
2BBAC6C1C8FD537EAA4344E2847FCDDAFCD3A81BAF000000000000000000
Vary
origin
Content-Type
image/gif
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7a19fe320f682c7a-FRA
token
cdn.linkedin.oribi.io/partner/4496601/domain/group-ib.com/
36 B
377 B
XHR
General
Full URL
https://cdn.linkedin.oribi.io/partner/4496601/domain/group-ib.com/token
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.group-ib.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 12:07:24 GMT
content-encoding
gzip
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
4968
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=15857
x-amz-cf-id
EGEINtEVZJkGgPGYCclopDqrcOUbQBBmw1mihxvnSjeA5dNUFqoHiw==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1677763812124&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4496601%26time%3D1677763812124%26url%3Dhttps%253A%252F%252Fwww.group-ib.com%252Fc...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1677763812124&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1677763812124&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2&liSync=true&e_ipv6=AQLT53wRG0HTowAAAYaihB0Um-0b0Za9rKfaio6l9Uj...
0
266 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1677763812124&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2&liSync=true&e_ipv6=AQLT53wRG0HTowAAAYaihB0Um-0b0Za9rKfaio6l9UjWo2nHEeR0Lm-9p25ddQewRwY1eqqkhFlxeQ
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:11 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: BE65BFAB1EE64FA89C66D2AE62BDE0C3 Ref B: FRAEDGE1211 Ref C: 2023-03-02T13:30:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX16tQU/zwW77brcfA+fg==

Redirect headers

date
Thu, 02 Mar 2023 13:30:12 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 03E5777FFF794C48B60974E9A33AD5A4 Ref B: FRAEDGE1513 Ref C: 2023-03-02T13:30:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1677763812124&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2&liSync=true&e_ipv6=AQLT53wRG0HTowAAAYaihB0Um-0b0Za9rKfaio6l9UjWo2nHEeR0Lm-9p25ddQewRwY1eqqkhFlxeQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAX16tQRd3kwPr31jGNMtQ==
/
www.googleadservices.com/pagead/conversion/10865976765/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/10865976765/?random=1677763812137&cv=11&fst=1677763812137&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=FfadCJnh_KkDEL3Lpr0o&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10865976765&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9f30bdf3c00a3a36b912f932d4e3da2adca1c152627ba89664adb5a36b76def1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1570
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25492706-2&cid=1287132248.1677763812&jid=1731881237&_u=YCDAgEABAAAAAEAEK~&z=1333218495
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25492706-2&cid=1287132248.1677763812&jid=1731881237&_u=YCDAgEABAAAAAEAEK~&z=1333218495
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
arrow_white-right.png
www.group-ib.com/images/arrows/
1 KB
1 KB
Image
General
Full URL
https://www.group-ib.com/images/arrows/arrow_white-right.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/stylesheets/all-508e897e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
96a6001a342e4c3f87e5bf80a35541f4967c0a2d94eb185d030a752d5b05f645
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/stylesheets/all-508e897e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Thu, 02 Mar 2023 13:30:12 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
1113
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-459"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Thu, 09 Mar 2023 13:30:12 GMT
/
www.google.com/pagead/1p-user-list/863262324/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/863262324/?random=1677763811762&cv=11&fst=1677762000000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3258746510&rmt_tld=0&ipr=y
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/863262324/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/863262324/?random=1677763811762&cv=11&fst=1677762000000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3258746510&rmt_tld=1&ipr=y
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
494 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=e84d9c08a990af8592952e7ac9a983ad&svisitor=null&visitor=4a9488d7-1534-4a06-83fc-58ea034b5346&session=3d0b1df5-5ccb-416e-8c19-d72f25df2956&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2002%20Mar%202023%2013%3A30%3A12%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Mar%202023%2013%3A30%3A12%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22e84d9c08a990af8592952e7ac9a983ad%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Mar%202023%2013%3A30%3A12%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Mar%202023%2013%3A30%3A12%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Group-IB%20provides%20professional%20assistance%20in%20response%20to%20DDoS%20attacks%2C%20unsanctioned%20access%2C%20phishing%2C%20infection%20by%20malware%20and%20etc.%20Inform%20us%20about%20the%20incident%20and%20we%20will%20help%20you.%22%2C%22keywords%22%3A%22response%2C%20center%2C%20incident%2C%20cert%2C%20computer%2C%20emergency%2C%20SOC%2C%20team%2C%20DDoS%2C%20phishing%2C%20malware%2C%20fraud%2C%20online%22%2C%22title%22%3A%22Response%20to%20information%20security%20incidents%20-%20CERT-GIB%22%7D&cb=&r=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&pageViewId=50c81624-6b1f-4cfa-8e55-678d1bcb6eee&an_uid=0
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-140-70.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:12 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f02dad-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
493 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=e84d9c08a990af8592952e7ac9a983ad&svisitor=null&visitor=4a9488d7-1534-4a06-83fc-58ea034b5346&session=3d0b1df5-5ccb-416e-8c19-d72f25df2956&event=ipv6&q=%7B%22address%22%3A%222a00%3Ac98%3A2050%3Aa007%3A2%3A%3A10%22%7D&isIframe=false&m=%7B%22description%22%3A%22Group-IB%20provides%20professional%20assistance%20in%20response%20to%20DDoS%20attacks%2C%20unsanctioned%20access%2C%20phishing%2C%20infection%20by%20malware%20and%20etc.%20Inform%20us%20about%20the%20incident%20and%20we%20will%20help%20you.%22%2C%22keywords%22%3A%22response%2C%20center%2C%20incident%2C%20cert%2C%20computer%2C%20emergency%2C%20SOC%2C%20team%2C%20DDoS%2C%20phishing%2C%20malware%2C%20fraud%2C%20online%22%2C%22title%22%3A%22Response%20to%20information%20security%20incidents%20-%20CERT-GIB%22%7D&cb=&r=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&pageViewId=50c81624-6b1f-4cfa-8e55-678d1bcb6eee&an_uid=0
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-140-70.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:12 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"615ccf10-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
counters.gif
forms-eu1.hsforms.com/embed/v3/
35 B
667 B
Image
General
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 13:30:12 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
DYNAMIC
X-HubSpot-Correlation-Id
10ca0c82-3835-47eb-9c98-232b42b05a8a
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
35
Server
cloudflare
X-Trace
2B3936C680346E8BDAEB51B50CFB335D30577EB666000000000000000000
Vary
origin
Content-Type
image/gif
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7a19fe34b82d39e6-FRA
/
www.google.de/pagead/1p-conversion/863262324/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863262324/?random=1238645576&cv=11&fst=1677763811788&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=NAwCCJTDvd8CEPSs...
  • https://www.google.com/pagead/1p-conversion/863262324/?random=1238645576&cv=11&fst=1677763811788&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=NAwCCJTDvd8CEPSs0ZsD&hn=www.googleads...
  • https://www.google.de/pagead/1p-conversion/863262324/?random=1238645576&cv=11&fst=1677763811788&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=NAwCCJTDvd8CEPSs0ZsD&hn=www.googleadse...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/863262324/?random=1238645576&cv=11&fst=1677763811788&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=NAwCCJTDvd8CEPSs0ZsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0stQm9BWVE1cVQwaG9MQW8td3VFaVVBcVZVdjhWVjJxTnNPb056VU5MTkdMdGxOUkFfT0RxcFQzdmd0Tm0zcGlqeUJKZmJXGlhDaEVJZ0stQm9BWVFuLVR3eEpfLTU5XzdBUkl0QUExSU5WQlN2SWQtRkxLRWRIa0NKQ3VxdWEzeTdDOE0zN19GQjZSb0x6ajAwSUc4cXhuYTQ3Z2VMY1lF&is_vtc=1&ocp_id=5KQAZI7WA9jm1gbElowo&cid=CAQSKQDUE5ymiWXmwkY84pFvLrxt3_PAxKkhM3DJfKtzGKuu0WGvLRTi0VKc&random=3451223376&ipr=y&prhg=0
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H3
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/863262324/?random=1238645576&cv=11&fst=1677763811788&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=NAwCCJTDvd8CEPSs0ZsD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0stQm9BWVE1cVQwaG9MQW8td3VFaVVBcVZVdjhWVjJxTnNPb056VU5MTkdMdGxOUkFfT0RxcFQzdmd0Tm0zcGlqeUJKZmJXGlhDaEVJZ0stQm9BWVFuLVR3eEpfLTU5XzdBUkl0QUExSU5WQlN2SWQtRkxLRWRIa0NKQ3VxdWEzeTdDOE0zN19GQjZSb0x6ajAwSUc4cXhuYTQ3Z2VMY1lF&is_vtc=1&ocp_id=5KQAZI7WA9jm1gbElowo&cid=CAQSKQDUE5ymiWXmwkY84pFvLrxt3_PAxKkhM3DJfKtzGKuu0WGvLRTi0VKc&random=3451223376&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/10865976765/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10865976765/?random=1141178806&cv=11&fst=1677763812137&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=FfadCJnh_KkDEL...
  • https://www.google.com/pagead/1p-conversion/10865976765/?random=1141178806&cv=11&fst=1677763812137&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=FfadCJnh_KkDEL3Lpr0o&hn=www.googlea...
  • https://www.google.de/pagead/1p-conversion/10865976765/?random=1141178806&cv=11&fst=1677763812137&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=FfadCJnh_KkDEL3Lpr0o&hn=www.googlead...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/10865976765/?random=1141178806&cv=11&fst=1677763812137&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=FfadCJnh_KkDEL3Lpr0o&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0stQm9BWVE1cVQwaG9MQW8td3VFaVVBcVZVdjhWVjJxTnNPb056VU5MTkdMdGxOUkFfT0RxcFQzdmd0Tm0zcGlqeUJKZmJXGlhDaEVJZ0stQm9BWVFuLVR3eEpfLTU5XzdBUkl0QUExSU5WQ2dlTUJhN1VoQ1VIMGVXdFZBVXRpUi15RVJRVWJVOHdYQlVwd3NVbk1EYnM4UENmX3FEdmM3&is_vtc=1&ocp_id=5KQAZPPPCc3VxwLp2ZKIBw&cid=CAQSKQDUE5ymWAOutgnlr-KHkDGBfEWKlKq9QwvAgtrrrUlE1hlcoGK1u0YY&random=1867109627&ipr=y&prhg=0
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H3
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/10865976765/?random=1141178806&cv=11&fst=1677763812137&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&label=FfadCJnh_KkDEL3Lpr0o&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0stQm9BWVE1cVQwaG9MQW8td3VFaVVBcVZVdjhWVjJxTnNPb056VU5MTkdMdGxOUkFfT0RxcFQzdmd0Tm0zcGlqeUJKZmJXGlhDaEVJZ0stQm9BWVFuLVR3eEpfLTU5XzdBUkl0QUExSU5WQ2dlTUJhN1VoQ1VIMGVXdFZBVXRpUi15RVJRVWJVOHdYQlVwd3NVbk1EYnM4UENmX3FEdmM3&is_vtc=1&ocp_id=5KQAZPPPCc3VxwLp2ZKIBw&cid=CAQSKQDUE5ymWAOutgnlr-KHkDGBfEWKlKq9QwvAgtrrrUlE1hlcoGK1u0YY&random=1867109627&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fl
www.group-ib.com/api/
665 B
721 B
XHR
General
Full URL
https://www.group-ib.com/api/fl?u=6be38e00-b86b-11ed-b39e-b20c7082bf77&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=uXceJL8jXHnLoPs52oF2mn%2FK37OFKJr0D61zFqOgp9a2KVVAlfUPKwNqJz5NqN2yS4uPcwqYUfPX9oB%2FKnkrMwoFS1owde8OLveiGqqZCS3bzY1VB%2BooxSr9WItaeWxUEyUBVO8sh5nV2qRY33HKJZkkDtrBqImIaD2d
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
3aff1e55428c46c7efc7eeeac582eade44fba4ae678b6e4af603b7793284b045

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
WYiI1b0qXTB4OLe1cO8W28sOemiqXVldHqj3WZEZa9HwS+dhgUXi4UYVafIJ1+5dSoNhUI6aLXWJX/xfnXMkuTs2NmDfqOKksI9GUYR4ATnICVmiTRGARk2hlkXjW1ZpRfWvWVPh7cq9t61HOzwjo3UjawpM3HJAZ7n+Vt6x/dIoks/HI4s3TWJZ/VMwax2fgMgj9+na/ruQ7t3XZw5+O9NY+uM8QdoX0r/+eXISqMReaNxvqrEaLe2nw4LBFQ==, WYiI1b0qXTB4OLe1cO8W28sOemiqXVldHqj3WZEZa9HwS+dhgUXi4UYVafIJ1+5dSoNhUI6aLXWJX/xfnXMkuTs2NmDfqOKksI9GUYR4ATnICVmiTRGARk2hlkXjW1ZpRfWvWVPh7cq9t61HOzwjo3UjawpM3HJAZ7n+Vt6x/dIoks/HI4s3TWJZ/VMwax2fgMgj9+na/ruQ7t3XZw5+O9NY+uM8QdoX0r/+eXISqMReaNxvqrEaLe2nw4LBFQ==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
I85Za0448a610e1d26ee50762819ad0bade91f27, TgVn9960eb3f0010bfe5a66d9c8edeee53f5f2df
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Mar 2023 13:30:12 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10865976765/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10865976765/?random=1677763812626&cv=11&fst=1677763812626&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dform_start&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10865976765&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c5cc3f2311b5573221262b69bf45abf65d311fddb33c62d3780b0b0e8a90713
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1242
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10865976765/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10865976765/?random=1677763812641&cv=11&fst=1677763812641&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&auid=424646229.1677763812&uamb=0&uaw=0&data=event%3Dform_submit&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10865976765&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c838e2745b0e703bb0be755c0ecdf3bea6f7facfe3205c9c36563948d6094c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1239
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 2C18
0
50 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.group-ib.com
Referer
https://www.group-ib.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.group-ib.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 13:30:12 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
10865976765
google.com/ccm/form-data/
0
255 B
Ping
General
Full URL
https://google.com/ccm/form-data/10865976765?gtm=45be32r0&hn=www.googleadservices.com&auid=424646229.1677763812&uamb=0&uaw=0&em=tv.1~em.7t_xDy9vM7RQb0hGSYZfT5avdC_4aL3KQNrTANe8dhk&ecsid=646616384.1677763813
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10865976765
google.com/pagead/form-data/
0
0
Ping
General
Full URL
https://google.com/pagead/form-data/10865976765?gtm=45be32r0&hn=www.googleadservices.com&auid=424646229.1677763812&ec_mode=a&uamb=0&uaw=0&em=tv.1~em.7t_xDy9vM7RQb0hGSYZfT5avdC_4aL3KQNrTANe8dhk
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

10865976765
google.com/ccm/form-data/
0
54 B
Ping
General
Full URL
https://google.com/ccm/form-data/10865976765?gtm=45be32r0&hn=www.googleadservices.com&auid=424646229.1677763812&uamb=0&uaw=0&em=tv.1~em.7t_xDy9vM7RQb0hGSYZfT5avdC_4aL3KQNrTANe8dhk&ecsid=646616384.1677763813
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10865976765/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/10865976765/?random=1677763812626&cv=11&fst=1677762000000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&data=event%3Dform_start&fmt=3&is_vtc=1&random=3460499962&rmt_tld=0&ipr=y
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10865976765/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/10865976765/?random=1677763812626&cv=11&fst=1677762000000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&data=event%3Dform_start&fmt=3&is_vtc=1&random=3460499962&rmt_tld=1&ipr=y
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10865976765/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/10865976765/?random=1677763812641&cv=11&fst=1677762000000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&data=event%3Dform_submit&fmt=3&is_vtc=1&random=4190756653&rmt_tld=0&ipr=y
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10865976765/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/10865976765/?random=1677763812641&cv=11&fst=1677762000000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&data=event%3Dform_submit&fmt=3&is_vtc=1&random=4190756653&rmt_tld=1&ipr=y
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 13:30:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fl
www.group-ib.com/api/
665 B
740 B
XHR
General
Full URL
https://www.group-ib.com/api/fl?u=6be38e00-b86b-11ed-b39e-b20c7082bf77&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=yqXvpLmx5v826B%2B0Dvmcblhs%2B9dqg2W0BvzE2K7fH1PTGpwafwD0EDEUix2mW5QD1NaYkKcFsebUiy7gyhX6ByQJnImSzrH7vG15Yt237ERKqHX0ad1EAD%2F%2FF10pSpkdbHQLuqekk3WlrIYfMQNPSyJqihkHuM0STGqh
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
dc925639feffcca59766bf2057ac65612dc57cf2e9fe89f5d857197f66898bab

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
37+0SSd0xYq/CQdRWelLY6AnBaIxVnVelTBr4ee0GWOEgF41g3WM/teYkzYysE9HLZa+KJbXJzgPY8igXSnFmW4tgl3us7IPn3c9MvPP1R21osGWs80LFO7XVEzk4vywtCpqzwr1BfiTZLlnPHD5/P/vUprmKJptx5RFELUKvl2C8LOLrt2NcszjpZYaBEvCT5X469aw12rKMpWVMo7KuJtTlDkeETlfqxHhVGoWKh3jrrBnvpbIE/PwIHz76Q==, 37+0SSd0xYq/CQdRWelLY6AnBaIxVnVelTBr4ee0GWOEgF41g3WM/teYkzYysE9HLZa+KJbXJzgPY8igXSnFmW4tgl3us7IPn3c9MvPP1R21osGWs80LFO7XVEzk4vywtCpqzwr1BfiTZLlnPHD5/P/vUprmKJptx5RFELUKvl2C8LOLrt2NcszjpZYaBEvCT5X469aw12rKMpWVMo7KuJtTlDkeETlfqxHhVGoWKh3jrrBnvpbIE/PwIHz76Q==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
zP9Xd0d674a20170fa413429b71dbc875700d648, pqId57383cc626e93619744aecb85ff613f3c3a6
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Mar 2023 13:30:12 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
img.gif
b.6sc.co/v1/beacon/
43 B
494 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=e84d9c08a990af8592952e7ac9a983ad&svisitor=null&visitor=4a9488d7-1534-4a06-83fc-58ea034b5346&session=3d0b1df5-5ccb-416e-8c19-d72f25df2956&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20Mar%202023%2013%3A30%3A13%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20Mar%202023%2013%3A30%3A12%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%221004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Group-IB%20provides%20professional%20assistance%20in%20response%20to%20DDoS%20attacks%2C%20unsanctioned%20access%2C%20phishing%2C%20infection%20by%20malware%20and%20etc.%20Inform%20us%20about%20the%20incident%20and%20we%20will%20help%20you.%22%2C%22keywords%22%3A%22response%2C%20center%2C%20incident%2C%20cert%2C%20computer%2C%20emergency%2C%20SOC%2C%20team%2C%20DDoS%2C%20phishing%2C%20malware%2C%20fraud%2C%20online%22%2C%22title%22%3A%22Response%20to%20information%20security%20incidents%20-%20CERT-GIB%22%7D&cb=&r=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&pageViewId=50c81624-6b1f-4cfa-8e55-678d1bcb6eee&an_uid=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-140-70.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:13 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
fl
www.group-ib.com/api/
665 B
804 B
XHR
General
Full URL
https://www.group-ib.com/api/fl?u=6be38e00-b86b-11ed-b39e-b20c7082bf77&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=b6W8PzQ3HIObTYytfOtqqGd7K4UUKVGCfclAlq00Kd%2B7%2FTEbiNx5O6Hj4o2TbjGFfY3wqNCVOUGCn4oOx18YqzLXbtZkcRZRdW6dmon6yCMFgXgfo1MJPXbq4U8RdnNII7RtbflgAKdtHjMdDwNS2G08xiJaqa3wgpux
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
efd9f31e3ffc384d716a4fa7291e27c4326e11f7d240cb016799372f8959b418

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
DgM8FuzHOARkhjBPWjGbvEnVeKU8TYTl181ZdXJxl0go851a5QNVbu0GMO7vDqw+aXSugZ42kcIBb860aETX/GybUJqsFQgFZ++Fd2AWr0Fez+Z9rShLuKEXsjCMgNR4hT8uDQ7wYlGo2Ost1VGt760LwyRaUHFP+Wb9rwLGX9XOBnhYPHC6aiRJi05wZJwTS4X7HqFcqHFQd8/4H5g1E2/amcSnBqyvYIjgq1bxA4+tS81qMwps6hSYNKXvQw==, DgM8FuzHOARkhjBPWjGbvEnVeKU8TYTl181ZdXJxl0go851a5QNVbu0GMO7vDqw+aXSugZ42kcIBb860aETX/GybUJqsFQgFZ++Fd2AWr0Fez+Z9rShLuKEXsjCMgNR4hT8uDQ7wYlGo2Ost1VGt760LwyRaUHFP+Wb9rwLGX9XOBnhYPHC6aiRJi05wZJwTS4X7HqFcqHFQd8/4H5g1E2/amcSnBqyvYIjgq1bxA4+tS81qMwps6hSYNKXvQw==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
6heu3a6ab582db99899435c8ead0028f57532a5c, 65Xu87a68c803588241fddb37974f500ccc612f2
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Mar 2023 13:30:13 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
img.gif
b.6sc.co/v1/beacon/
43 B
494 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=e84d9c08a990af8592952e7ac9a983ad&svisitor=null&visitor=4a9488d7-1534-4a06-83fc-58ea034b5346&session=3d0b1df5-5ccb-416e-8c19-d72f25df2956&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20Mar%202023%2013%3A30%3A14%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20Mar%202023%2013%3A30%3A13%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Group-IB%20provides%20professional%20assistance%20in%20response%20to%20DDoS%20attacks%2C%20unsanctioned%20access%2C%20phishing%2C%20infection%20by%20malware%20and%20etc.%20Inform%20us%20about%20the%20incident%20and%20we%20will%20help%20you.%22%2C%22keywords%22%3A%22response%2C%20center%2C%20incident%2C%20cert%2C%20computer%2C%20emergency%2C%20SOC%2C%20team%2C%20DDoS%2C%20phishing%2C%20malware%2C%20fraud%2C%20online%22%2C%22title%22%3A%22Response%20to%20information%20security%20incidents%20-%20CERT-GIB%22%7D&cb=&r=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&pageViewId=50c81624-6b1f-4cfa-8e55-678d1bcb6eee&an_uid=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-140-70.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:30:14 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 02:04:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f03226-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| credentialless object| gib boolean| __gibclatt boolean| __86a4b3f1c71b93a8cb28ae2a51a4c386__ function| gibSetAttribute function| gibSetAttributeCallback function| gibRemoveAttribute function| gibHash function| gibEncrypt string| __guc__1.0.0 object| dataLayer function| gtag function| $ function| jQuery object| conf function| fbAsyncInit function| _classCallCheck function| executeFunctionByName function| _createClass object| landing object| certainDomains object| publicDomains function| Tiles function| Action object| actions function| CubicGallery function| CubicGallery2 function| Parallax function| Popup function| SelectThis function| CubicForm function| CubicSticky function| SwipeDetector function| CubicSwitcher function| CubicTabs function| ChangeForm function| Shifter function| ClipboardJS function| raf object| gacid object| gaClientId object| FB function| Accordeon function| EmailsBase function| wr function| Cookies function| CrmForm function| Marketo object| merchPop function| metrics object| LinkedIn object| News object| showMore object| News2 function| PollForm function| fillPoll function| Share function| ShowMore2 function| CubicTags function| Test function| Tumbler function| initTumbler function| Unsubscribe object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| hubspot object| HubSpotForms object| _hsq object| hbspt object| hsFormsOnReady object| _6si function| twq object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| fbq function| _fbq object| _NBSettings object| popups function| initCrmForms string| GoogleAnalyticsObject function| ga object| __buffer function| onYouTubeIframeAPIReady object| gaGlobal object| MktoForms2 object| SENTRY_RELEASE undefined| Raven object| _nb object| regeneratorRuntime object| twttr object| ziws object| gaplugins object| gaData function| lintrk

37 Cookies

Domain/Path Name / Value
www.group-ib.com/ Name: gssc213174
Value:
.www.group-ib.com/ Name: __zzatgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: MDA0dBA=Fz2+aQ==
.group-ib.com/ Name: __zzatgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: MDA0dBA=Fz2+aQ==
.www.group-ib.com/ Name: __zzatgib-w-group-ib
Value: MDA0dBA=Fz2+aQ==
.group-ib.com/ Name: __zzatgib-w-group-ib
Value: MDA0dBA=Fz2+aQ==
.app-lon09.marketo.com/ Name: __cf_bm
Value: 1EptgoIM6dFVt_DVXHXz5jW7infKERYfN8hw5hTVm3w-1677763811-0-AeBD4b/C9+oiAW+sB+TLjEIKbW0XsKFL5zTysYTbQnigKzyyk97RPtlFiNpTqbsuIoS1dheMOOsOMw43jt51PaA=
.ws.zoominfo.com/ Name: visitorId
Value: c9b57d9c781dbe221558e287536f8aa66c17a0b8f5890b6c075c9563ebefe4aa
.zoominfo.com/ Name: __cf_bm
Value: LFRqxkTTLJAcDFtfJRvMk8ugG0RLHKIgQ_j8Ow7jT.8-1677763811-0-AS1NzIV/44EvEJRm/QWs61Lf3RlOAkLQqgv3UC+aQrfpbR9xCN2fTbWqe59RB9mGt7PQmoy93u/NAr7WIbtil1I=
.zoominfo.com/ Name: _cfuvid
Value: yAI8Gr4hab5YRkreUyUngEhfXfnwhsVRRu6OeRHfwQM-1677763811813-0-604800000
.doubleclick.net/ Name: IDE
Value: AHWqTUmiJx7f5lwUCWIOPoCCdczUhiXUE4RJ42AiF0_jMJVUSL4VZ3NqM31atrPm
.group-ib.com/ Name: _ga
Value: GA1.2.1287132248.1677763812
.group-ib.com/ Name: _gid
Value: GA1.2.360363956.1677763812
.group-ib.com/ Name: _dc_gtm_UA-25492706-2
Value: 1
.group-ib.com/ Name: _fbp
Value: fb.1.1677763812100.1781688689
.id.group-ib.com/ Name: gcfids
Value: 579RNuCrnVf0RCW7XUFxpAcNozdYKIGXIgXHFPgITJqea24vAMzzfTC2ADT5lV1Y3hDDPwTqVttVvx4pB1UO82BK3fMMfuxUpnYvB5Y83w-5tkbvJa5L1CFQjB+9
www.group-ib.com/ Name: _an_uid
Value: 0
www.group-ib.com/ Name: _gd_visitor
Value: 4a9488d7-1534-4a06-83fc-58ea034b5346
www.group-ib.com/ Name: _gd_session
Value: 3d0b1df5-5ccb-416e-8c19-d72f25df2956
.t.co/ Name: muc_ads
Value: 81fefc63-804a-4783-bfb2-b2456a45e746
.twitter.com/ Name: personalization_id
Value: "v1_H+ZaAQpQ3Ul2i8efJvslQA=="
www.group-ib.com/ Name: ln_or
Value: eyI0NDk2NjAxIjoiZCJ9
.linkedin.com/ Name: UserMatchHistory
Value: AQJkjib6uqOzOgAAAYaihBujdm1jkYE-rgcL1za-7WrddNaF5tJcNahnWdP-RYiLalJb6B_hkYP7tw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQI6XGmqRntMFwAAAYaihBujNb1uFD8ZVsYL8P_39kQN-gF1pzxuQ_LNvgZVlGFnrztpVyECnlMOUaJrppzJSw
.linkedin.com/ Name: bcookie
Value: "v=2&8549885e-9a98-4e23-80f7-a67876748c10"
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2485:u=1:x=1:i=1677763812:t=1677850212:v=2:sig=AQHsTrxSyngT4lJJnimsvJch7YpekgMj"
.6sc.co/ Name: 6suuid
Value: 355b6068ff340000e4a40064fa010000b7520200
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230302133012e9da0fc3-c764-4b74-87b8-0dfdd74cac8eAQG7TtgWy4XNRjaNyo-nkEK0bch59j0u"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Nzc3NjM4MTI7MjswMjEXVuuJRk89jaABhGmFWrP5IcNm09we1igrHqNYKW3YaA==
.group-ib.com/ Name: _ga_QMES53K3Y2
Value: GS1.1.1677763811.1.0.1677763812.59.0.0
.group-ib.com/ Name: _gcl_au
Value: 1.1.424646229.1677763812.646616384.1677763813.1677763812
www.group-ib.com/ Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: 2LI1lrU0a0H1Oz//U1OGYlJ4cV8QaQURKz6MWAu+LqheS/Io+jwpze6uedYcOfMXnAHC1GSBZM9F+Ko74hAIcaTrO6XWnWGBNbDedhPSUNDdvLDCR85FMNpiAqy1ZXLA1mNATrKNVNJnUznkBbHN/cPslbE4OjnJ+i5D
.www.group-ib.com/ Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: 2LI1lrU0a0H1Oz//U1OGYlJ4cV8QaQURKz6MWAu+LqheS/Io+jwpze6uedYcOfMXnAHC1GSBZM9F+Ko74hAIcaTrO6XWnWGBNbDedhPSUNDdvLDCR85FMNpiAqy1ZXLA1mNATrKNVNJnUznkBbHN/cPslbE4OjnJ+i5D
.group-ib.com/ Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: 2LI1lrU0a0H1Oz//U1OGYlJ4cV8QaQURKz6MWAu+LqheS/Io+jwpze6uedYcOfMXnAHC1GSBZM9F+Ko74hAIcaTrO6XWnWGBNbDedhPSUNDdvLDCR85FMNpiAqy1ZXLA1mNATrKNVNJnUznkBbHN/cPslbE4OjnJ+i5D
.www.group-ib.com/ Name: gsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: DgM8FuzHOARkhjBPWjGbvEnVeKU8TYTl181ZdXJxl0go851a5QNVbu0GMO7vDqw+aXSugZ42kcIBb860aETX/GybUJqsFQgFZ++Fd2AWr0Fez+Z9rShLuKEXsjCMgNR4hT8uDQ7wYlGo2Ost1VGt760LwyRaUHFP+Wb9rwLGX9XOBnhYPHC6aiRJi05wZJwTS4X7HqFcqHFQd8/4H5g1E2/amcSnBqyvYIjgq1bxA4+tS81qMwps6hSYNKXvQw==
.group-ib.com/ Name: gsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: DgM8FuzHOARkhjBPWjGbvEnVeKU8TYTl181ZdXJxl0go851a5QNVbu0GMO7vDqw+aXSugZ42kcIBb860aETX/GybUJqsFQgFZ++Fd2AWr0Fez+Z9rShLuKEXsjCMgNR4hT8uDQ7wYlGo2Ost1VGt760LwyRaUHFP+Wb9rwLGX9XOBnhYPHC6aiRJi05wZJwTS4X7HqFcqHFQd8/4H5g1E2/amcSnBqyvYIjgq1bxA4+tS81qMwps6hSYNKXvQw==
.www.group-ib.com/ Name: fgsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: p70N19ccf7efe2d72a5926a83ff2621db3b639e7
.group-ib.com/ Name: fgsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: p70N19ccf7efe2d72a5926a83ff2621db3b639e7

5 Console Messages

Source Level URL
Text
network error URL: https://www.group-ib.com/cert.html
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
network error URL: https://www.group-ib.com/api/fl/idgib-w-group-ib
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.group-ib.com/media/wp-admin/admin-ajax.php?action=mediaforcert
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
app-lon09.marketo.com
b.6sc.co
c.6sc.co
cdn.linkedin.oribi.io
cdn.neverbounce.com
cert-gib.com
connect.facebook.net
fhp-aws-antibot-back.group-ib.com
fonts.googleapis.com
forms-eu1.hsforms.com
forms.hsforms.com
google.com
googleads.g.doubleclick.net
ipv6.6sc.co
j.6sc.co
js-eu1.hsforms.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
ru.id.group-ib.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.group-ib.com
www.linkedin.com
104.16.92.80
104.244.42.67
104.244.42.69
104.96.140.70
13.107.42.14
13.225.78.38
142.250.185.98
146.75.116.157
172.65.232.43
172.65.255.172
185.17.9.183
185.89.210.46
2001:4860:4802:34::36
2600:9000:20eb:2e00:2:53b2:240:93a1
2606:4700::6810:5605
2606:4700::6810:650c
2620:1ec:21::14
2a00:1450:4001:810::200e
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:400d:80a::2004
2a00:1450:400d:80a::200e
2a00:1450:4025:401::9c
2a02:26f0:11a:39e::1c91
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.72.181.255
3.72.191.153
5.9.185.28
0430dd3b974561238dac03eb963a67da014965080c3d2de38d5b7aa318f3053e
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
077dad3be3a10854dc97527ce83bbf6422309d807f6e4b3492de78005d786cdc
0c838e2745b0e703bb0be755c0ecdf3bea6f7facfe3205c9c36563948d6094c1
141397708f146e91f2a8137f1897e36d558af1c3c2e552c6aeda5f5d0a7448b0
1469e452ab1d117413807176eb66fef473ec98c63d7c5f11f7701d07d5438ebf
163907259fa19c5b768aea83f82db575b01aad0fd5fbf9ac448d3db383229547
1c1f84999ca1b5630dd3773613004cf8cb9832bf030595dc4f42bf343a0581c4
206d8cf5d1a0149c666651755b0f7b0b62a50882d61a5d18eaddc7317bb92a53
2182c7c52d0d00a3867cd805e699903609504621a5088a51c9cdd07ad5a53197
22f34f75d7f159a8ce4360c04415313ed42074684d46983713e3a015f8771927
23bdee2f5a108811f9bcf18c3dfe32e60d77a5c76851d2aa8c73a14f4f2411cf
28aabea3885481e4a5fe0c4031bbea2e9ab1d4cca1adeac5ccde868d49ec0019
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3aff1e55428c46c7efc7eeeac582eade44fba4ae678b6e4af603b7793284b045
3cbdeb53c566f58fa2298177c12defc90c733843c50e2fd4147d9597d33a1e34
3dd4b088ab105f30c06ccea664b41ad4d8308bca0d79497bfd795113e7d616c6
3dfb83a15a1a69fb2c6355797651535983e30f2ebee4666b987b217780a18f61
430f521406ecf205965fcced5f471b20aee9e7afc086c835df774a10666302cc
48dcfb6f699f2b4601e387a2c338ecd86589342e957bdc153650df90f3c175a9
54312170e3dc88acab6b48a1262be650d760d4e3509d1f2d7cc69ac8acf75ec8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5979e1170f6b2c707bf46ad3e998261a4d811ffca0b56200a47fb6f5fa799da8
5c383c66beae35484e29311a9e17e2be6dc409c6fcf365e5cf9b11df2e6fe336
66d609b0c975493c48e785524fbb6cfa5d28ea59d8d7e5e12bd4a8c5b8556f67
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d6b766a86ee59cc94e61ba039af69a6adf0dc75e9eaa15522072d970f5090fd
7061e8c6ca7c7b9eb635d5bc9154ade9f524ed694c9b4834f3404b2af189c610
721c3b992942c1a26e693c8eabd0242d4b26c1a55d6a1cfdf3a7a8f14ae6c1cc
7241c9be158561a06dec27b1546746edb4cdfad13b49b22a59906f3b223721a2
74711bb799e7d4712bcdc9fdf42f5acb835448d1ec23936a1d46a087e192e378
74a02ff107402492b9e19e4c7c550a9db662bfcb3a8bebc372d4ac8fb0a90fff
756fc1c26e7451568fba7f9b0e1365c1d3f3585d911c49020ee0678564da7d06
77946d2e0c9dc05598fd43c854c357709def17f2eb08a80b38f2368b608c2e07
77d394a1dd590551f25748c1daceb7b5ebcb49d55ef7ec69dce4c4b33a5b4161
7b12bc0e3c26c7489b7b00b5eac170133e840e004baac496b88c23db28353ad4
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c5cc3f2311b5573221262b69bf45abf65d311fddb33c62d3780b0b0e8a90713
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844bb56d9d924583139e6f89aa998b215f3a7516cafc5e448c64e8cde29361e5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b3ecc577e9722ca0bb5fd08ce6e5b800b114001af146f2a03865ab2859e9eb1
949f51955b17f22d4d90d2a0406e7f7aed0d2242f8ea51b981f8029d0005146a
96a6001a342e4c3f87e5bf80a35541f4967c0a2d94eb185d030a752d5b05f645
96c4e58e8a03bbdefeb244e74873ce152349cdb30b308628dd7c3e2d7c7e118a
98798d0e87b53006f4a5e5225a1c3f968075937b75aa0d7cca0506bda9063e55
9952fe5c50e3a31a36b54a8444c45b4c54081ee133d1b19229f0996840c82a3f
9ee338bd03594461a939b661840e43fec02d7345e19e3ad12509c06ba37ad355
9f30bdf3c00a3a36b912f932d4e3da2adca1c152627ba89664adb5a36b76def1
9f76fca582f32f2da3a5f6c1fbfd29f75a599227fc58c9a3acde24fd25550246
a0123eded788d31af982c69073accde95512f79937578813e722c1bf4abbed27
a138c249b501af8ef53ac907a5cc8f9ba7a7a75b35d7c4cd4951eda4c4aa6e54
aae7ad9457e2dd2c98a7865cdafb37b38e36ee435fb273ab067e70df891e8d7d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae18a90239622457b4480a7b680302e038c67e8913d4057569c409d1306c4c9a
beeb705b69f299ad7567ae7ba292ae685556a7082531220a088a0d3b3307c410
c678f7ebeaf42ae73a6b84255ed78e47baa5f2fa1718892dd24d5064bfe67117
c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
cba8dab9146aa4c7695c71ec3c6dd57b5e7c3c26cf53709866aa9ca7da1de491
cbd38f4d44ad316257c6d3179f980798a97688e6ff1df6d94f66cad4b46945a7
cf7d55489b695be4668942c917f903214288c46c3af6b59f6adee681626ed9bb
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
db2159b8171386f6118d208aa28781d078dbba4a9e918e8fb0178e9ea7853629
dc925639feffcca59766bf2057ac65612dc57cf2e9fe89f5d857197f66898bab
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ded55cbf9d02c49eb0d17a6b7bac0b8285445c1a54a2d7f8f292ace570defc8f
dfef3b3b725657391e24cf6811a83b43162d15068bc0ce8544e88f06512b9450
e31c2148495879e37632753f2b1020cf7ff852f0b06b90dc3005d529bbcf958e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c493c0e0e1465b5defe03de82e9f666563a56560c341cdc6e69f5f1336cf34
e51d180997efe01b05d525240cff9025620bf4cc3b34487c6890742a2b1ed7d4
e879f79cf3432a5c0e30fe7ff7bbbccf97fb8adf675ea88a3349f22936b73a9d
ee8ee2a6b7105c210abdee26cc08db78c81d6409857639a8f8c084f955cb55f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd9f31e3ffc384d716a4fa7291e27c4326e11f7d240cb016799372f8959b418
f1a76ecbcbefc0b357ce381eba61f68a4d2c8c5297ec27ec3380ed03edbe5744
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f60874d2e582af8c774cbef1d208f8a02fd770495d769bbb4d2b0c06814ed8af
f861bad7e2c91ffabeed5b2eceeb943001ebe1c4ff4fa131a2b574e1a6c34b1a
fd357cc2e7bb468b19a1078aa15a4c4e1fa4a2e5bf824d4074396b9ae5c5e418
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe9a7ca1e475140e6b37fbc86a5efcd3251be4348137aa07231bd91ee8678b7c